Hi everyone, I need your help again, as I wasn’t able to complete DNSSEC.
As advised in this forum, I send my public DNSKEY and DSKEY to Netcup and asked them, to set those values for the affected domain. They refered to their backend, where users can set those values up themselves.
However, I’m not sure what parameters to select. Do you have any ideas? Thanks!
Yeah, this is needlessly complicated. We should improve our instructions. The problem is that the registrar-side interfaces vary wildly.
If you look at your DNSKEY record, it is something like
257 3 13 <long-string>
The first number is the flags value, the second is irrelevant (it is always 3 and usually registrars don’t ask for it), and the third nmber is the algorithm value. The rest of the record is the public key, for which your interface has a separate field at the top.