etc/services - sync with NetBSD-8
[minix.git] / external / bsd / bind / dist / bin / dnssec / dnssec-revoke.html
blob9e2aa270e7341f66d603bee246738fbdbf0b2680
1 <!--
2 - Copyright (C) 2009, 2011, 2014 Internet Systems Consortium, Inc. ("ISC")
3 -
4 - Permission to use, copy, modify, and/or distribute this software for any
5 - purpose with or without fee is hereby granted, provided that the above
6 - copyright notice and this permission notice appear in all copies.
7 -
8 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
9 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
10 - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
11 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
12 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
13 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
14 - PERFORMANCE OF THIS SOFTWARE.
15 -->
16 <!-- Id -->
17 <html>
18 <head>
19 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
20 <title>dnssec-revoke</title>
21 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
22 </head>
23 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
24 <a name="man.dnssec-revoke"></a><div class="titlepage"></div>
25 <div class="refnamediv">
26 <h2>Name</h2>
27 <p><span class="application">dnssec-revoke</span> &#8212; Set the REVOKED bit on a DNSSEC key</p>
28 </div>
29 <div class="refsynopsisdiv">
30 <h2>Synopsis</h2>
31 <div class="cmdsynopsis"><p><code class="command">dnssec-revoke</code> [<code class="option">-hr</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-V</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f</code>] [<code class="option">-R</code>] {keyfile}</p></div>
32 </div>
33 <div class="refsect1" lang="en">
34 <a name="id2543397"></a><h2>DESCRIPTION</h2>
35 <p><span><strong class="command">dnssec-revoke</strong></span>
36 reads a DNSSEC key file, sets the REVOKED bit on the key as defined
37 in RFC 5011, and creates a new pair of key files containing the
38 now-revoked key.
39 </p>
40 </div>
41 <div class="refsect1" lang="en">
42 <a name="id2543409"></a><h2>OPTIONS</h2>
43 <div class="variablelist"><dl>
44 <dt><span class="term">-h</span></dt>
45 <dd><p>
46 Emit usage message and exit.
47 </p></dd>
48 <dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>
49 <dd><p>
50 Sets the directory in which the key files are to reside.
51 </p></dd>
52 <dt><span class="term">-r</span></dt>
53 <dd><p>
54 After writing the new keyset files remove the original keyset
55 files.
56 </p></dd>
57 <dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
58 <dd><p>
59 Sets the debugging level.
60 </p></dd>
61 <dt><span class="term">-V</span></dt>
62 <dd><p>
63 Prints version information.
64 </p></dd>
65 <dt><span class="term">-E <em class="replaceable"><code>engine</code></em></span></dt>
66 <dd>
67 <p>
68 Specifies the cryptographic hardware to use, when applicable.
69 </p>
70 <p>
71 When BIND is built with OpenSSL PKCS#11 support, this defaults
72 to the string "pkcs11", which identifies an OpenSSL engine
73 that can drive a cryptographic accelerator or hardware service
74 module. When BIND is built with native PKCS#11 cryptography
75 (--enable-native-pkcs11), it defaults to the path of the PKCS#11
76 provider library specified via "--with-pkcs11".
77 </p>
78 </dd>
79 <dt><span class="term">-f</span></dt>
80 <dd><p>
81 Force overwrite: Causes <span><strong class="command">dnssec-revoke</strong></span> to
82 write the new key pair even if a file already exists matching
83 the algorithm and key ID of the revoked key.
84 </p></dd>
85 <dt><span class="term">-R</span></dt>
86 <dd><p>
87 Print the key tag of the key with the REVOKE bit set but do
88 not revoke the key.
89 </p></dd>
90 </dl></div>
91 </div>
92 <div class="refsect1" lang="en">
93 <a name="id2543544"></a><h2>SEE ALSO</h2>
94 <p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
95 <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
96 <em class="citetitle">RFC 5011</em>.
97 </p>
98 </div>
99 <div class="refsect1" lang="en">
100 <a name="id2543569"></a><h2>AUTHOR</h2>
101 <p><span class="corpauthor">Internet Systems Consortium</span>
102 </p>
103 </div>
104 </div></body>
105 </html>