60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<html>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<head>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<title>dnssec-settime</title>

e21a2904f02a03fa06b6db04d348f65fe9c67b2bMark Andrews<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="man.dnssec-revoke.html" title="dnssec-revoke">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="next" href="man.dnssec-signzone.html" title="dnssec-signzone">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</head>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navheader">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation header">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr><th colspan="3" align="center"><span class="application">dnssec-settime</span></th></tr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="left">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.dnssec-revoke.html">Prev</a>�</td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<th width="60%" align="center">Manual pages</th>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="right">�<a accesskey="n" href="man.dnssec-signzone.html">Next</a>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<hr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refentry" lang="en">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="man.dnssec-settime"></a><div class="titlepage"></div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refnamediv">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<h2>Name</h2>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="application">dnssec-settime</span> &#8212; Set the key timing metadata for a DNSSEC key</p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsynopsisdiv">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<h2>Synopsis</h2>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="cmdsynopsis"><p><code class="command">dnssec-settime</code> [<code class="option">-f</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-h</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] {keyfile}</p></div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater<div class="refsect1" lang="en">

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater<a name="id2619634"></a><h2>DESCRIPTION</h2>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span><strong class="command">dnssec-settime</strong></span>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein reads a DNSSEC private key file and sets the key timing metadata

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater as specified by the <code class="option">-P</code>, <code class="option">-A</code>,

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater <code class="option">-R</code>, <code class="option">-I</code>, and <code class="option">-D</code>

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater options. The metadata can then be used by

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater <span><strong class="command">dnssec-signzone</strong></span> or other signing software to

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater determine when a key is to be published, whether it should be

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater used for signing a zone, etc.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater<p>

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater If none of these options is set on the command line,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein then <span><strong class="command">dnssec-settime</strong></span> simply prints the key timing

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein metadata already stored in the key.

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater </p>

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater<p>

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater When key metadata fields are changed, both files of a key

44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater pair (<code class="filename">Knnnn.+aaa+iiiii.key</code> and

44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater <code class="filename">Knnnn.+aaa+iiiii.private</code>) are regenerated.

44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater Metadata fields are stored in the private file. A human-readable

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater description of the metadata is also placed in comments in the key

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater file. The private file's permissions are always set to be

44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater inaccessible to anyone other than the owner (mode 0600).

44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater </p>

44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater</div>

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater<div class="refsect1" lang="en">

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater<a name="id2619692"></a><h2>OPTIONS</h2>

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater<div class="variablelist"><dl>

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater<dt><span class="term">-f</span></dt>

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater<dd><p>

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater Force an update of an old-format key with no metadata fields.

44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater Without this option, <span><strong class="command">dnssec-settime</strong></span> will

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater fail when attempting to update a legacy key. With this option,

44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater the key will be recreated in the new format, but with the

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater original key data retained. The key's creation date will be

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater set to the present time. If no other values are specified,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein then the key's publication and activation dates will also

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein be set to the present time.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Sets the directory in which the key files are to reside.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>

71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<dt><span class="term">-L <em class="replaceable"><code>ttl</code></em></span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews Sets the default TTL to use for this key when it is converted

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein into a DNSKEY RR. If the key is imported into a zone,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein this is the TTL that will be used for it, unless there was

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein already a DNSKEY RRset in place, in which case the existing TTL

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein would take precedence. Setting the default TTL to

71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews <code class="literal">0</code> or <code class="literal">none</code> removes it.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-h</span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Emit usage message and exit.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dd><p>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews Sets the debugging level.

58d9e9169e7ab4355a0b0bfc13bc616bc5247dfeAutomatic Updater </p></dd>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dt><span class="term">-E <em class="replaceable"><code>engine</code></em></span></dt>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dd>

58d9e9169e7ab4355a0b0bfc13bc616bc5247dfeAutomatic Updater<p>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews Specifies the cryptographic hardware to use, when applicable.

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein When BIND is built with OpenSSL PKCS#11 support, this defaults

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein to the string "pkcs11", which identifies an OpenSSL engine

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein that can drive a cryptographic accelerator or hardware service

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein module. When BIND is built with native PKCS#11 cryptography

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein (--enable-native-pkcs11), it defaults to the path of the PKCS#11

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein provider library specified via "--with-pkcs11".

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews<div class="refsect1" lang="en">

3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater<a name="id2619817"></a><h2>TIMING OPTIONS</h2>

3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater<p>

852ccdd42a71550c974111b49415204ffeca6573Automatic Updater Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.

852ccdd42a71550c974111b49415204ffeca6573Automatic Updater If the argument begins with a '+' or '-', it is interpreted as

3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater an offset from the present time. For convenience, if such an offset

3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater is followed by one of the suffixes 'y', 'mo', 'w', 'd', 'h', or 'mi',

3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater then the offset is computed in years (defined as 365 24-hour days,

ca67ebfe9eef0b8f04179f7e511a19e0337a5422Automatic Updater ignoring leap years), months (defined as 30 24-hour days), weeks,

3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater days, hours, or minutes, respectively. Without a suffix, the offset

852ccdd42a71550c974111b49415204ffeca6573Automatic Updater is computed in seconds. To unset a date, use 'none'.

