Jump to content

dnssec-signzone

From RaySoft

dnssec-signzone signs a zone. It generates NSEC and RRSIG records and produces a signed version of the zone. The security status of delegations from the signed zone (that is, whether the child zones are secure or not) is determined by the presence or absence of a keyset file for each child zone.[1]

Documentation

Syntax

dnssec-signzone [PARAMETER ...] ZONEFILE

Parameters

-o ORIGIN
The zone ORIGIN. If not specified, the name of the zone file is assumed to be the origin.

Examples

Sign the raysoft.loc zone
dnssec-signzone -o 'raysoft.loc' 'raysoft.loc.zone' 'raysoft.loc.**********'

References

  1. man 8 'dnssec-signzone'
Retrieved from "https://www.raysoft.ch/w/index.php?title=dnssec-signzone&oldid=42713"