Managing DS Records

Table of Contents


Locating the DS records page

To view and manage the delegation signer (DS) records for a domain, click on the DNSSEC tab on a domain’s management page, then click on the link in the DS Records section.

Manage DS Records link

Listing DS records

On the DS Records page, you will be able to see a list of the DS records currently provisioned for the domain.

List DS Records

Adding a DS record

On the DS records page, click .

Add DS Record

The Add DS Record page will load. The form fields shown on the Add DS record page will differ based on whether the TLD of the domain requires them to be set up with the DS-Data interface or the KEY-Data interface.

To add a DS record using the DS-Data interface

  1. Enter the DS record information.

    Add DS Record with DS Data

    • Algorithm: the algorithm used to generate the signature.

    • Keytag: a numerical value that identifies the referenced DNSKEY record.

    • Digest Type: the type of algorithm used to create the digest.

    • Digest: the hash value of the DNSKEY record, in hexadecimal format.

    Once you’re ready, click to create the record.

  2. The record is created and visible in the record list.

To add a DS record using the KEY-Data interface

  1. Enter the DS record information. The Flags and Protocol form fields will be pre-filled with the appropriate values.

    Add DS Record with Key Data

    • Algorithm: the algorithm used to generate the signature.

    • Public Key: public key of the Key-signing key of your zone signing configuration.

    Once you’re ready, click to create the record.

  2. The record is created and visible in the record list.

Removing a DS record

To remove an DS record

  1. In the DS records page, search for the record and click on the trash icon to delete it.

    Delete DS Record

  2. Confirm the dialog to delete the record.

  3. The record is deleted and no longer visible in the record list.