1KZONESIGN(1)                       Knot DNS                       KZONESIGN(1)
2
3
4

NAME

6       kzonesign - DNSSEC signing utility
7

SYNOPSIS

9       kzonesign [options] -c conf_file zone_name
10

DESCRIPTION

12       This  utility  reads  the zone's zone file, signs the zone according to
13       given configuration, and writes the signed zone file back.
14
15   Options
16       -c, --config conf_file
17              Knot DNS configuration file (same as for knotd).
18
19       -o, --outdir dir_name
20              Write the output zone file to the specified directory insted  of
21              the configured one.
22
23       -r, --rollover
24              Allow  key roll-overs and NSEC3 re-salt. In order to finish pos‐
25              sible KSK submission, set the KSK's active timestamp to now (+0)
26              using keymgr.
27
28       -t, --time timestamp
29              Sign  the  zone (and roll the keys if necessary) as if it was at
30              the time specified by timestamp.
31
32       -h, --help
33              Print the program help.
34
35       -V, --version
36              Print the program version.
37
38   Parameters
39       zone_name
40              A name of the zone to be signed.
41

EXIT VALUES

43       Exit status of 0 means successful operation. Any other exit status  in‐
44       dicates an error.
45

SEE ALSO

47       knot.conf(5), keymgr(8).
48

AUTHOR

50       CZ.NIC Labs <https://www.knot-dns.cz>
51

COPYRIGHT

53       Copyright 2010–2021, CZ.NIC, z.s.p.o.
54
55
56
57
583.1.4                             2021-11-04                      KZONESIGN(1)