• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Question Email: DNSSEC KSK rollover occurred in the DNS zone <domain>

M

MHC_1

Basic Pleskian
Server operating system version
Alma Linux
Plesk version and microupdate number
18
So we are getting emails from some imported domains stating:

Please copy these new DS resource records and add them to the parent zone:

<domain>. IN DS 52400 8 1 BAAE.......767FA3A28
<domain>. IN DS 52400 8 2 2E5C...........F044812E..............46E70973F9A0F035..........3C90B24F59
<domain>. IN DS 9170 8 1 E87...........B8F38BA3A81EB...........4106F6B3F
<domain>. IN DS 9170 8 2 16C401............2DD0D4E3A...............4158B93FB741284B8..........4EC38D8276E
Click to expand...

I assume the "parent" zone is the Server domain because the DNS is handled on the server for multiple client domains.

The admin of the previous server these came from said they had similar notices but just ignored them, and DNS seemed to retain / remain ok.

- What on a practical level do we need to do with the above notification?
- Is it handled automatically?
- If so/ if not can we turn off the notification if action is unneeded.
 
It is not handled automatically. The keys must be manually updated in the parent zone. If you are unsure where the parent zone is, you can use a tool like DNSViz. If the records are not updated you can experience DNS issues, so I wouldn't recommend ignoring the notification. The full doc:
 
Sebahat.hadzhi said:
It is not handled automatically. The keys must be manually updated in the parent zone. If you are unsure where the parent zone is, you can use a tool like DNSViz. If the records are not updated you can experience DNS issues, so I wouldn't recommend ignoring the notification. The full doc:
Click to expand...
Hello

If the DNS parent is on the same server , where/how would that parent domain be updated as per the email?

cheers
 
You must log in or register to reply here.

Similar threads

J
Resolved Can not add DS-records, domain is required field since update
Replies
3
Views
2K
Johndenkis
J
Azurel
Issue DNSSEC do not add entries in DNS Settings?
Replies
3
Views
1K
scsa20
scsa20
B
Issue Slave DNS servers not updating zone from target server after migrating domain from source server.
Replies
3
Views
1K
BigBlock
B
Thomas Wilhelmi
Issue DNSSEC on Ububtu 22.04 LTS
Replies
5
Views
3K
learning_curve
learning_curve
T
Resolved Email not working, DNS related maybe?
Replies
2
Views
709
Sebahat.hadzhi
Sebahat.hadzhi
Back
Top