Command Line Interface Reference Guide > The SLB Configuration Menu
/cfg/slb/gslb/dnssec/key
DNSSEC Key Menu
 
[DNSSEC Key Menu]
     ID - Set key ID
     generate - Generate new key
     expire - Set key expiration period
     rollover - Set key rollover period
     sigvalid - Set key signature validity period
     sigpub - Set key signature publication period
     del - Delete key
     ena - Enable entry
     dis - Disable entry
     cur - Display current key configuration
 
Global SLB DNSSEC Key Menu (/cfg/slb/gslb/dnssec/key) 
Command Syntax and Usage
ID
 
Sets the key ID.
Values: 1–32 characters
generate zsk|ksk
 
Generates a new key after you respond to the following wizard prompts:
Enter key type (KSK or ZSK) [KSK|ZSK] [ZSK]:
Should the key be enabled (yes/no)? [yes|no] [yes]:
Enter key size (1024, 2048 or 4096) [1024|2048|4096] [1024]:
Enter key hash algorithm (encryption is always RSA) [RSA-SHA1|RSA-SHA256|RSA-SHA512] [RSA-SHA1]:
Enter key ttl in seconds (0-86400) [86400]:
Enter key expiration in seconds (0-473040000) [2419200]:
Enter key rollover period in seconds (0-473040000) [604800]:
Enter key signature validity period in seconds (3600-473040000) [604800]:
Enter key signature publication period in seconds (3600-473040000) [302400]:
Note: Radware recommends that you set ZSK expiration to one month, and KSK expiration to one year.
expire
 
Sets the key expiration period.
rollover
 
Sets the key rollover period.
sigvalid
 
Sets the key signature validity period.
sigpub
 
Sets the key signature publication period.
del
 
Deletes the key.
ena
 
Enables the entry.
dis
 
Disables the entry.
cur
 
Displays the current key configuration.