How to configure DNSSEC with your domain

Modified on Wed, 22 Feb 2023 at 02:27 PM

DNSSEC allows for a more safe internet. Configuring DNSSEC requires configuration in your control panel and with your domain For the first part, we have articles available for DNSSEC for Plesk and DNSSEC for DirectAdmin. For the second part, you can use this article.


Step 1 Find your domain in the client panel.

Step 2 On the left-side, click on the menu item DNSSEC Management.


Unable to find the DNSSEC Management button? Contact us!


Step 3 Click on Add a New DNSSEC Record

Step 4 Configure the two DNSKEYs:


In DNSSEC for Plesk or DNSSEC for DirectAdmin you have found the DNS KEYS. They may look like this:


domain.com. IN DNSKEY 257 3 8 AwEAAbpFHpYUogqAhJZE7COuINuuLiDWy9TJt+wRVvCF4NF1wpWCoLJq o8JN0IzHB4K4XL7IBJg+Xzwoun5B/QumDdrQw1dyNk77rkBmRsH5Yd0U r5cz2pCSSahCHv5NpzTokkYKY0LHqcAiQWEjEG9CTyqv/2jnWLK7gfQm xiOJj4EYY/ke/zkCfbUqMteoZ+/fof1bZa7yFQDo3cwlEmIhsBBf9vQa ngnx72Ph61tko/6IXQR1oZWlmjUySbrsZYkIC9N5A0C9eVbzVjdMuVUN LzVpQ6dRnDJ11rKIIGNoOo3Fdgvb6B3Vt+p9+QV4D0hBMnRAOTGuRdAg 2EQK7n4Tl+k=

; This is a key-signing key, keyid 52621, for samenspelen.net.

; Created: 20230222120418 (Wed Feb 22 12:04:18 2023)

domain.com. IN DNSKEY 257 3 8 AwEAAaz512SaSEAkCTn4ZdbjU+N4rLYTWshHzeK/3rIreOK7iB1gIdcU RmraIqXF1iZTepD+WqzrasOS3KsWowCyoysEWtIl/to/KhOyXgNc5xra 9h3FcbTVrIb/4hye+7vGuycfcBrOJ7Jj3NSVpi30nxB4/ty75Mqg3qP0 QvG3Sp3sooYyI1wMjLpEk5GwWBEiRubY3hva1asTpIPIgjhLuKZBaXbA 4crr9ZGxgNR2pyLAKaf5/ctoIwzxr6XfgqWKmEkcn5yvzMmHfuQVZhJE nF7PP/tEx6yppXH9gabM6yvOvc2Oy51qoUkSDeeghBPAbbZ1ZQOT1z1d RzmuuJcboIU=


The two rows we need start with domain.com. Each row is formatted like this:


domain.com. IN DNSSKEY {FLAG} 3  {ALGORITHM} {KEY}


{FLAG} can be 256 (ZSK) or 257 (KSK). Select the value in the dropdown in the client panel.

{ALGORITHM} reflects the number shown in the algorithm dropdown in the client panel.

The public key can be copy/pasted entirely in the public key field.


Each DNSKEY should be created in the client area and it may take up to 24 hours to be active.


Step 5 For both keys, click Save.


Please note that configuring the wrong key can bring your domain, website, e-mail and all domain related services offline.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article