DNSSEC (Domain Name System Security Extensions) adds additional security to your domain names by adding digital signatures to their Domain Name System (DNS) information.
This means that when a user types an DNSSEC-enabled address, the response he receives, that is, the site to which he is redirected to, is verified for his authenticity.
To enable DNSSEC for any of TLD's supported in Papaki, you will need to enter specific DS (Delegation of Signing) records, which include DNS (Domain Name System) digital information. The information you need to enter to pass the appropriate registrations to your Domain Names can be obtained from your DNS provider if it supports DNSSEC.
1. Once you have the DNS service enabled, log in to Papaki's control panel, click on the desired domain and select Edit next to Nameservers.
2. In the new dialog box, click on Manage DNSSEC (DS Records).
3. Select Add New DS Registration. In the Key Tag, Algorithm and Digest or Public Key fields (it depends on your domain's TLD), fill in the information provided by your Hosting provider and click on Import.
Note: For security reasons, we would like to inform you that algorithms 3-7 versions is no longer be supported by our infrastructure since they use SHA-1 hashing and it is not secure. We use algorithms 8 & 13 versions.
2. Ensure that fields 1 and 2 are filled with your domain's nameservers and select Continue.
3. After doing all of the above, it will take up to 48 hours to update the service.
you can find the automated way of installing the DNSSEC.