--- a/dnssec-killkey	Thu Aug 12 10:18:58 2010 +0200
+++ b/dnssec-killkey	Fri Aug 13 10:09:37 2010 +0200
@@ -38,6 +38,7 @@
 my $zone;
 my @status;
 my @auto;
+my @manu;
 my @old_zone_content;
 my @new_zone_content;
 chomp( my $now_time = `date +%s` );    # aktuelle unixzeit
@@ -57,24 +58,27 @@
         if ( -e "$zdir/dsset-$zone." )  { unlink "$zdir/dsset-$zone." }
         if ( -e "$zdir/keyset-$zone." ) { unlink "$zdir/keyset-$zone." }
         for (`ls $master_dir/$zone/K*[key,private]`) { unlink $_ }
-    }
-
-    open( ZONE, "$master_dir/$zone/$zone" )
-        or die "$master_dir/$zone/$zone: $!\n";
-    @old_zone_content = <ZONE>;
-    close(ZONE);
 
-    for (@old_zone_content) {
-        unless (/dnssec-(ksk|zsk)/) {
-            push @new_zone_content, $_;
+        print "keys removed \n";
+        
+        open( ZONE, "$master_dir/$zone/$zone" )
+            or die "$master_dir/$zone/$zone: $!\n";
+        @old_zone_content = <ZONE>;
+        close(ZONE);
+        
+        for (@old_zone_content) {
+            unless (/dnssec-(ksk|zsk)/) {
+                push @new_zone_content, $_;
+            }
         }
-    }
 
-    open( ZONE, ">$master_dir/$zone/$zone" )
-        or die "$master_dir/$zone/$zone: $!\n";
-    print ZONE @new_zone_content;
-    close(ZONE);
-
+        open( ZONE, ">$master_dir/$zone/$zone" )
+            or die "$master_dir/$zone/$zone: $!\n";
+        print ZONE @new_zone_content;
+        close(ZONE);
+        
+        push @manu, $zone;
+    }
 }
 
 # beendet den key-rollover
@@ -228,3 +232,10 @@
 
     print "$master_dir/$zone/$zone wurde neu erstellt \n";
 }
+
+# "toucht" alle zonen damit der serial erhoht wird und die
+# zone neu signiert wird
+for ( &del_double( @auto, @manu ) ) {
+        system "touch $master_dir/$_/$_";
+}
+