Manual key generation - BlueCat Integrity - 26.1.0

Address Manager Administration Guide
ft:locale
en-US
Product name
BlueCat Integrity
Version
26.1.0

Use the Auto generate keys option when automatic key generation is disabled and you want to manually generate new keys for a signed DNS zone or reverse zone.

To be regenerated, keys must be within their Overlap interval as defined in the key parameters in the DNSSEC signing policy. For information on setting the Overlap interval, refer to Creating a DNSSEC signing policy.

Note: After generating new keys, you must deploy the configuration to re-sign the zone on your servers.

To generate new keys for a forward or reverse zone:

  1. Select the DNS or IPAM tab in the sidebar, then navigate to the forward zone or reverse zone for which you want to generate new keys.
  2. Select the DNSSEC tab.
  3. Select Actions > Auto generate keys.
  4. If new keys are generated, a message appears indicating that new keys are successfully generated. Proceed to step 5.
    If new keys are not generated, a window appears with a message indicating that new keys cannot be generated because the existing keys are valid. Select Close.
  5. After new keys are generated, deploy DNS.