How to: Enable DNSsec on PowerDNS

Post Reply
User avatar
Daniel
Support
Posts: 207
Joined: 02 Aug 2013, 17:50

In order to enable DNSsec on your PowerDNS installation you are required to change the back-end database structure and the PowerDNS configuration file.

Database:
If you have installed PowerDNS 3.1 or higher you probably already have this tables. Else please import the following sql statement to your database. If you do not have the required tables SoluteDNS will warn you.

http://wiki.powerdns.com/trac/browser/t ... .mysql.sql

Please back-up your database before making changes!

Configuration file:
Locate your PowerDNS configuration file and add the following line to your back-end:

Code: Select all

gmysql-dnssec
Finishing:
Now restart your PowerDNS service to take changes in to effect.

You will probably notice your zones are no longer working. Please enter the following command in SSH to rectify all zones.

Code: Select all

pdnssec rectify-all-zones
Make sure you have a back-up of your database before running this command!

Now everything should work fine and you are ready to start using dnssec zones.
Post Reply