Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

What are the steps required to roll my domains public KSK using a double-signing rollover procedure?

domain ksk procedure public roll rollover steps
0
Posted

What are the steps required to roll my domains public KSK using a double-signing rollover procedure?

0 CommentsAdd a Comment

1 Answer

0

• Generate a new KSK • Include this key in your zone file and double sign file with old and new KSKs • If you are using the .gov Registar Monitor service, wait up to 24 hours for an email notification that new KSK was found and a DS RR was added to the .gov TLD. If you are not using our monitor, upload the new KSK keyset to the www.dotgov.gov website to create a DS RR on the TLD. • Continue double signed for up to 2*TTL + 1 Day while DNS propagates. • Remove old KSK from zone file and single sign only with new KSK.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123