Hello, DNSSEC running well for me in 3.1, but I have one question to the implementation. Always when I want to enable DNSSEC on my domain I have to first register KEYSET at my domain registrar, with key-signing key generated for my DNS zone, and than refer it at my domain configuration. Is there some possibility to have only "master" KEYSET for all domains hosted on my DNS server, that I could always refer? E.g. as NSSET .... Thanks Tom
It's not supported in ISPConfig. I believe technically you could make that work, though it seems there are easy arguments against it for most cases. A better solution would be to integrate ISPConfig DNS changes with an api at your registrar; I believe opensrs supports that, and I'd imagine a few others would as well.