doc/arm/man.dnssec-revoke.html

	man.dnssec-revoke.html revision ed38240f42ff9bc19d95669a2a4743b9ff7e7a64
7618c62c0c61a49f0d6330e4e1d44394ffa899e0verbalshadow<!--
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton - Copyright (C) 2000-2003 Internet Software Consortium.
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton -
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton - Permission to use, copy, modify, and/or distribute this software for any
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton - purpose with or without fee is hereby granted, provided that the above
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton - copyright notice and this permission notice appear in all copies.
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton -
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton - PERFORMANCE OF THIS SOFTWARE.
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton-->
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<!-- $Id$ -->
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<html>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<head>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<title>dnssec-revoke</title>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<link rel="prev" href="man.dnssec-keygen.html" title="dnssec-keygen">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<link rel="next" href="man.dnssec-settime.html" title="dnssec-settime">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton</head>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<div class="navheader">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<table width="100%" summary="Navigation header">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<tr><th colspan="3" align="center"><span class="application">dnssec-revoke</span></th></tr>
68302bd782e6cff354ec4e6c6cfe88fb761cead9Campbell Barton<tr>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<td width="20%" align="left">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<a accesskey="p" href="man.dnssec-keygen.html">Prev</a>�</td>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<th width="60%" align="center">Manual pages</th>
68302bd782e6cff354ec4e6c6cfe88fb761cead9Campbell Barton<td width="20%" align="right">�<a accesskey="n" href="man.dnssec-settime.html">Next</a>
68302bd782e6cff354ec4e6c6cfe88fb761cead9Campbell Barton</td>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton</tr>
10b77f97a176647caa068363224704062325ec4aDavid Mathog</table>
10b77f97a176647caa068363224704062325ec4aDavid Mathog<hr>
10b77f97a176647caa068363224704062325ec4aDavid Mathog</div>
10b77f97a176647caa068363224704062325ec4aDavid Mathog<div class="refentry" lang="en">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<a name="man.dnssec-revoke"></a><div class="titlepage"></div>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<div class="refnamediv">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<h2>Name</h2>
5ffd986a358af39744d3de9163808b187c87d315Campbell Barton<p><span class="application">dnssec-revoke</span> &#8212; Set the REVOKED bit on a DNSSEC key</p>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton</div>
68302bd782e6cff354ec4e6c6cfe88fb761cead9Campbell Barton<div class="refsynopsisdiv">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<h2>Synopsis</h2>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<div class="cmdsynopsis"><p><code class="command">dnssec-revoke</code>  [<code class="option">-hr</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-V</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f</code>] [<code class="option">-R</code>] {keyfile}</p></div>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton</div>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<div class="refsect1" lang="en">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<a name="id2631529"></a><h2>DESCRIPTION</h2>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<p><span><strong class="command">dnssec-revoke</strong></span>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton      reads a DNSSEC key file, sets the REVOKED bit on the key as defined
5ffd986a358af39744d3de9163808b187c87d315Campbell Barton      in RFC 5011, and creates a new pair of key files containing the
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton      now-revoked key.
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton    </p>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton</div>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<div class="refsect1" lang="en">
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<a name="id2631543"></a><h2>OPTIONS</h2>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<div class="variablelist"><dl>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<dt><span class="term">-h</span></dt>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<dd><p>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton        Emit usage message and exit.
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton      </p></dd>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<dd><p>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton            Sets the directory in which the key files are to reside.
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton          </p></dd>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<dt><span class="term">-r</span></dt>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<dd><p>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton        After writing the new keyset files remove the original keyset
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton        files.
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton      </p></dd>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<dd><p>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton            Sets the debugging level.
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton          </p></dd>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<dt><span class="term">-V</span></dt>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<dd><p>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton        Prints version information.
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton      </p></dd>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<dt><span class="term">-E <em class="replaceable"><code>engine</code></em></span></dt>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<dd>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<p>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton            Specifies the cryptographic hardware to use, when applicable.
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton          </p>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<p>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton            When BIND is built with OpenSSL PKCS#11 support, this defaults
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton            to the string "pkcs11", which identifies an OpenSSL engine
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton            that can drive a cryptographic accelerator or hardware service
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton            module.  When BIND is built with native PKCS#11 cryptography
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton            (--enable-native-pkcs11), it defaults to the path of the PKCS#11
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton            provider library specified via "--with-pkcs11".
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton          </p>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton</dd>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<dt><span class="term">-f</span></dt>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<dd><p>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton            Force overwrite: Causes <span><strong class="command">dnssec-revoke</strong></span> to
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton            write the new key pair even if a file already exists matching
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton            the algorithm and key ID of the revoked key.
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton          </p></dd>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<dt><span class="term">-R</span></dt>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<dd><p>
10b77f97a176647caa068363224704062325ec4aDavid Mathog        Print the key tag of the key with the REVOKE bit set but do
10b77f97a176647caa068363224704062325ec4aDavid Mathog        not revoke the key.
10b77f97a176647caa068363224704062325ec4aDavid Mathog          </p></dd>
10b77f97a176647caa068363224704062325ec4aDavid Mathog</dl></div>
dcfaae412e7e39e5e729800f6df369e8cca1b219Campbell Barton</div>
5d550572c43db27d4fa063de86c0a0c8e2b7d263Campbell Barton<div class="refsect1" lang="en">
db373488ddc3a321c41ee394eef972443b99d40eCampbell Barton<a name="id2637005"></a><h2>SEE ALSO</h2>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
aa04d6ef8728654428aa48a44d2e6949c3d05977Campbell Barton      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton      <em class="citetitle">RFC 5011</em>.
7a5d553ffd780a7b0e5e7e6935cff061dbdeccadCampbell Barton    </p>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton</div>
aa04d6ef8728654428aa48a44d2e6949c3d05977Campbell Barton<div class="refsect1" lang="en">
aa04d6ef8728654428aa48a44d2e6949c3d05977Campbell Barton<a name="id2637030"></a><h2>AUTHOR</h2>
aa04d6ef8728654428aa48a44d2e6949c3d05977Campbell Barton<p><span class="corpauthor">Internet Systems Consortium</span>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton    </p>
aa04d6ef8728654428aa48a44d2e6949c3d05977Campbell Barton</div>
aa04d6ef8728654428aa48a44d2e6949c3d05977Campbell Barton</div>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<div class="navfooter">
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<hr>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<table width="100%" summary="Navigation footer">
5ffd986a358af39744d3de9163808b187c87d315Campbell Barton<tr>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<td width="40%" align="left">
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<a accesskey="p" href="man.dnssec-keygen.html">Prev</a>�</td>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<td width="40%" align="right">�<a accesskey="n" href="man.dnssec-settime.html">Next</a>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton</td>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton</tr>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<tr>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<td width="40%" align="left" valign="top">
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<span class="application">dnssec-keygen</span>�</td>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton<td width="40%" align="right" valign="top">�<span class="application">dnssec-settime</span>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton</td>
5ffd986a358af39744d3de9163808b187c87d315Campbell Barton</tr>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton</table>
874cad03a8450ed3464f6dfae2eb16108bec5bbdCampbell Barton</div>
3c147b1dc203f9815cb45e24add22478e936d1e8verbalshadow<p style="text-align: center;">BIND 9.11.0pre-alpha</p>
096dfde2c1cb7bb1e0a4b76e21f2abf548b900d5Campbell Barton</body>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton</html>
7ec25bb9d03acb929519aa84287da437e3d4d10cCampbell Barton