doc/arm/man.dnssec-revoke.html

	man.dnssec-revoke.html revision dad65f7c93330a10705384739dff3a6d4dfe1e70
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer<!--
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - Copyright (C) 2000-2003 Internet Software Consortium.
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence -
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer - Permission to use, copy, modify, and/or distribute this software for any
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer - purpose with or without fee is hereby granted, provided that the above
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer - copyright notice and this permission notice appear in all copies.
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence -
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - PERFORMANCE OF THIS SOFTWARE.
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer-->
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer<!-- $Id$ -->
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews<html>
47058d17266420179fa294de6b82d8fb5b918df4Michael Sawyer<head>
f17b62a64bec4690f7ef0263efee1fa727b66fd5Michael Sawyer<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
f17b62a64bec4690f7ef0263efee1fa727b66fd5Michael Sawyer<title>dnssec-revoke</title>
f17b62a64bec4690f7ef0263efee1fa727b66fd5Michael Sawyer<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
f17b62a64bec4690f7ef0263efee1fa727b66fd5Michael Sawyer<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
f17b62a64bec4690f7ef0263efee1fa727b66fd5Michael Sawyer<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
f17b62a64bec4690f7ef0263efee1fa727b66fd5Michael Sawyer<link rel="prev" href="man.dnssec-keygen.html" title="dnssec-keygen">
f17b62a64bec4690f7ef0263efee1fa727b66fd5Michael Sawyer<link rel="next" href="man.dnssec-settime.html" title="dnssec-settime">
f17b62a64bec4690f7ef0263efee1fa727b66fd5Michael Sawyer</head>
f17b62a64bec4690f7ef0263efee1fa727b66fd5Michael Sawyer<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer<div class="navheader">
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer<table width="100%" summary="Navigation header">
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer<tr><th colspan="3" align="center"><span class="application">dnssec-revoke</span></th></tr>
6fc790c46083510fec0600f96951ddaa66bf7207Michael Sawyer<tr>
0819ae2ca51571d205df061b52d8468889f3a0dfMichael Sawyer<td width="20%" align="left">
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer<a accesskey="p" href="man.dnssec-keygen.html">Prev</a>�</td>
5d20773abcdf9ff3afe14a349413174f94594188Michael Sawyer<th width="60%" align="center">Manual pages</th>
dc570b92f6cc60def4207733c7a194fbb69a4399Michael Sawyer<td width="20%" align="right">�<a accesskey="n" href="man.dnssec-settime.html">Next</a>
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer</td>
83a44df0a1dcc1760c7e4ad45eae801b5144592cBrian Wellington</tr>
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer</table>
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer<hr>
c9defbf4b968e8a61f391246431ac63d0d6a39abMichael Sawyer</div>
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence<div class="refentry" lang="en">
c9defbf4b968e8a61f391246431ac63d0d6a39abMichael Sawyer<a name="man.dnssec-revoke"></a><div class="titlepage"></div>
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer<div class="refnamediv">
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer<h2>Name</h2>
a5ed46c9fd270775c39770bfd0250a52d374ebf2Michael Sawyer<p><span class="application">dnssec-revoke</span> &#8212; Set the REVOKED bit on a DNSSEC key</p>
dc570b92f6cc60def4207733c7a194fbb69a4399Michael Sawyer</div>
263408006365a7b4647d2eb645850b018edb47aaMichael Sawyer<div class="refsynopsisdiv">
24139527f3d0d3fe743bd867329a2edd529728a6Andreas Gustafsson<h2>Synopsis</h2>
c9defbf4b968e8a61f391246431ac63d0d6a39abMichael Sawyer<div class="cmdsynopsis"><p><code class="command">dnssec-revoke</code>  [<code class="option">-hr</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f</code>] [<code class="option">-R</code>] {keyfile}</p></div>
c9defbf4b968e8a61f391246431ac63d0d6a39abMichael Sawyer</div>
c9defbf4b968e8a61f391246431ac63d0d6a39abMichael Sawyer<div class="refsect1" lang="en">
c9defbf4b968e8a61f391246431ac63d0d6a39abMichael Sawyer<a name="id2617817"></a><h2>DESCRIPTION</h2>
5d20773abcdf9ff3afe14a349413174f94594188Michael Sawyer<p><span><strong class="command">dnssec-revoke</strong></span>
25a66b4e41e2b0a2af4840749bac80ae78c678bfMark Andrews      reads a DNSSEC key file, sets the REVOKED bit on the key as defined
6bc106bb7ed216ca3a86245181ea8e2b0b658a64Michael Sawyer      in RFC 5011, and creates a new pair of key files containing the
c9defbf4b968e8a61f391246431ac63d0d6a39abMichael Sawyer      now-revoked key.
