Error 9223


Got this issue where im trying to add a DNSKEY to my domain managed by Cloudflare.

DS Record setup and working can verify with DNS checker and seems okay.

ive got the domain registrar public DNSKEY id and public KEY

when i try and add this to my domain it giver the following error

Adding %s records requires multi-provider DNSSEC to be enabled on the zone, see (Code: 9223)

im trying to reverse delegate my dedicated blocks of ip’s and the require the DNSKEY to be present on the NS server where i have added my PTR records.

not sure if im making any sense but please help

thank you

Hi ricco1,

It’s not entirely clear to me what you are trying to do. But in general we generate the DNSKEY record and supply you with a DS record that you should add at the parent (usually via your registrar, but maybe not in your case).

As we’ll need to sign your records we will need to know the private key. Adding a public key from the parent to us is not something that will work (as we’ll not have the corresponding private key to actually generate RRSIGs).

There is something called multi-provider DNSSEC but I don’t think that applies for your use case. (With multi-provider DNSSEC we would allow you adding a public key, but we wouldn’t sign any records with the corresponding private key).

Be sure to post any additional details that could help us in assisting you!

Best regards,


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.