Viewing the zones linked to a DNSSEC signing policy - BlueCat Integrity - 9.5.0

Address Manager Administration Guide

Product name
BlueCat Integrity

Use the DNSSEC signing policy’s Linked Objects tab to view the list of DNS zones and reverse zones to which the policy is linked. A signing policy may be linked to DNS zones, IPv4 blocks, and IPv4 networks.

From this tab, you can also disable signing and unsecure zones and reverse zones.

  • Disable Signing — shuts off signing for a zone but leaves its DNSSEC keys in place and the signing policy linked to the zone.
  • Unsecure — shuts off zone signing, removes all DNSSEC keys, and unlinks the signing policy from the zone.

After you disable signing or unsecure a zone, you can re-enable signing or assign a new signing policy from the zone’s DNSSEC tab.

To view zones and reverse zones signed by the DNSSEC signing policy:

  1. Select the Administration tab. Tabs remember the page you last worked on, so select the tab again to ensure you're on the Administration page.
  2. Under General, click DNSSEC Policy Management.
  3. Under DNSSEC Signing Policies, click the name of a signing policy. The Details tab for the policy opens.
  4. Click the Linked Objects tab. The Linked Objects section opens.
    The Linked Objects section lists the zones, blocks, and networks signed by the policy.
    • Object—lists the names of the objects linked to the signing policy. To view an object, click the object name.
    • Signed—indicates if the object is currently signed. A signing policy may be linked to an object, but signing doesn't need to be enabled. Yes indicates that the object is signed; No indicates that the object isn't signed.
  5. To view an object, click the name of the object.