How to use DNSSEC

hello
Is there any manual or information on where or how they generate the keys for dnssec in hetiacp in Ubuntu 22?
I want to be able to use dnssec on my domains but I see how to generate the data.

note: my servers are configured to a single DNS cluster
Captura

regards

Have a look at the docs, it should explain all: DNS clusters and DNSSEC | Hestia Control Panel

hello
Where do I find this option in the panel?

If the option is not available then it might be not supported by OS or not setup correctly

I have installed:
Hestia Control Panel v1.8.7
Ubuntu 22.04 (x86_64)

/etc/bind/named.conf.options
dnssec-validation auto;

Do I have to do some configuration to activate it?
regards

¿¿??

The link you sent me is the manual that I am following but I do not have the DNSSEC option in my Hestia panel
Captura

Are you sure in hestia.conf DNS_CLUSTER_SYSTEM is changed to Hestia-zone?

DNS_CLUSTER_SYSTEM=‘hestia-zone’

Finally I was able to implement it successfully, I had the file /etc/bind/named.conf.options
with incorrect configuration.

It’s already working.
thanks

Could you explain what changes you made to the configuration file /etc/bind/named.conf.options

See DNS clusters and DNSSEC | Hestia Control Panel

2 Likes

I followed the master-slave guide to the T and still do not have the checkbox.
Running /usr/local/hestia/bin/v-sync-dns-cluster exits with success.

It clearly says to only switch to hestia-zone for the slave, right?
This should be clarified in the conversion docs further bewlow as well.

It should be changed on the master …

  1. In /usr/local/hestia/conf/hestia.conf, change DNS_CLUSTER_SYSTEM='hestia' to DNS_CLUSTER_SYSTEM='hestia-zone'.

Thanks, it works now!

The the docs need to be adjusted, it is only mentioned in Preparing your Slave server(s):

Can this be done on a both servers that are acting as both master/slave and master/slave?

" 'DNS_CLUSTER_SYSTEM=‘hestia-zone’` "

I have tested this out on some test servers they seem to work but im not sure if it will cause any problems down the line, would like your feedback @eris