Versions Compared

Old Version 1

changes.mady.by.user Chris Smith

Saved on

compared with

New Version Current

changes.mady.by.user The Force

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space DOC and version HG-8.3.1

Configuring DNSSEC

Table of Contents

Enable DNSSEC for a Server

...

  • Make sure DNSSEC is enabled on the DNS server(s) you will be pushing zones to (see "Enable DNSSEC for a Server", above)
  • run configTest.php to make sure that your directories/permissions are correct
  • Set external server for Authenticated Data verification
  • Create/Edit a zone - see Working with DNS Zones - Common Tasks for additional information.
  • Ensure that the zone is associated with a DNS server(s)

Enabling DNSSEC (for a single zone)

Navigate to the DNS Tab, and select the DNS Groups section.

...

The DS records will be shown in a pop-up. Note these values for Registrar confirmation.

  

Update Registrar and Confirm

Once DS records have been created, you will need to update and confirm the Zone Registrar:

...

Your DNSSEC implementation may need other options for your environment - please contact support@6connect.com if support if you have any questions.

Please note that you will need to restart the BIND service after these changes.

...

Info
titleDNSSEC Signatures

In this scenario, ProVision uses the DNSSEC signing functions of the respective environment we write the zones to. We are evaluating how to properly integrate DNSSEC functions to ProVision for these platforms. Please Please  contact support@6connect.com support if you have feedback or specific questions.

Additional Information

For additional information on working in DNS, see the following sections: