Adding Delegation Signer (DS) Records

A Delegation Signer (DS) Record contains the digital signature information for your domain name's DNS and is used to identify the DNSSEC signing key of a delegated zone. DS Record(s) for your domain name can be managed from its Order Details view, within your Control Panel.

Note

Currently, Ghana Dot Com Ltd supports DS Record only for the following domain name extensions:

TLDs Suppporting DNSSEC

  • .COM

  • .NET

  • .ORG

 

Adding a DS Record

  1. Login to your Control Panel, search for the domain name and proceed to the Order Information view. See details

  2. Click the DNSSEC link.

  3. This will display the Manage DNSSEC view.

    Note

    The Manage DNSSEC view will display a list of DS Records, if already added. Here, click the Add Records button to proceed.

    Provide information for the following fields and then click the Save button:

    • Key Tag: Contains the tag value of the DNSKEY Resource Record that validates this signature. An integer value in the range 0 to 65536.

    • Algorithm: The cryptographic algorithm that is used to generate the signature

    • Digest Type: The algorithm type used to construct the Digest. Applicable values are 1, 2 & 3 for .COM / .NET and 1 & 2 for other domain name extensions.

    • Digest: An alpha-numeric string generated by applying the Digest Type algorithm to a message. It needs to be a 40-character string for Digest Type value 1 and a 64-character string for Digest Type values 2 and 3.

Deleting a DS Record

  1. Login to your Control Panel, search for the domain name and proceed to the Order Information view. See details

  2. Click the DNSSEC link.

  3. Click the Delete link under the Action column, corresponding to the DS Record you wish to delete.

  4. Confirm the deletion by clicking the OK button.