I was enabling DNSSEC on a bunch of domains in Cloudflare, and I noticed that in every single case, the public key is the same. The fingerprint is not.
This doesn’t seem to cause a problem for enabling DNSSEC including pasting the public key into the registrar (Gandi, who then correctly computes the fingerprint).
However, I assumed that each website would have its own distinct key pair. Is this not the case, and it’s a single key for the entire Cloudflare account?
Just curious 