Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Screwed up Hosted Zone (DNSSEC?)

0

I have a Hosted Zone that I am unable to resolve to. I think I badly hosed dnssec setup but I don't know how to recover it. I delete the DNSSEC key from the domain record, and now I am trying to deactivate the KSK so that I can delete it and then disable DNSSEC. When I try to deactivate the KSK I get the followwing:

Bad request. (KeySigningKeyInParentDSRecord 400: Due to DNS lookup failure, we cannot determine if deactivating Key Signing Key with name:'KSKNAME' will break the authentication chain. Please retry later.)

Any thoughts on how to fix this?

  • MG
    vor 5 Monaten

    I think part of the problem is that I have a KSK that is also being used by anther Hosted Zone (that was a mistake as I was entering the KSK). Is there a way to BYPASS the validations and simply deactivate or delete this KSK?

  • omkar
    vor 4 Monaten

    AWS has a new Route53 console, and some options are missing than old one.

    If you "Switch to old console" on the bottom left until it is available; there is a link "Manage keys" under "DNSSEC status" for your registered domain - the documentation was not updated for the new console.

    I also added a DS record with KSK and other details as shown in "View information to create DS record". I was able to recover mine by removing DS records created by the previous registrar. That allowed the KSK record to be resolved, and everything fell into place.

    Troubleshooting tools I used: https://dnsviz.net https://dnssec-analyzer.verisignlabs.com

Themen
Vernetzung & Bereitstellung von Inhalten
Tags
Amazon Route 53Domain Name System (DNS)
Sprache
English
MG
gefragt vor 5 Monaten67 Aufrufe
Keine Antworten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt