{"id":7082,"date":"2024-09-29T15:15:13","date_gmt":"2024-09-29T15:15:13","guid":{"rendered":"https:\/\/www.smarthost.au\/blog\/?p=7082"},"modified":"2024-12-12T15:21:21","modified_gmt":"2024-12-12T15:21:21","slug":"generating-dnssec-keys-in-cpanel","status":"publish","type":"post","link":"https:\/\/www.smarthost.au\/blog\/generating-dnssec-keys-in-cpanel","title":{"rendered":"Generating DNSSEC keys in cPanel"},"content":{"rendered":"\n<p>Having a domain delegated to our DNS servers, the keys can be generated in the cPanel hosting panel. The keys should be configured according to the parameters that are supported by the domain registrar.<\/p>\n\n\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading has-text-align-center\"><strong>How to generate DNSSEC keys in cPanel?<\/strong><\/h2>\n\n\n\n<p>1. From the \u201cDomains\u201d tab, select the \u201cZone Editor\u201d option.<br><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"979\" height=\"253\" src=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/zone_editor-1.png\" alt=\"\" class=\"wp-image-7085\" srcset=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/zone_editor-1.png 979w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/zone_editor-1-300x78.png 300w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/zone_editor-1-768x198.png 768w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/zone_editor-1-520x134.png 520w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/zone_editor-1-740x191.png 740w\" sizes=\"auto, (max-width: 979px) 100vw, 979px\" \/><\/figure><\/div>\n\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>2. Select the domain for which you want to generate DNSSEC keys. Then click on the \u201cDNSSEC\u201d option.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"825\" height=\"86\" src=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec.png\" alt=\"\" class=\"wp-image-7086\" style=\"width:840px;height:auto\" srcset=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec.png 825w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec-300x31.png 300w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec-768x80.png 768w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec-520x54.png 520w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec-740x77.png 740w\" sizes=\"auto, (max-width: 825px) 100vw, 825px\" \/><\/figure><\/div>\n\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p><br>3. Next, to create a key, click on the option \u201cCreate Key\u201d.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"206\" src=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec2-1024x206-1.png\" alt=\"\" class=\"wp-image-7087\" srcset=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec2-1024x206-1.png 1024w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec2-1024x206-1-300x60.png 300w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec2-1024x206-1-768x155.png 768w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec2-1024x206-1-520x105.png 520w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec2-1024x206-1-740x149.png 740w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p><br>4. In the next window you will see the default keys proposed by cPanel. To add them, select \u201cCreate\u201d. You can also create keys according to your own settings. To create your own keys, select \u201cCustomize\u201d.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"497\" height=\"298\" src=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec3.png\" alt=\"\" class=\"wp-image-7088\" srcset=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec3.png 497w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec3-300x180.png 300w\" sizes=\"auto, (max-width: 497px) 100vw, 497px\" \/><\/figure><\/div>\n\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p><br>5. By selecting \u201cCustomize\u201d you can create a key according to our own settings:<\/p>\n\n\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p><strong>Key Setup<\/strong>:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Classic<\/strong>: Creates a <strong>ZSK<\/strong> (Zone Signing Key) and a <strong>KSK<\/strong> (Key Signing Key) keypair.<\/li>\n\n\n\n<li><strong>Simple<\/strong>: Creates a <strong>CSK<\/strong> (Combined Signing Key) which will be used as both the <strong>ZSK<\/strong> and <strong>KSK<\/strong>.<\/li>\n<\/ul>\n\n\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p><strong>Algorithm:<\/strong><br>Selection of the algorithm that will be used to create the keys.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>RSA\/SHA-256 (Algorithm 8)<\/strong> \u2013 most commonly supported by domain registrars<\/li>\n\n\n\n<li><strong>RSA\/SHA-512 (Algorithm 10)<\/strong> \u2013 similar to RSA\/SHA-256, generates longer 512-bit hashes so it is more secure but less efficient than RSA\/SHA-256<\/li>\n\n\n\n<li><strong>ECDSA Curve P-256 with SHA-256 (Algorithm 13)<\/strong> \u2013 recommended by cPanel, provides high security with smaller key size compared to RSA<\/li>\n\n\n\n<li><strong>ECDSA Curve P-384 with SHA-384 (Algorithm 14)<\/strong> \u2013 higher security than ECDSA with P-256 with SHA-256. Less efficient than the 13 algorithm but still more efficient than RSA-based algorithms. Suitable for environments requiring very high levels of security.<\/li>\n<\/ul>\n\n\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p><strong>Status:<\/strong><br>Allows to activate or deactivate the key.<\/p>\n\n\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"652\" height=\"709\" src=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec4.png\" alt=\"\" class=\"wp-image-7089\" srcset=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec4.png 652w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec4-276x300.png 276w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec4-520x565.png 520w\" sizes=\"auto, (max-width: 652px) 100vw, 652px\" \/><\/figure><\/div>\n\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p><br>6. Now that you have the keys created, you can add them in the DNS settings in the domain management panel (where the domain is registered). To get the necessary data, click in cPanel on \u201cView DS Records\u201d next to the generated key, and then fill in the data on the domain management panel side.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"222\" src=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec5-1024x222-1.png\" alt=\"\" class=\"wp-image-7090\" srcset=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec5-1024x222-1.png 1024w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec5-1024x222-1-300x65.png 300w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec5-1024x222-1-768x167.png 768w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec5-1024x222-1-520x113.png 520w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/dnssec5-1024x222-1-740x160.png 740w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>To download the public key that must be entered at the domain registrar, expand the line with the generated key by clicking the \u201c&gt;\u201d sign and then click \u201cPublic DNSKEY\u201d to display the key. The process is shown in the screenshot below.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"349\" src=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/public_key-1024x349.png\" alt=\"\" class=\"wp-image-7168\" srcset=\"https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/public_key-1024x349.png 1024w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/public_key-300x102.png 300w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/public_key-768x261.png 768w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/public_key-520x177.png 520w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/public_key-740x252.png 740w, https:\/\/www.smarthost.au\/blog\/wp-content\/uploads\/2024\/09\/public_key.png 1331w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-text-align-center\"><br>For domains registered with <a href=\"https:\/\/www.smarthost.au\/\">Smarthost.au<\/a> DNSSEC can be activated in the <a href=\"https:\/\/www.smarthost.au\/panel\/login\">customer area<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Having a domain delegated to our DNS servers, the keys can be generated in the cPanel hosting panel. The keys should be configured according to the parameters that are supported by the domain registrar. How<a class=\"read-more\" href=\"https:\/\/www.smarthost.au\/blog\/generating-dnssec-keys-in-cpanel\">Continue reading<\/a><\/p>\n","protected":false},"author":20,"featured_media":7083,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[437,432,19,1021,438,177,131,8],"tags":[318,308,1299,792,1300,109,1301,119,75],"class_list":["post-7082","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cpanel-pl","category-dns-pl","category-domain","category-guides","category-hosting-pl","category-important","category-new-functionalities","category-security","tag-cpanel-hr","tag-dns-hr","tag-dns-reliability","tag-dns-zone-2","tag-dnssec","tag-domain","tag-edit-dns-zones","tag-guide","tag-security"],"_links":{"self":[{"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/posts\/7082","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/comments?post=7082"}],"version-history":[{"count":5,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/posts\/7082\/revisions"}],"predecessor-version":[{"id":7169,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/posts\/7082\/revisions\/7169"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/media\/7083"}],"wp:attachment":[{"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/media?parent=7082"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/categories?post=7082"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/tags?post=7082"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}