This is what I found in the tutorials from cloudflare: 1. Activate DNSSEC in Cloudflare Log in to the Cloudflare dashboard and select your account and domain. Go to DNS > Settings. For DNSSEC, click Enable DNSSEC. In the dialog, you have access to several necessary values to help you create a DS record at your registrar. Once you close the dialog, you can access this information by clicking DS record on the DNSSEC card. 2. Add DS record to your registrar Add the DS record to your registrar. If Algorithm 13 - Cloudflare’s preferred cipher choice - is not listed by your registrar, it may also be called ECDSA Curve P-256 with SHA-256.
10:54 AM
Business said
Hmm, Okay, not sure about these data and steps. I suggest you to contact Cloudflare directly and check on it. I’m sorry…
Yes but I cannot help with this, because those needs to be followed on Cloudflares end
10:56 AM
You said
I’m don’t speak and read perfectly english but “Add DS record to your register” means that I have to put the infos from cloudflare to my bluehost account. It’s crazy
10:59 AM
You said
Do you supoort DNSSEC ?
11:00 AM
Business said
Actually that is wrong Sylvain. You can add DNS records to registrar only if the nameservers are with the registrar but your domain nameservers are with Cloudflare, so anything related to DNS needs to be done from Cloudflare not Bluehost
11:00 AM
Business said
Yes of course, every nameservers provider will support DNSSEC, but for your domain we are not nameservers so DNSSEC option is not with Bluehost.
DS records are set at the registry by your registrar, not in your DNS, so it has to be done by the registrar. If Bluehost is your registrar, only they can do it.
Lots of people report having this problem with Bluehost, I think some have found Bluehost’s dashboard seems to only be able to change DS records when the nameservers are set to their own… The solution seems to be to find a support agent that knows what they are doing, or transfer your domain to another registrar.