Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » internet » hosting » virtualmin_dns
Trace:
internet:hosting:virtualmin_dns

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
internet:hosting:virtualmin_dns [2019/04/04 10:01]
gcooper 		internet:hosting:virtualmin_dns [2019/04/04 11:06] (current)
gcooper
Line 144: Line 144:
   * **DNSSEC enabled?** Yes   * **DNSSEC enabled?** Yes
   * **DNSSEC response validation enabled?** Yes (automatic mode)   * **DNSSEC response validation enabled?** Yes (automatic mode)
 +
 +**Webmin -> Servers -> BIND DNS Server -> DNSSEC Key Re-Signing ->**
 +
 +  * **Automatic key re-signing enabled?** Yes
 +  * **Period between re-signs?** 21 days
  
 ==== For Newly Created Domains ==== ==== For Newly Created Domains ====
Line 149: Line 154:
 :!: Virtualmin will add DNSSEC records automatically to new domains as they are created. :!: Virtualmin will add DNSSEC records automatically to new domains as they are created.
  
-:!: You may need to enable DNSSEC in Webmin for this to work as advertised (see below).+**Virtualmin -> System Settings -> Server Tempates -> Default Settings -> BIND DNS domain ->**
  
-**Virtualmin -> System Settings -> Server Tempates -> Default Settings -> BIND DNS domain** +  * **Create DNSSEC key and sign new domains?** Yes 
- +  **DNSSEC cryptographic algorithm** RSASHA1 
-  * **Create DNSSEC key and sign new domains** +  * **Number of DNSSEC keys** Zone key and key-signing key 
-    Yes+
  
 ==== For Existing Domains ==== ==== For Existing Domains ====
  
-**Webmin -> Servers -> BIND DNS Server**+**Webmin -> Servers -> BIND DNS Server -> <Zone to Modify> -> Setup DNSSEC Key**
  
-  * **DNSSEC Verification** +  * **Key algorithm** RSASHA1 
-    * **Enable DNSSEC Verification**+  * **Key size** Average size 
 +  * **Number of keys to create** Zone key and key-signing key 
 +  * **Create and Add Key** 
 +  * **Apply Zone**
  
-{{ :internet:hosting:dnssec_verification.png?750 |}}+:!You can also remove, then recreate the key.
  
-  * **DNSSEC Key Re-Signing** +==== Examine DNSSEC Records ====
-    * Enable+
  
-{{ :internet:hosting:dnssec_key_re-signing.png?600 |}}+**Virtualmin -> <Domain/Zone> -> Server Configuration ->**
  
-**Webmin -> Servers -> BIND DNS Server -> <Zone to Modify>**+  * **DNS Options**  
 +    * You can see **DNSSEC zone keys** and registrar **DS records** here 
 +  * **DNS Records -> Manually Edit** 
 +    You can see DNSSEC records here
  
-  * **Setup DNSSEC Key*+**Force Virtualmin to regenerate all records**, if necessary:
-    * Create and Add Key +
-    * You can also removethen recreate the key +
-  * **Apply Zone**+
  
-**Virtualmin -> <Domain (Zone) to Modify> -> Server Configuration** +**Virtualmin -> <Domain/Zone> -> Server Configuration -> DNS Options -> Save** 
- +
-  * **DNS Options** +
-    * You can see DNSSEC zone keys here +
-  * **DNS Records** +
-    * You can see DNSSEC records here+
  
 ==== Testing DNSSEC ==== ==== Testing DNSSEC ====
Line 198: Line 199:
 http://manage.resellerclub.com/kb/answer/1909 http://manage.resellerclub.com/kb/answer/1909
  
-Get the information you need at one of these locations:+=== More DS Record Info === 
 + 
 +You can also get the information you need at one of these locations:
  
 <file> <file>
internet/hosting/virtualmin_dns.1554393685.txt.gz · Last modified: 2019/04/04 10:01 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki