How to enable DNSSEC for an InternetX domain
Summary
DNSSEC is a feature that you can enable on our name servers. DNSSEC adds an extra security layer to DNS resolving. With DNSSEC you are protected against for example DNS spoofing. This article describes how you can enable it for a domain.
Caution: The DNSSEC activation process can take up to 72 hours. During the activation you can not do any modifications to DNS or the domain itself.
Prerequisites
Make sure you can login to the InterNetX portal;
Make sure you have created a backup of the DNS records.
Getting Started
Login to the InterNetX portal.
Go to Domains → Portfolio.
Click on the domain.
In this example we are going to enable DNSSEC for “copacocloudtestdomain.nl”.Click on Addons.
Enable NodeSecure by clicking the slide bar. Check Auto-DNSSEC and Auto-provision NodeSecure checkboxes. Also accept the terms according to the data privacy by checking the checkbox.
The activation status will be displayed next to the Auto-DNSSEC feature.
The activation proces can take up to 72 hours.
When DNSSEC is activated the Auto-DNSSEC status is changed from Being activated to active.
If you like you can check if DNSSEC is active by executing the following command on a linux machine
CODEdelv "copacocloudtestdomain.nl" output: negative response, fully validated ; copacocloudtestdomain.nl. 900 IN \-A ;-$NXRRSET ; copacocloudtestdomain.nl. SOA ns1.nodesecure.com. do-not-reply.copacocloudtestdomain.nl. 2024084049 43200 7200 1209600 86400 ; copacocloudtestdomain.nl. RRSIG SOA ... ; 41nf0f7gtac5shn3ohvikksd3pcsln5p.copacocloudtestdomain.nl. NSEC3 1 0 0 - 41NF0F7GTAC5SHN3OHVIKKSD3PCSLN5P NS SOA RRSIG DNSKEY NSEC3PARAM ; 41nf0f7gtac5shncsln5p.copacocloudtestdomain.nl. RRSIG NSEC3 ..