4.1. Zone Signing Key

Managing keys is an administrative task that the BIG-IP can do automatically. In order to sign zones, we must first create keys!

Navigate to: DNS ›› Delivery : Keys : DNSSEC Key List

Create zone signing key according the following table:

Setting	Value
Name	example.com_zsk
Type	Zone Signing Key
Key Management	Manual
Certificate	default.crt
Private Key	default.key

TMSH

tmsh create ltm dns dnssec key example.com_zsk key-type zsk certificate-file default.crt key-file default.key