man.dnssec-revoke.html revision 71cef386fae61275b03e203825680b39fedaa8c6
d6fa26d0adaec6c910115be34fe7a5a5f402c14fMark Andrews<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
71cef386fae61275b03e203825680b39fedaa8c6Tinderbox User - Copyright (C) 2000-2018 Internet Systems Consortium, Inc. ("ISC")
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - This Source Code Form is subject to the terms of the Mozilla Public
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - License, v. 2.0. If a copy of the MPL was not distributed with this
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - file, You can obtain one at http://mozilla.org/MPL/2.0/.
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
7e71f05d8643aca84914437c900cb716444507e4Tinderbox User<link rel="prev" href="man.dnssec-keymgr.html" title="dnssec-keymgr">
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater<link rel="next" href="man.dnssec-settime.html" title="dnssec-settime">
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<tr><th colspan="3" align="center"><span class="application">dnssec-revoke</span></th></tr>
7e71f05d8643aca84914437c900cb716444507e4Tinderbox User<a accesskey="p" href="man.dnssec-keymgr.html">Prev</a>�</td>
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater<td width="20%" align="right">�<a accesskey="n" href="man.dnssec-settime.html">Next</a>
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<a name="man.dnssec-revoke"></a><div class="titlepage"></div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <span class="application">dnssec-revoke</span>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User — set the REVOKED bit on a DNSSEC key
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User [<code class="option">-v <em class="replaceable"><code>level</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>]
7e71f05d8643aca84914437c900cb716444507e4Tinderbox User<a name="id-1.14.14.7"></a><h2>DESCRIPTION</h2>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <p><span class="command"><strong>dnssec-revoke</strong></span>
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt reads a DNSSEC key file, sets the REVOKED bit on the key as defined
fd0b768f4c23d22c89f8a156a632831583b7fb68Automatic Updater in RFC 5011, and creates a new pair of key files containing the
fd0b768f4c23d22c89f8a156a632831583b7fb68Automatic Updater now-revoked key.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <div class="variablelist"><dl class="variablelist">
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt Emit usage message and exit.
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt Sets the directory in which the key files are to reside.
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt After writing the new keyset files remove the original keyset
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt Sets the debugging level.
6f1205897504b8f50b1785975482c995888dd630Tinderbox User Prints version information.
8ec3c085233cedb22b05da36e2773c8f357a7e45Automatic Updater<dt><span class="term">-E <em class="replaceable"><code>engine</code></em></span></dt>
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User Specifies the cryptographic hardware to use, when applicable.
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User When BIND is built with OpenSSL PKCS#11 support, this defaults
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User to the string "pkcs11", which identifies an OpenSSL engine
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User that can drive a cryptographic accelerator or hardware service
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User module. When BIND is built with native PKCS#11 cryptography
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User (--enable-native-pkcs11), it defaults to the path of the PKCS#11
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User provider library specified via "--with-pkcs11".
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt Force overwrite: Causes <span class="command"><strong>dnssec-revoke</strong></span> to
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt write the new key pair even if a file already exists matching
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt the algorithm and key ID of the revoked key.
12bfbed87cfffa65ac300b72c5665ab38a355c2fAutomatic Updater Print the key tag of the key with the REVOKE bit set but do
12bfbed87cfffa65ac300b72c5665ab38a355c2fAutomatic Updater not revoke the key.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <span class="refentrytitle">dnssec-keygen</span>(8)
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
7e71f05d8643aca84914437c900cb716444507e4Tinderbox User<a accesskey="p" href="man.dnssec-keymgr.html">Prev</a>�</td>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater<td width="40%" align="right">�<a accesskey="n" href="man.dnssec-settime.html">Next</a>
7e71f05d8643aca84914437c900cb716444507e4Tinderbox User<span class="application">dnssec-keymgr</span>�</td>
1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater<td width="40%" align="right" valign="top">�<span class="application">dnssec-settime</span>
350e5eecadfc5ee72b11b2cc46828c9a0bcd717cTinderbox User<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.2 (Extended Support Version)</p>