diff --git a/files/dnssec-init b/files/dnssec-init
index cfd113d..abe50e2 100644
--- a/files/dnssec-init
+++ b/files/dnssec-init
@@ -6,14 +6,9 @@ DOMAIN="$3"
 KEY_DIRECTORY="${4:-${CACHEDIR}/${NAME}}"
 RANDOM_DEVICE="$5"
 NSEC3_SALT="$6"
+ZONE_FILE="$7"
 PATH=/bin:/sbin:/usr/bin:/usr/sbin
 
-if [ "${DOMAIN}" == "." ]; then
-    ZONE_FILE=root
-else
-    ZONE_FILE="${DOMAIN}"
-fi
-
 dnssec-keygen -a RSASHA256 -b 1024 -r "${RANDOM_DEVICE}" -K "${KEY_DIRECTORY}" "${DOMAIN}"
 dnssec-keygen -a RSASHA256 -b 2048 -r "${RANDOM_DEVICE}" -f KSK -K "${KEY_DIRECTORY}" "${DOMAIN}"
 
diff --git a/manifests/zone.pp b/manifests/zone.pp
index a5a506c..10b7cfb 100644
--- a/manifests/zone.pp
+++ b/manifests/zone.pp
@@ -126,7 +126,8 @@ define bind::zone (
     if $dnssec {
         exec { "dnssec-keygen-${name}":
             command => "/usr/local/bin/dnssec-init '${cachedir}' '${name}'\
-                '${_domain}' '${key_directory}' '${random_device}' '${nsec3_salt}'",
+                '${_domain}' '${key_directory}' '${random_device}' '${nsec3_salt}'\
+                '${zone_file}'",
             cwd     => $cachedir,
             user    => $bind_user,
             creates => "${cachedir}/${name}/${zone_file}.signed",