We have already talked about the DNSSEC protocol in the previous post, now we will talk about how to configure the DNS of the domain to activate the DNSSEC protocol, using the cPanel management panel that manages its hosting.
Before proceeding with the configuration from our panel, it is very important to make sure that:
- The domain TLD can handle the DNSSEC protocol
- The Registrar / provider gives the possibility to configure and manage the DNSSEC protocol
By asking directly to the source, the Registrar and / or your Hosting provider.
In some cases, if the domain is maintained through the hosting provider, it is certainly possible to manage the DNS, however it is very likely that the management of the DNSSEC is feasible only indirectly, this is because the domain is maintained by a registrar that does not give access to the DNSSEC management.
In this case, the hosting provider will have to act as an intermediary by configuring all the keys and strings necessary to activate the DNSSEC on the domain, at the registrar.
Having established the availability of the provider and / or registrar, it is necessary to configure the keys for the DNSSEC protocol from the cPanel management panel
Configuration from cPanel
- From [DOMAINS] we select Zone Editor
- To obtain the domain concerned, select the [DNSSEC] icon identified with the graphic of a padlock
- We select the BLUE icon on the right side with the indication [+ CREATE KEY]
- At this point we can choose whether to customize the configuration in detail from the [Customize] button or using the fastest way from the BLUE button [CREATE]
- What should we create? The CSK – KSK – ZSK keys
This cPanel TV tutorial describes the path better
Domain configuration ( Registrar )
The next step is to enter the information of the keys generated on the DNS server side with Plesk, in our domain management panel, on the registrar side, or communicate it to our hosting provider so that it can act as an intermediary for its configuration.
The configuration methods and fields as well as the nomenclatures may vary from registrar to registrar, however the necessary and required information is the same.
Once the configurations have been completed, on the DNS side and Registrar side, we just have to wait for the DNS propagation and then verify the correct functioning