DNS Sec Public

razrdj

• February 21, 2017 12:10

I would like to enable DNSSEC on my domain, the registrar is requesting the following information: - Key Tag - Algorithm - Flags -> Can choose between KSK or ZSK - Public Key When I click on the DNS Sec link in cPanel, cPanel provides me the following information: - Key Tag - Algorithm - Digest Type - Digest What am I supposed to select as flag and Public Key?

• 

  cPanelMichael

  • February 21, 2017 17:48

  Hello, You'd choose KSK at your registrar and then use the command line to find the public key:
  pdnssec show-zone domain.com
  The key output should should resemble this:
  KSK DNSKEY = example.com IN DNSKEY 257 3 8 AwEAAa2vycAp3tqgqxXP8Q7TYlWGgUzLMPG/e/zzH3feFA1y1JbXKo0tlM/D6HG+aKrEBottuVIzmtIQcCBhxbDo69MrZ+OsUb1Elbf3ryEKrECRZegG1hjVfR82DDVJFoNYKZPsPSlmLOdbCze+2/liv954U7UayN0Bt1TiYtX9mXJEltkVODaxm4xnr+T49aKN3cC2htZ2Kv+wsmEEgfF403uGx08yvBYaEFj4Um7+Ll1JE/I8R2piwzCxBWkZv1ioDNxKxvS90A5E/GDDRc/91VJeQDKSj412dA/810W6bEhAfXf5EzJT/Usdo+Xo93sf+pM1muFb85ha4VvRFXVJ7nc= ; ( RSASHA256 )
  Let us know if this helps. Thank you.

  0
• 

  Foellie

  • December 04, 2019 07:48

  I am facing this same issue. And pdnssec is not available on any of my servers... How can I get the public key ? edit: found it! pdnssec is now pdnsutil, so the correct command is now:
  pdnsutil show-zone domain.com
  

  0
• 

  tkraus

  • January 16, 2020 16:11

  Hello, How can I get the dnssec public key in CPanel webinterface without accessing ssh ?

  0

Please sign in to leave a comment.