c9defbf4b968e8a61f391246431ac63d0d6a39abMichael Sawyer    </p>
c9defbf4b968e8a61f391246431ac63d0d6a39abMichael Sawyer</div>
c9defbf4b968e8a61f391246431ac63d0d6a39abMichael Sawyer<div class="refsect1" lang="en">
c9defbf4b968e8a61f391246431ac63d0d6a39abMichael Sawyer<a name="id2617831"></a><h2>OPTIONS</h2>
263408006365a7b4647d2eb645850b018edb47aaMichael Sawyer<div class="variablelist"><dl>
b31e7ab8857a62eb94d4a6a681243739f158374dDanny Mayer<dt><span class="term">-h</span></dt>
b31e7ab8857a62eb94d4a6a681243739f158374dDanny Mayer<dd><p>
b31e7ab8857a62eb94d4a6a681243739f158374dDanny Mayer        Emit usage message and exit.
b493dfe8bce94b05efc0f161238d32f1234c5670Brian Wellington      </p></dd>
703e1c0bb66f3cd3d300358ca0c1fdf3cb5fb1c5Brian Wellington<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>
b493dfe8bce94b05efc0f161238d32f1234c5670Brian Wellington<dd><p>
703e1c0bb66f3cd3d300358ca0c1fdf3cb5fb1c5Brian Wellington            Sets the directory in which the key files are to reside.
9cc75a3e5b0b54c5015e3f73a4a64d273560d5e3Mark Andrews          </p></dd>
9cc75a3e5b0b54c5015e3f73a4a64d273560d5e3Mark Andrews<dt><span class="term">-r</span></dt>
9cc75a3e5b0b54c5015e3f73a4a64d273560d5e3Mark Andrews<dd><p>
9cc75a3e5b0b54c5015e3f73a4a64d273560d5e3Mark Andrews        After writing the new keyset files remove the original keyset
9cc75a3e5b0b54c5015e3f73a4a64d273560d5e3Mark Andrews        files.
9cc75a3e5b0b54c5015e3f73a4a64d273560d5e3Mark Andrews      </p></dd>
9cc75a3e5b0b54c5015e3f73a4a64d273560d5e3Mark Andrews<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
9cc75a3e5b0b54c5015e3f73a4a64d273560d5e3Mark Andrews<dd><p>
b31e7ab8857a62eb94d4a6a681243739f158374dDanny Mayer            Sets the debugging level.
b31e7ab8857a62eb94d4a6a681243739f158374dDanny Mayer          </p></dd>
b31e7ab8857a62eb94d4a6a681243739f158374dDanny Mayer<dt><span class="term">-E <em class="replaceable"><code>engine</code></em></span></dt>
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer<dd><p>
e715e011788a529446b8013239c33599542ece32Michael Sawyer            Use the given OpenSSL engine. When compiled with PKCS#11 support
7949dbdae1db33e6263d754e5940daa1dfba59f9Michael Sawyer            it defaults to pkcs11; the empty name resets it to no engine.
ebbfa36a628b935891b2f8a2c5936aef48b87151Michael Sawyer          </p></dd>
24139527f3d0d3fe743bd867329a2edd529728a6Andreas Gustafsson<dt><span class="term">-f</span></dt>
0c16c8a01139a46f35b0da3fbd7751363c728ebeMichael Sawyer<dd><p>
24139527f3d0d3fe743bd867329a2edd529728a6Andreas Gustafsson            Force overwrite: Causes <span><strong class="command">dnssec-revoke</strong></span> to
24139527f3d0d3fe743bd867329a2edd529728a6Andreas Gustafsson            write the new key pair even if a file already exists matching
24139527f3d0d3fe743bd867329a2edd529728a6Andreas Gustafsson            the algorithm and key ID of the revoked key.
8cd54a7461ad183f9e839d96cedb7b7ad03fb244Michael Sawyer          </p></dd>
24139527f3d0d3fe743bd867329a2edd529728a6Andreas Gustafsson<dt><span class="term">-R</span></dt>
24139527f3d0d3fe743bd867329a2edd529728a6Andreas Gustafsson<dd><p>
688a4c50c2025a683d8d2bf5bb53a591556df4fcAndreas Gustafsson        Print the key tag of the key with the REVOKE bit set but do
e69ccf6d54db6e749470341e2c84996ecc77e5ecMichael Sawyer        not revoke the key.
