- Simple DNS Plus
- Knowledge Base
- KB article #65
How to DNSSEC sign a zone with Simple DNS Plus
To sign a zone, in the DNS Records window, right click the zone in the left list and select "DNSSEC sign..." from the popup menu:
This brings up the "DNSSEC Sign Zone" dialog, which can be used both to sign the zone and/or to generate DS-records.
Specify a DNSSEC key file and click the "OK" button.
For details on creating and managing DNSSEC key files, please see the reference article below.
If you had the "Generate and display a list of DS-records..." option checked, a dialog with the generated DS-records (if any) will be displayed. You can copy this text (standard zone file format) for inclusion in the parent zone:
Signing a zone will remove any existing DNSSEC signatures records, and add new DNSSEC records to the zone:
The zone is now DNSSEC signed.
Make sure to re-sign the zone after making ANY changes to it.
For more information, please see the following knowledge base articles: