[deployment-guide/comm-rel: 419/727] Added the Updating Zone Keys section.
Jaromir Hradilek
jhradile at fedoraproject.org
Tue Oct 19 13:00:00 UTC 2010
commit 2def01a462120728aa155bf036450fb3631930d8
Author: Jaromir Hradilek <jhradile at redhat.com>
Date: Wed Aug 18 15:53:49 2010 +0200
Added the Updating Zone Keys section.
en-US/The_BIND_DNS_Server.xml | 16 ++++++++++++++++
1 files changed, 16 insertions(+), 0 deletions(-)
---
diff --git a/en-US/The_BIND_DNS_Server.xml b/en-US/The_BIND_DNS_Server.xml
index dc34cca..23a6203 100644
--- a/en-US/The_BIND_DNS_Server.xml
+++ b/en-US/The_BIND_DNS_Server.xml
@@ -1713,6 +1713,22 @@ zone reload up-to-date</screen>
The zone reload and thaw was successful.</screen>
</note>
</section>
+ <section id="s2-bind-rndc-sign">
+ <title>Updating Zone Keys</title>
+ <para>
+ To update the DNSSEC keys and sign the zone, use the <command>sign</command> command. For example:
+ </para>
+ <screen>~]# <command>rndc sign localhost</command></screen>
+ <para>
+ Note that to sign a zone with the above command, the <option>auto-dnssec</option> option has to be set to <literal>maintain</literal> in the zone statement. For instance:
+ </para>
+ <screen>zone "localhost" IN {
+ type master;
+ file "named.localhost";
+ allow-update { none; };
+ auto-dnssec maintain;
+};</screen>
+ </section>
<!-- TODO: Rewrite the information below.
<section id="s2-bind-rndc-options">
<title>Command Line Options</title>
More information about the docs-commits
mailing list