It is of course also possible to have DNSSEC on your foreign domains with polar55.
Note: .eu domains require a different procedure. See further down.
The first thing you need to do is log into your cPanel and then go to DNS.
Next to the domain you want to add DNSSEC to, click on "DNSSEC".
After that, you will enter your DNSSEC overview, where you just need to click "Create Key" and then "Create" without changing any settings.
After that, your key is created, and once it's created you can click on "View DS Records" as shown below:
This will take you to an area with a number of values that you need to enter in your domain in the Polar55 control panel.
The information you need is marked with an arrow and looks like this:
Enter the marked information here:
- Go to domain overview
- Click on the domain you want to add DNSSEC to
Then you get a menu item on the left called "DNSSEC". Click on it:
Inside, fill in the values from the image above in the first rows under "DS records".
Insert one record at a time, and each time you save a new row will appear, where you can insert. Insert "Digest types" 2 and 4, as shown below (example values - replace with the correct values).
Once you save the last record, it will take a few hours, and then DNSSEC should be activated on your domain.
You can test if it works here: TEST DNSSEC
Especially for .eu domains
For .eu domains, you need to use KEY records instead of DS records in your control panel. First, you need to find the right values. Follow the guide above if you're unsure where the keys are created, as it's the same for both methods.
Start by creating your keys, and make sure to choose algorithm 8. This should be selected by default.
Choose whether you want to use KSK or ZSK. Copy the value of "Public DNSKEY" from the chosen one (you unfold it by clicking on the small blue arrow to the left).
Now go to the domain overview in your control panel and click on the domain you want to add DNSSEC to. Then you get a menu item on the left called "DNSSEC". Click on it:
First, you need to fill in the "Flags" field. The value is either 256 or 257 depending on whether you are using ZSK (257) or KSK (256) key types.
"Protocol" should always be set to 3.
"Algorithm" is set to 8.
"Public Key" you copied in a previous step from cPanel.
In our example, we have chosen the KSK type and therefore enter 256 in the "Flags" field. Protocol should always be 3 and the algorithm set to 8. Finally, we have copied the value of the "Public key" in, which we found in cPanel (example value - replace with correct value). Wait an hour and then check if DNSSEC is active on the domain.
You can test if it works here: TEST DNSSEC