2386f92414d8bc4d49a605be2ffd8f8cb1941b0bMichael Sawyer          </p></dd>
6e49e91bd08778d7eae45a2229dcf41ed97cc636David Lawrence</dl></div>
6e49e91bd08778d7eae45a2229dcf41ed97cc636David Lawrence</div>
cc88be4af140d1336b14eb756c4f2fca3ee6d4edMichael Sawyer<div class="refsect1" lang="en">
6e49e91bd08778d7eae45a2229dcf41ed97cc636David Lawrence<a name="id2617952"></a><h2>SEE ALSO</h2>
6e49e91bd08778d7eae45a2229dcf41ed97cc636David Lawrence<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
4e0dc7b50c8d36a826dfd49c733479efa2feb6f9Michael Sawyer      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
9f35af43612c6ae4951e123911ac5a06d7880dcaMichael Sawyer      <em class="citetitle">RFC 5011</em>.
6e49e91bd08778d7eae45a2229dcf41ed97cc636David Lawrence    </p>
d2895dd9bba25beaa167cb1fe9282855bc002768Michael Sawyer</div>
0eb5cf735133924dc9baab388236bef470480dceMichael Sawyer<div class="refsect1" lang="en">
7949dbdae1db33e6263d754e5940daa1dfba59f9Michael Sawyer<a name="id2618181"></a><h2>AUTHOR</h2>
bbece796a96f0c5670f2ed4646be2e883be3ba59Brian Wellington<p><span class="corpauthor">Internet Systems Consortium</span>
6c7a2db63cb10cda9ce3289f38c5ee55f63bba10Michael Sawyer    </p>
688a4c50c2025a683d8d2bf5bb53a591556df4fcAndreas Gustafsson</div>
19c8df90f1f23c3df870c1771c89c1acdb15020eMichael Sawyer</div>
19c8df90f1f23c3df870c1771c89c1acdb15020eMichael Sawyer<div class="navfooter">
19c8df90f1f23c3df870c1771c89c1acdb15020eMichael Sawyer<hr>
19c8df90f1f23c3df870c1771c89c1acdb15020eMichael Sawyer<table width="100%" summary="Navigation footer">
19c8df90f1f23c3df870c1771c89c1acdb15020eMichael Sawyer<tr>
19c8df90f1f23c3df870c1771c89c1acdb15020eMichael Sawyer<td width="40%" align="left">
19c8df90f1f23c3df870c1771c89c1acdb15020eMichael Sawyer<a accesskey="p" href="man.dnssec-keygen.html">Prev</a>�</td>
19c8df90f1f23c3df870c1771c89c1acdb15020eMichael Sawyer<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
19c8df90f1f23c3df870c1771c89c1acdb15020eMichael Sawyer<td width="40%" align="right">�<a accesskey="n" href="man.dnssec-settime.html">Next</a>
19c8df90f1f23c3df870c1771c89c1acdb15020eMichael Sawyer</td>
3ac2a9987875e947e0d0a09702b5a9b4dd745b75Tatuya JINMEI 神明達哉</tr>
a5ed46c9fd270775c39770bfd0250a52d374ebf2Michael Sawyer<tr>
68f0d29d61a730222ec6c370ea1aff7ab0c36a4eMichael Sawyer<td width="40%" align="left" valign="top">
24139527f3d0d3fe743bd867329a2edd529728a6Andreas Gustafsson<span class="application">dnssec-keygen</span>�</td>
a5ed46c9fd270775c39770bfd0250a52d374ebf2Michael Sawyer<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
a5ed46c9fd270775c39770bfd0250a52d374ebf2Michael Sawyer<td width="40%" align="right" valign="top">�<span class="application">dnssec-settime</span>
47058d17266420179fa294de6b82d8fb5b918df4Michael Sawyer</td>
263408006365a7b4647d2eb645850b018edb47aaMichael Sawyer</tr>
77365675e9db53de6ef728c98fc696ce86e88e63Michael Sawyer</table>
910df0c767ea973a59e866adb33bddf24b584f3dMichael Sawyer</div>
e2babfac176033ebae5b8faf59935b24f2458643Brian Wellington</body>
38cf6e52ce4b33795713388824b69d78e430b115Michael Sawyer</html>
8cd54a7461ad183f9e839d96cedb7b7ad03fb244Michael Sawyer