How do I get Cloudflare to release DNSSEC on a domain already transferred out?

What is the name of the domain?

memoriascolitur.com

What is the error number?

n/a

What is the error message?

n/a

What is the issue you’re encountering

DNS will no longer work for the domain since DNSSEC was not fully released before transferred it to Route 53.

What steps have you taken to resolve the issue?

Unclear as to what steps I can take. I think I need to have someone at Cloudflare review the old zone file and purge it from the system.

What feature, service or problem is this related to?

DNSSEC

What are the steps to reproduce the issue?

Since the domain’s SOA is now Route 53, if you perform a DiG query on the domain, no A/AAAA/TXT/NS/SOA etc records show up.

Screenshot of the error

Only the current registrar can modify DNSSEC, since those records are in the TLD registry.

But when I check DNSSEC, I’m not seeing any definite signs of DS records for that domain.

https://dnsviz.net/d/memoriascolitur.com/dnssec/

1 Like

The Registrar is Amazon, but the nameservers for that domain are currently pointing at Namecheap, not Route53.

2 Likes

Where are you seeing that? I checked on mxtoolbox, whatsmydsn, and DiG, all of which fail to show any NS records.

Would it help if I set a DS record through Route 53? I currently don’t have that set up, but I can easily do that. I was afraid to do that only because I didn’t want to screw things up further.

You’re going to have to work with Amazon to get this all cleaned up. Everything is currently handled through them. Cloudflare no longer has anything to do with that domain.

1 Like