DNSSEC-Tools being migrated -- expect broken links.
The process to convert older wiki pages to our new site is not yet complete; please be patient while we work through the moving process. -- 2018-08-11



About. rollerd is a daemon application that automates the process of resigning a zone on a regular basis and can automate the process of KSK rollover using the safe and recommended practices. rollerd is designed to ensure authoritative zone administrators will not have to worry about properly performing the critical timing steps involved with updating a zone's KSKs. The rollctl command can be used to communicate with a running rollerd daemon.

Example of a rollerd Log File

Example of a rollerd Log File. Below is a rollerd log file. This was created with a "phase" log level, which only shows the changes in phase. This log file shows a single KSK rollover and a single ZSK rollover.

TODO / WishList

    TODO / WishList.
  • The ability to roll different keys using different parameters (eg, support rolling multiple keys independently where one key is using RSA-SHA1 and another is RSA-SHA256).