DNS activation not working

What is the name of the domain?

What is the issue you’re encountering

DNSSEC it’s not enabled after 3 days

What steps have you taken to resolve the issue?

Contacted bluehost but they told me that my nameservers are managed by cloudflare so they can’t do anything.

What feature, service or problem is this related to?

DNSSEC

1 Like

DNSSEC has to be enabled for your domain at your registrar by copying the DS records given by Cloudflare to them, regardless of where your DNS is.

1 Like

Here’s some answers from the caht with BlueHost:

You said

This is what I found in the tutorials from cloudflare: 1. Activate DNSSEC in Cloudflare Log in to the Cloudflare dashboard :arrow_upper_right: and select your account and domain. Go to DNS > Settings. For DNSSEC, click Enable DNSSEC. In the dialog, you have access to several necessary values to help you create a DS record at your registrar. Once you close the dialog, you can access this information by clicking DS record on the DNSSEC card. 2. Add DS record to your registrar Add the DS record to your registrar. If Algorithm 13 - Cloudflare’s preferred cipher choice - is not listed by your registrar, it may also be called ECDSA Curve P-256 with SHA-256.

10:54 AM

Business said

Hmm, Okay, not sure about these data and steps. I suggest you to contact Cloudflare directly and check on it. I’m sorry…

10:55 AM

You said

You can find thoses infos by yourself here: DNSSEC | Cloudflare DNS docs

10:55 AM

Business said

Yes but I cannot help with this, because those needs to be followed on Cloudflares end

10:56 AM

You said

I’m don’t speak and read perfectly english but “Add DS record to your register” means that I have to put the infos from cloudflare to my bluehost account. It’s crazy

10:59 AM

You said

Do you supoort DNSSEC ?

11:00 AM

Business said

Actually that is wrong Sylvain. You can add DNS records to registrar only if the nameservers are with the registrar but your domain nameservers are with Cloudflare, so anything related to DNS needs to be done from Cloudflare not Bluehost

11:00 AM

Business said

Yes of course, every nameservers provider will support DNSSEC, but for your domain we are not nameservers so DNSSEC option is not with Bluehost.

11:01 AM

You said

Ok, so I will check with them, thanks

DS records are set at the registry by your registrar, not in your DNS, so it has to be done by the registrar. If Bluehost is your registrar, only they can do it.

Lots of people report having this problem with Bluehost, I think some have found Bluehost’s dashboard seems to only be able to change DS records when the nameservers are set to their own… The solution seems to be to find a support agent that knows what they are doing, or transfer your domain to another registrar.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.