Hello, After some unsuccessful search on this forum, I have some question about DNSSEC in ISPConfig3: I took a look into the ISPConfig3 source code and I found renewal of the signed zone but no renewal of the ZSKS and KSK. Did I miss something? I read it is recommended to change them sometimes. For me it is a good thing it is not automated but I would like to be sure If I want to renew keys for a zone, how can I proceed? Because we have to keep old keys some days the time resolvers take new keys in account. Thanks.