Adding and Removing DS Records
Table of Contents
DS (Delegation Signer) records are used in DNSSEC to secure your domain.
Adding a DS record
DS records can only be manually added for domains not registered with DNSimple. For domains registered at DNSimple, DS records are automatically handled when DNSSEC is enabled.
-
Use the account switcher at the top of the page to select the appropriate account.
-
From your Domain Names list, click the domain name to access its management page.
-
Click the DNSSEC tab on the left.
-
Click Manage in the DS Records card.
-
On the DS Records page, click Add DS Record.
The form fields that appear will depend on the domain’s TLD. The system will show either the DS-Data or KEY-Data interface automatically.
Adding a DS record using the DS-Data interface
-
Enter the DS record information.
-
Algorithm: the algorithm used to generate the signature.
-
Keytag: a numerical value that identifies the referenced DNSKEY record.
-
Digest Type: the type of algorithm used to create the digest.
-
Digest: the hash value of the DNSKEY record, in hexadecimal format.
-
-
Click Add DS Record to create the record.
-
The record is created and visible in the record list.
Adding a DS record using the KEY-Data interface
-
Enter the DS record information. The Flags and Protocol form fields will be pre-filled with the appropriate values.
-
Algorithm: the algorithm used to generate the signature.
-
Public Key: public key of the Key-signing key of your zone signing configuration.
-
-
Click Add DS Record to create the record.
-
The record is created and visible in the record list.
To add a DS record with the DNSSEC API, check out our developer documentation.
Removing a DS record
Important
You can only manually remove a DS record if it is not managed by DNSimple. If DNSSEC is enabled and managed by DNSimple, the only way to remove the DS record is by disabling DNSSEC.
-
Use the account switcher at the top of the page to select the appropriate account.
-
From your Domain Names list, click the domain name to access its management page.
-
Click the DNSSEC tab on the left.
-
Click Manage in the DS Records card.
-
On the DS records page, search for the record, and click the trash icon to delete it.
-
Click Delete to delete the record.
-
The record is deleted and no longer visible in the record list.
To remove a DS record with the DNSSEC API, check out our developer documentation.
Have more questions?
If you have any questions or need help managing your DS records, just contact support, and we’ll assist you.