Route 53 - DNSSEC - .IT ccTLD

0

Hi folks!

We have the majority of our domains registered in Route 53 along with corresponding hosted zones. All are enabled for DNSSEC and work fine. We have one .it domain that AWS lists as 'Not supported' for DNSSEC, however I do not believe this to be true.

If I check https://dnssec-analyzer.verisignlabs.com/ then the .IT root zone is shown as having the correct DS and DNSKEY records so does appear to be fully supported. Map data from https://www.internetsociety.org/deploy360/dnssec/maps/ also agrees.

Has anyone had any experience with getting .IT domain enabled for DNSSEC on Route 53? I have been able to create the DNSKEY records using Route 53 without issue but cannot complete the deployment due to the 'Not supported' blocker. I can raise a ticket to support but wanted to check here first.

asked 8 months ago209 views
1 Answer
0

You should open a ticket with support for this. They are the only ones who will be able to give you a definitive answer.

AWS
EXPERT
answered 8 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions