I have inherited a DNS server running BIND that is the master for one zone, it is DNSSEC-signed. For various reasons, I've decided to re-install this server as a new instance and enable inline-signing.
My primary issue is that this zone-file has been manually signed and include the RRSIG records for all RR records in said zone.
Is there a way to remove these RRSIG records (to "un-sign") and get a zone-file without DNSSEC resource-records that could then be used for inline-signing?
