1ldns-signzone(1)            General Commands Manual           ldns-signzone(1)
2
3
4

NAME

6       ldns-signzone - sign a zonefile with DNSSEC data
7

SYNOPSIS

9       ldns-signzone [ OPTION ] ZONEFILE KEY [KEY [KEY] ...  ]
10
11

DESCRIPTION

13       ldns-signzone  is  used  to  generate a DNSSEC signed zone. When run it
14       will create a new  zonefile  that  contains  RRSIG  and  NSEC  resource
15       records,  as  specified in RFC 4033, RFC 4034 and RFC 4035. It will add
16       the DNSKEY(s) that is/are used to sign the zone.
17
18       Keys must be specified by their base name (i.e. without .key and  .pri‐
19       vate) and both the public and private key must be present in the speci‐
20       fied location. Multiple keys can be specified.
21
22

OPTIONS

24       -e date
25              Set expiration date of the signatures to this date,  the  format
26              can be YYYYMMDD[hhmmss], or a timestamp.
27
28
29       -i date
30              Set  inception  date  of the signatures to this date, the format
31              can be YYYYMMDD[hhmmss], or a timestamp.
32
33
34       -f file
35              Use this file to store the signed zone  in  (default  <original‐
36              file>.signed)
37
38
39       -o origin
40              Use  this  as  the origin of the zone, if it cannot be read from
41              the zonefile
42
43

AUTHOR

45       Written by the ldns team as an example for ldns usage.
46
47

REPORTING BUGS

49       Report bugs to <ldns-team@nlnetlabs.nl>.
50
51

53       Copyright (C) 2005 NLnet Labs. This is free software. There is NO  war‐
54       ranty;  not  even  for MERCHANTABILITY or FITNESS FOR A PARTICULAR PUR‐
55       POSE.
56
57
58
59                                  30 May 2005                 ldns-signzone(1)
Impressum