Where to obtain DNSSEC key tag?
849 views
Skip to first unread message
kester...@gmail.com
Mar 16, 2017, 11:18:12 AM3/16/17
to cloud-dns-discuss
Hi,
I have enrolled in the DNSSEC alpha program and enabled DNSSEC on a zone. It is my understanding that I need to configure a DS record, but I'm unable to obtain the information I need to do so. In particular, I need to know what the key tag is.
This is what I've tried:
1) I've tried clicking the registrar information link in the confirmation dialog message when enabling DNSSEC on a zone, but it points to an invalid URL: https://console.cloud.google.com/%7Bthis.panDocUrlService_.getUrl(DocUrls.DNS_REGISTRARS_ADD_DS)%7D
2) I have tried using the link provided in the Alpha Cloud Docs PDF to view DS record information, but this link is not publicly accessible (https://cloud-dot-devsite.googleplex.com/dns/registrars#add-ds).
3) I've tried using the "Registrar Setup" link in the Cloud Platform Console. It shows me an "NS" section which lists nameservers, and a "DS" section which is empty and does not look like the screen shot in the PDF.
4) I've tried using the "gcloud alpha dns dnskeys list" command mentioned in the PDF. It returns an error:
"ERROR: (gcloud.alpha) Invalid choice: 'dns'." I've tried using the same command without 'alpha' which also returns an error: "ERROR: (gcloud.dns) Invalid choice: 'dnskeys'."
Is anyone able to give me some pointers in this matter?
Kind regards,
Kester
I have enrolled in the DNSSEC alpha program and enabled DNSSEC on a zone. It is my understanding that I need to configure a DS record, but I'm unable to obtain the information I need to do so. In particular, I need to know what the key tag is.
This is what I've tried:
1) I've tried clicking the registrar information link in the confirmation dialog message when enabling DNSSEC on a zone, but it points to an invalid URL: https://console.cloud.google.com/%7Bthis.panDocUrlService_.getUrl(DocUrls.DNS_REGISTRARS_ADD_DS)%7D
2) I have tried using the link provided in the Alpha Cloud Docs PDF to view DS record information, but this link is not publicly accessible (https://cloud-dot-devsite.googleplex.com/dns/registrars#add-ds).
3) I've tried using the "Registrar Setup" link in the Cloud Platform Console. It shows me an "NS" section which lists nameservers, and a "DS" section which is empty and does not look like the screen shot in the PDF.
4) I've tried using the "gcloud alpha dns dnskeys list" command mentioned in the PDF. It returns an error:
"ERROR: (gcloud.alpha) Invalid choice: 'dns'." I've tried using the same command without 'alpha' which also returns an error: "ERROR: (gcloud.dns) Invalid choice: 'dnskeys'."
Is anyone able to give me some pointers in this matter?
Kind regards,
Kester
cloud-dns-discuss
Mar 16, 2017, 11:28:08 AM3/16/17
to cloud-dns-discuss, kester...@gmail.com
Hi Kester -
Unfortunately our UI currently has a known issue displaying the DNSSEC DS records; it should be fixed shortly. (It's actually been fixed already; deployment is pending.)
In the meantime the 'gcloud alpha' command should work. Have you installed the alpha package? The instructions can be found in the acceptance email and refer to adding a component repository JSON file, then running 'update'. That should get the 'alpha dns' commands working.
Thank you for testing DNSSEC!
-Robert Mead, on behalf of the Cloud DNS team.
kester...@gmail.com
Mar 20, 2017, 11:07:23 AM3/20/17
to cloud-dns-discuss, kester...@gmail.com, cloud-dn...@googlegroups.com
Thanks, I had overlooked the part about adding a repository. I've got DNSSEC all set up now.
Op donderdag 16 maart 2017 16:28:08 UTC+1 schreef cloud-dns-discuss:
Op donderdag 16 maart 2017 16:28:08 UTC+1 schreef cloud-dns-discuss:
Reply all
Reply to author
Forward
0 new messages