By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

DS record with DNS name ex.com not permitted in zone ex.com. Why?

0

When I attempt to create a DS record to establish a chain of trust https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-enable-signing.html?icmpid=docs_console_unmapped#dns-configuring-dnssec-chain-of-trust
I get an error that I can't understand. The DS key appears to be correct. I'm not sure why it won't let me create it.

My full error:

Error occurred
Bad request.
(InvalidChangeBatch 400: RRSet of type DS with DNS name example.com. is not permitted in zone example.com.)

Edited by: 333one on Mar 4, 2021 5:59 PM

Edited by: 333one on Mar 4, 2021 6:00 PM

Edited by: 333one on Mar 4, 2021 6:00 PM

Edited by: 333one on Mar 4, 2021 6:01 PM

Topics
Networking & Content Delivery
Tags
Amazon Route 53
Language
English
thr333one
asked 3 years ago1153 views
1 Answer
0

The DS record for example.com. goes in the com. zone. Your domain registrar will have somewhere to enter it.

If your domain registrar is Amazon, you'll have to use the domain management interface, not the DNS interface.

mnordhoff
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content