DnsServerSigningKey class
Represents a signing key for zone signing and key signing on a DNS server.
The following syntax is simplified from Managed Object Format (MOF) code and includes all of the inherited properties.
Syntax
[ClassVersion("1.0.0"), dynamic, provider("DnsServerPSProvider"), AMENDMENT]
class DnsServerSigningKey
{
String ZoneName;
String KeyId;
String KeyType;
String CurrentState;
String KeyStorageProvider;
boolean StoreKeysInAD;
String CryptoAlgorithm;
Uint32 KeyLength;
datetime DnsKeySignatureValidityPeriod;
datetime DSSignatureValidityPeriod;
datetime ZoneSignatureValidityPeriod;
datetime InitialRolloverOffset;
datetime RolloverPeriod;
String RolloverType;
String NextRolloverAction;
datetime LastRolloverTime;
datetime NextRolloverTime;
String CurrentRolloverStatus;
String ActiveKey;
String StandbyKey;
String NextKey;
};
Members
The DnsServerSigningKey class has these types of members:
Properties
The DnsServerSigningKey class has these properties.
-
ActiveKey
-
-
Data type: String
-
Access type: Read/write
A pointer string for the active key.
-
-
CryptoAlgorithm
-
-
Data type: String
-
Access type: Read/write
The type of DNSSEC signature generation algorithm used by the key.
The possible values are.
-
-
RsaSha1 ("RsaSha1")
-
RsaSha1NSec3 ("RsaSha1NSec3")
-
RsaSha256 ("RsaSha256")
-
RsaSha512 ("RsaSha512")
-
ECDsaP256Sha256 ("ECDsaP256Sha256")
-
ECDsaP384Sha384 ("ECDsaP384Sha384")
CurrentRolloverStatus
-
Data type: String
-
Access type: Read-only
The state of the key.
The possible values are.
NotRolling ("NotRolling")
Queued ("Queued")
RollStarted ("RollStarted")
ZskWaitingForDnsKeyTtl ("ZskWaitingForDnsKeyTtl")
ZskWaitingForMaxZoneTtlKskWaitingForDSUpdate ("ZskWaitingForMaxZoneTtlKskWaitingForDSUpdate")
KskWaitingForDSTtl ("KskWaitingForDSTtl")
KskWaitingForDnsKeyTtl ("KskWaitingForDnsKeyTtl")
WaitingForRFC5011RemoveHoldDown ("WaitingForRFC5011RemoveHoldDown")
RollError ("RollError")
CurrentState
-
Data type: String
-
Access type: Read-only
The state of the key.
The possible values are.
Active ("Active")
Retired ("Retired")
DnsKeySignatureValidityPeriod
-
Data type: datetime
-
Access type: Read/write
The duration in which the signatures that cover DNSKEY record sets are valid.
DSSignatureValidityPeriod
-
Data type: datetime
-
Access type: Read/write
The duration in which the signatures that cover DS record sets are valid.
InitialRolloverOffset
-
Data type: datetime
-
Access type: Read/write
The duration for which the first scheduled key rollover is delayed. This allows key rollovers to be staggered.
KeyId
-
Data type: String
-
Access type: Read-only
The unique identifier of the key.
KeyLength
-
Data type: Uint32
-
Access type: Read/write
The length, in bits, of the key. The length ranges from 1024 to 4096, in 64 bit increments.
KeyStorageProvider
-
Data type: String
-
Access type: Read/write
The Key Storage Provider (KSP) used to generate keys.
KeyType
-
Data type: String
-
Access type: Read/write
The type of the key.
The possible values are.
ZoneSigningKey ("ZoneSigningKey")
KeySigningKey ("KeySigningKey")
LastRolloverTime
-
Data type: datetime
-
Access type: Read-only
The time at which the last rollover event was performed.
NextKey
-
Data type: String
-
Access type: Read/write
A pointer string for the next key. This key will be used during the next key rollover event.
NextRolloverAction
-
Data type: String
-
Access type: Read/write
The action to take for the next key rollover event.
The possible values are.
Normal ("Normal")
RevokeStandby ("RevokeStandby")
Retire ("Retire")
NextRolloverTime
-
Data type: datetime
-
Access type: Read-only
The time at which the next rollover action must take place.
RolloverPeriod
-
Data type: datetime
-
Access type: Read/write
The duration between scheduled key rollovers.
RolloverType
-
Data type: String
-
Access type: Read-only
The key rollover type.
The possible values are.
DoubleSignature ("DoubleSignature")
Prepublish ("Prepublish")
StandbyKey
-
Data type: String
-
Access type: Read/write
A pointer string for the standby key.
StoreKeysInAD
-
Data type: boolean
-
Access type: Read/write
true if the key is stored in a zone object in Active Directory; otherwise, false.
ZoneName
-
Data type: String
-
Access type: Read-only
The name of the zone to which the key is assigned.
ZoneSignatureValidityPeriod
-
Data type: datetime
-
Access type: Read/write
The duration in which the signatures that cover all other record sets are valid.
Requirements
| Minimum supported client |
None supported |
| Minimum supported server |
Windows Server 2012 |
| Namespace |
Root\Microsoft\Windows\Dns |
| MOF |
|
| DLL |
|