852ccdd42a71550c974111b49415204ffeca6573Automatic Updater </p>

66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater<div class="variablelist"><dl>

66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater<dt><span class="term">-P <em class="replaceable"><code>date/offset</code></em></span></dt>

66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater<dd><p>

66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater Sets the date on which a key is to be published to the zone.

66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater After that date, the key will be included in the zone but will

66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater not be used to sign it.

66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater </p></dd>

66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater<dt><span class="term">-A <em class="replaceable"><code>date/offset</code></em></span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Sets the date on which the key is to be activated. After that

38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater date, the key will be included in the zone and used to sign

38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater it.

38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater </p></dd>

38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater<dt><span class="term">-R <em class="replaceable"><code>date/offset</code></em></span></dt>

38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater<dd><p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Sets the date on which the key is to be revoked. After that

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein date, the key will be flagged as revoked. It will be included

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein in the zone and will be used to sign it.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-I <em class="replaceable"><code>date/offset</code></em></span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Sets the date on which the key is to be retired. After that

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein date, the key will still be included in the zone, but it

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein will not be used to sign it.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-D <em class="replaceable"><code>date/offset</code></em></span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Sets the date on which the key is to be deleted. After that

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein date, the key will no longer be included in the zone. (It

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein may remain in the key repository, however.)

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-S <em class="replaceable"><code>predecessor key</code></em></span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Select a key for which the key being modified will be an

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein explicit successor. The name, algorithm, size, and type of the

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein predecessor key must exactly match those of the key being

3a5fe5abf08f16b8d31ab8ee9a788063110ef000Automatic Updater modified. The activation date of the successor key will be set

3a5fe5abf08f16b8d31ab8ee9a788063110ef000Automatic Updater to the inactivation date of the predecessor. The publication

3a5fe5abf08f16b8d31ab8ee9a788063110ef000Automatic Updater date will be set to the activation date minus the prepublication

3a5fe5abf08f16b8d31ab8ee9a788063110ef000Automatic Updater interval, which defaults to 30 days.

3a5fe5abf08f16b8d31ab8ee9a788063110ef000Automatic Updater </p></dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-i <em class="replaceable"><code>interval</code></em></span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Sets the prepublication interval for a key. If set, then

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein the publication and activation dates must be separated by at least

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein this much time. If the activation date is specified but the

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein publication date isn't, then the publication date will default

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein to this much time before the activation date; conversely, if

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein the publication date is specified but activation date isn't,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein then activation will be set to this much time after publication.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein If the key is being set to be an explicit successor to another

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein key, then the default prepublication interval is 30 days;

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein otherwise it is zero.

b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein As with date offsets, if the argument is followed by one of

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein the suffixes 'y', 'mo', 'w', 'd', 'h', or 'mi', then the

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein interval is measured in years, months, weeks, days, hours,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein or minutes, respectively. Without a suffix, the interval is

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein measured in seconds.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<div class="refsect1" lang="en">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2620092"></a><h2>PRINTING OPTIONS</h2>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">dnssec-settime</strong></span> can also be used to print the

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein timing metadata associated with a key.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="variablelist"><dl>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-u</span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Print times in UNIX epoch format.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-p <em class="replaceable"><code>C/P/A/R/I/D/all</code></em></span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Print a specific metadata value or set of metadata values.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The <code class="option">-p</code> option may be followed by one or more

71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews of the following letters to indicate which value or values to print:

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="option">C</code> for the creation date,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="option">P</code> for the publication date,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="option">A</code> for the activation date,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="option">R</code> for the revocation date,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="option">I</code> for the inactivation date, or

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="option">D</code> for the deletion date.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein To print all of the metadata, use <code class="option">-p all</code>.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<div class="refsect1" lang="en">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2621469"></a><h2>SEE ALSO</h2>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <em class="citetitle">BIND 9 Administrator Reference Manual</em>,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <em class="citetitle">RFC 5011</em>.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">

f77c5a1336bc11ae235f1b91f1b7cbae1137c3e8Automatic Updater<a name="id2621502"></a><h2>AUTHOR</h2>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="corpauthor">Internet Systems Consortium</span>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews</div>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews</div>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<div class="navfooter">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<hr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation footer">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="left">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.dnssec-revoke.html">Prev</a>�</td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right">�<a accesskey="n" href="man.dnssec-signzone.html">Next</a>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<tr>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<td width="40%" align="left" valign="top">

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<span class="application">dnssec-revoke</span>�</td>

a1b05dea35aa30b152a47115e18bbe679d3fcf19Mark Andrews<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<td width="40%" align="right" valign="top">�<span class="application">dnssec-signzone</span>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</body>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</html>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein