Keys
TSIG (Transfer Signature) keys limit what hosts are allowed to synchronize zone files from the primary server. This page displays the keys currently used by DNS Server.
To create a new key:
- Click Create.
- Select Create key.
- Enter a key name and select an algorithm. DNS Server supports HMAC-MD5 and HMAC-SHA512 keys.
- Click Save to create the key.
To export a key:
Keys can be exported to a local computer.
- Select the key you wish to export.
- Click Export Key.
To import a key:
Keys can be imported from a local computer and added to the list of usable keys.
- Click Create.
- Select Import key.
- Choose a key file on the local computer and click Save.
To delete a key:
- Select the key you wish to delete.
- Click Delete.
Key file format rules:
- Implement the key statement format of Bind9.
- Key names can include 63 Unicode characters, including letters, numbers, and the following symbols: dashes (-), underscores (_), and dots (.). The name "rndc-key" is reserved for system use.
- Use an HMAC-MD5 or HMAC-SHA512 encryption algorithm.