[yadifa-users] Proper DNSSEC configuration in Yadifa

isp mline at ukr.net
Wed Jan 25 12:30:51 CET 2017

Hi guys, 

There is no documentation about how to configure DNSSEC in Yadifa. Reference manual has a limited amount of information for me, as I never worked with DNSSEC before. 

I've configured DNS zones which I maintain with dnssec-policy "normal-policy" , and I think it should be fine for now. As far as I understand Yadifa will re-create keys automatically and take care of signing zones. 
But I can't find DS record key which I should insert at my TLD registrant (GoDaddy) web-interface. 

As well I don't understand how I can differentiate ZSK from KSK keys in /var/yadifa/keys folder. 

I was following this article - https://www.digitalocean.com/community/tutorials/how-to-setup-dnssec-on-an-authoritative-bind-dns-server--2 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </archives/yadifa-users/attachments/20170125/d1d60cd9/attachment.html>

More information about the yadifa-users mailing list