- 최신
- 최다 투표
- 가장 많은 댓글
Please see instructions here under
Adding public keys for a domain https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-configure-dnssec.html
If you are getting 400 - that probably means you are creating DS record for your domain in your domain - not parent domain. For sub-domain, my understanding is DS should be created in its parent domain; and for root domain, DS should be created in its parent TLD. e.g. DS for example.com should go into .com TLD. and DS for subdomain.example.com should go into example.com
The documentation link below did not help me as I had a stale DS record by previous registrar. https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-configure-dnssec.html
In your case, the old console might be able to provide a way to create a DS record for cloudflare as required. If there is only one DS record, the issue should resolve for you. Do NOT remove other DS records if there are no other issues.
You can use troubleshooting tools to help navigate to solution. Please post here if you were able to resolve your DNSSEC issue.
AWS has a new Route53 console, and some options are missing than old one. If you "Switch to old console" on the bottom left until it is available; there is a link "Manage keys" under "DNSSEC status" for your registered domain - the documentation was not updated for the new console.
I was able to add a DS record for my domain there.
Troubleshooting tools I used: linux command line tool "dig": e.g. dig example.com DS @8.8.8.8 https://dnsviz.net https://dnssec-analyzer.verisignlabs.com
관련 콘텐츠
AWS 공식업데이트됨 일 년 전- AWS 공식업데이트됨 일 년 전
- AWS 공식업데이트됨 2년 전
- AWS 공식업데이트됨 일 년 전
It asks me to create KSK keys, but when I try to enable signing, I'm getting an error:
I can't spot anything related to adding the DS record Cloudflare asks for.