New to Cloudflare. Tried to Add DS to Godaddy registrar for a domain but there is not an Algo 13 What to do?
1 Like
I donât see much documentation about DNSSEC at GoDaddy. Youâd have to contact their Support desk for assistance in getting Algorithm 13 configured.
Nope Godaddy says itâs on Cloudflareâs end being that the NS is pointing to them now
DNSSEC still needs to be configured at the registrar. That responsibility is not transferred to Cloudflare with a change of nameservers. You could do that, use Cloudflare as domain registrar, but I canât believe Godaddy doesnât support it⌠maybe, but more likely you got a defective customer support agent.
1 Like
Nope, the chat jockey said itâs on Cloudflare to enter the DS record since the NS has been pointed to CF thereâs no access to the DNS because they are with Cloudflare However 35 bucks for the premium DNS service was an optionâŚ
May I suggest another registrar?
Godaddy is a pretty bad company in the first place.
Thank you. I have already thought about it but when I talked to my client about adding a CDN I assured her that it wasnât a problem. The main issue Iâm having is that the site is giving cacheing errors when testing it.
I put in a ticket but Iâm not getting a response from support. So after searching to resolve the cache problem is when I discovered about having the DS record confirmedâŚI mean this was supposed to be easyâŚNot a great first impression in my opinionâŚbut the again I never set up a CDN this way eitherâŚ
Thatâs patently absurd. Why in the world would you have circular DNSSEC? DNSSEC is the authenticated link between the Domain Registry (tied into by your registrar) and the DNS host (Cloudflare, in this case).
1 Like
Donât know Just repeating what I was told and without paying the 35 bucks for the âpremium DNSâ and whether a âthird partyâ is acceptable was another point I didnt understand.
I have had a nightmare with these people from day one so much that I could write a block buster.
1 Like
At this point, Iâm thinking youâre better off not attempting DNSSEC. Itâs not going to break anything, except put a small tear in your security blanket.
Hereâs a thread from last year. Is their picture what you see at GoDaddy? What are the Algo choices? I donât see any posts here saying it doesnât work.
Iâm unable to get to the english version because it auto-redirects me (even their website doesnât work), but I hope it will do the same for you. In GoDaddyâs docs they literally say the opposite of what the agent said.
Itâs extremely possible they donât support algorithm 13 because they simply donât care.
Here is a Google Translate version from their docs (Che cosâè il protocollo DNSSEC? | Domini - GoDaddy Aiuto IT).
To enable DNSSEC, the zone must be digitally signed by your DNS server. When signing, you create a signing delegation record. Each DS record contains information used by the registry to authenticate using DNSSEC. You can use the DS record and the information it contains to enable DNSSEC for your zone.
Once you have received the DS record information from your DNS provider, you can add a new DS record in your GoDaddy account.
Some info on how to add the DS record to GoDaddy (Aggiungi un record DS | Domini - GoDaddy Aiuto IT).
1 Like
Maybe this is it:
It is, but it still redirects me to the italian version. What if I speak english and Iâm living in Italy? I even have my computer language in English. That is web design 101. You donât select a language based on the IP (unless content is geo-retricted, but even thenâŚ).
UmmmâŚyou DO speak English and live in Italy. 
GoDaddy knows best.
1 Like
I do speak Italian better 
but yeah⌠you got the point.
1 Like
They just dont support it because itâs not there
This is what I get when testing the cache
I know how and where to add the record and the option is even available but there just is no algo 13 it runs on all even numbers (screenshot above)
Then the point of this post is null, either you change registrar or you donât enable DNSSEC.
1 Like
The whole reason I switched to CF is because of the security for my clients online store and for optimizing reasons. If i would have known this I would not have pointed the name servers here.
Then change nameservers, itâs that easy.
1 Like