How do I set up DNSSEC?

The easiest way to set up DNSSEC (aka DS records) is if your hosting/nameserver provider supports DNSSEC (like CloudFlare, pictured below). Enable it there, then copy your DS record to use with your domain.

Please note that our own ns1/2/3/ nameservers do not support DNSSEC at this stage, so you will have to use an external nameserver/hosting provider and update your domain settings with their nameservers accordingly. You can access that in your domain dashboard under update nameservers.

There is also a few ccTLD registries that do not support DNSSEC at all. If you are having setup issues, let us know and we can check for you.

Once the external nameservers are in place, we can add the DS records for you. When logged in to your account, send us the DS record(s) details via our support form. This will provide the required security authentication.

In the CloudFlare example above, copy the relevant string of the DS record, which is everything after 3600 IN DS. That is the information you would send to us.

The DS record has to be in the format: [key tag] [algorithm] [digest type] [digest]

You can also try our beta function to add DNSSEC yourself. While logged in to your account, go to this page to set that up:<< domain.tld >>

Once set up, you can test your DNSSEC setup here: DNSSEC Debugger.

If you have questions or need further help, just let us know.


Was this article helpful?
0 out of 0 found this helpful