DNSSEC Digest too long for Namecheap?

I successfully changed my DNS nameservers at Namecheap to the Cloudflare DNS settings (Erin & Yew).
Next I tried to enable DNSSEC on Namecheap, and copy/pasted the Keytag and Digest from the DNS Management for my Cloudflare account of the domain. But Namecheap returns this error: “For current Digest length should be 40 current length is 64”
What now? Should I just ignore DNSSEC? (It was the main reason I redirected DNS to CF; my sites are all hosted at Siteground but reading the forums here made me think I should use CF DNS, as SG-originating CF sites are not eligible for DNSSEC at CF. Now I’m wondering if I should have left everything at SG & used their CF tool?)
I’d be grateful for any insight. I’ve read a lot but still feel like a novice. :stuck_out_tongue:

PS my website, if it matters, is www.smarterjoy.com

That makes me think Namecheap is using a Digest Type of 1 (SHA-1) instead of Type 2 (SHA-256). It looks like you select between the two at Namecheap.


1 Like

Yes, you got it exactly right! I did not notice the toggle fields for Algorithm & Digest in the Namecheap tutorial, but that’s what I was missing.

The relevant choices to toggle at Namecheap for Cloudflare are:

Algorithm: 13 ECDSA/SHA-256
Digest Type: 2 SHA-256

The other fields are supplied by Cloudflare, just as shown in the Namecheap tutorial at https://www.namecheap.com/support/knowledgebase/article.aspx/9722/2232/managing-dnssec-for-domains-pointed-to-custom-dns

Thanks very much!