SYNOPSIS

       ldns-signzone [ OPTION ] ZONEFILE KEY [KEY [KEY] ...  ]

DESCRIPTION

       ldns-signzone  is  used  to  generate a DNSSEC signed zone. When run it
       will create a new  zonefile  that  contains  RRSIG  and  NSEC  resource
       records,  as  specified in RFC 4033, RFC 4034 and RFC 4035. It will add
       the DNSKEY(s) that is/are used to sign the zone.

       Keys must be specified by their base name (i.e. without .key and  .pri-
       vate) and both the public and private key must be present in the speci-
       fied location. Multiple keys can be specified.

OPTIONS

       -e date
              Set expiration date of the signatures to this date,  the  format
              can be YYYYMMDD[hhmmss], or a timestamp.


       -i date
              Set  inception  date  of the signatures to this date, the format
              can be YYYYMMDD[hhmmss], or a timestamp.


       -f file
              Use this file to store the signed zone  in  (default  <original-
              file>.signed)


       -o origin
              Use  this  as  the origin of the zone, if it cannot be read from
              the zonefile

AUTHOR

       Written by the ldns team as an example for ldns usage.

REPORTING BUGS

       Report bugs to <ldns-team@nlnetlabs.nl>.

COPYRIGHT

       Copyright (C) 2005 NLnet Labs. This is free software. There is NO  war-
       ranty;  not  even  for MERCHANTABILITY or FITNESS FOR A PARTICULAR PUR-
       POSE.



                                  30 May 2005                 ldns-signzone(1)