FR: DNSSEC support in DA
- Thread starter interfasys
- Start date
SeLLeRoNe
Super Moderator
I suppose you would need to update CentOS to 5.7 (that actually is working perfectly with DA and ive update from 5.6 to 5.7 without any issue)
Regards
Regards
been playing with dnssec and bind 9.7 today following a howto it is not that hard to get a domain on dnssec set it up in about 15 minute ok was my first attempt so it can go quicker.
It worked like a charm after seting up did a dig and see what i needed to see.
Only problem so far is that if you make any change in the dns from the da webinterface the dnssec config is gone so +1 for dnssec support for me
It worked like a charm after seting up did a dig and see what i needed to see.
Only problem so far is that if you make any change in the dns from the da webinterface the dnssec config is gone so +1 for dnssec support for me
Richard G
Verified User
+1 here too.
pera
Verified User
+1 here too..
Petertjuh360
Verified User
- Joined
- Nov 7, 2010
- Messages
- 340
You have my vote to.
+1 for DNSSEC support
+1 for DNSSEC support
Arieh
Verified User
My domain provider offers the option for configuring DNSSEC, and they give https://www.dnssec-tools.org/wiki/index.php/Zonesigner as an example which can be used with bind.
At the end I think there should also be a way to get this automated, maybe the keys should be available at the DA API if/when it's implemented.
At the end I think there should also be a way to get this automated, maybe the keys should be available at the DA API if/when it's implemented.
Petertjuh360
Verified User
- Joined
- Nov 7, 2010
- Messages
- 340
So there is much support for DNSSEC in DirectAdmin.
How do you think, DirectAdmin?
How do you think, DirectAdmin?
freakie
Verified User
+1 for DNSSEC support.
Here in the Netherlands we have the most domains with DNSSEC enabled. I have got it working on a non DA machine. In order for general usage of DNSSEC we need support from DA.
Please enable DNSSEC support in DA through the control panel.
Here in the Netherlands we have the most domains with DNSSEC enabled. I have got it working on a non DA machine. In order for general usage of DNSSEC we need support from DA.
Please enable DNSSEC support in DA through the control panel.
I agree and the counter is still going up .nl is by far the leader in signed tld's the competition is offering it to customers now and are gaining new customers by offering dnssec and we cant. We allready recieves questions frmo customers about it.
Petertjuh360
Verified User
- Joined
- Nov 7, 2010
- Messages
- 340
Mailed DirectAdmin and it looks like it's gonna take a while.
They are busy with Custombuild 2.0 and more features, but are not started the development of a DNSSEC feature.
They are busy with Custombuild 2.0 and more features, but are not started the development of a DNSSEC feature.
Maniak
Verified User
+1
I would second all my fellow posters above. DNSSEC like many mechanisms such as SPF, DKIM has moved from good to have to have it as a necessity if you want to stay competitive. It is usually small details such as DNSSEC that would make the difference between a Hosting Provider and an outstanding Hosting Provider. We may well decide to write a script to support this feature, though we would prefer to have a native DA process to take care of it for us.
I would second all my fellow posters above. DNSSEC like many mechanisms such as SPF, DKIM has moved from good to have to have it as a necessity if you want to stay competitive. It is usually small details such as DNSSEC that would make the difference between a Hosting Provider and an outstanding Hosting Provider. We may well decide to write a script to support this feature, though we would prefer to have a native DA process to take care of it for us.
Petertjuh360
Verified User
- Joined
- Nov 7, 2010
- Messages
- 340
The number of DNSSEC signed domains will improve huge if DirectAdmin comes out with this function.
Tristan
Verified User
+1 for DNSSEC support in Direct admin.
almost implemented
First of all i hope Directadmin will implement DNSSEC soon, but for now I'm workin myself on implementing DNSSEC for my Directadmin Servers.
For now a lot is working already
1. the zones are signed
2. named uses the signed zonefiles
3. directadmin resign the zones on DNS changes made bij DirectAdmin (users)
the problem i'm working on is how to transfer the private key's to other Directadmin servers trough the multi-server-setup because:
- multiple DNS servers uses the same signed zones
- on changes of DNS zones the resigned zone uses the same private key's as the rest of my DNS servers
TODO:
- updating the parent zone with the current/new public key(s) (this will be an custom script, different for every registry)
- transfering the private keys to the rest of my Directadmin Servers.
First of all i hope Directadmin will implement DNSSEC soon, but for now I'm workin myself on implementing DNSSEC for my Directadmin Servers.
For now a lot is working already
1. the zones are signed
2. named uses the signed zonefiles
3. directadmin resign the zones on DNS changes made bij DirectAdmin (users)
the problem i'm working on is how to transfer the private key's to other Directadmin servers trough the multi-server-setup because:
- multiple DNS servers uses the same signed zones
- on changes of DNS zones the resigned zone uses the same private key's as the rest of my DNS servers
TODO:
- updating the parent zone with the current/new public key(s) (this will be an custom script, different for every registry)
- transfering the private keys to the rest of my Directadmin Servers.