No DS records found in "website" in the com zone

How do I resolve this issue. Thanks.
No DS records found in “website” in the com zone

You need to complete the DNSSEC setup at your registrar’s with the values provided by Cloudflare on the DNS page.

3 Likes

Hi , thanks for the help.I am not all that versed in this subject.My domain is registered with Tucows and hope that they can solve this problem.

Somewhere in their control panel you’ll find the DNSSEC configuration. There you’ll need to enter the values provided by Cloudflare or disable DNSSEC. If you disable it, you should disable it on Cloudflare too.

If you login to the cloudflare dashboard and select the DNS app for your domain, you’ll see a message indicating DNSSEC is pending while we wait for the DS to be added to your registrar. This usually takes ten minutes, but can take up to an hour., if you click DS Record to the right and below that message, you’ll see the values that you need to enter.

Good Morning,
Thank you for the information.I am sorry but my computer knowledge is limited.I have the DS Record but do not know what to do with it.Do I need to contact someone to do this or is there a way of doing this ?I do not know where to go to enter this information.
Regards.
Frank


2 Likes

Thank You.Do I have to transfer my domain to Cloudfare before I can do as you suggest?

No, that’s absolutely not transfer related. As I mentioned, you need to change this at your registrar’s. If it’s not clear how to change it, open a support ticket with them and they should be able to clarify that.

I reached out to my registrar and this is the response I received.Hi there Frank!

The DNSSEC settings are something that we simply do not support and there is no access to add these settings. As we discussed, there are cases where third party domains are transferred to us,with this enabled and we would need to remove it, this is as far as our scope of support for this feature goes.

You can have your domain hosted by a third party provider and simply point it to our business name. If this is something you would like to do, you would have to transfer your domain to a another provider in order to enable these settings.Let me know if you want to do so ,so that I can provide you access to do so.

As mentioned before, you should disable DNSSEC on Cloudflare in this case.

Please be patient with me.
The reason that I am asking all these questions, in regard to DNSSEC,is that my Google business advertising account has been suspended. It is a Google business requirement that the DNSSEC be verified.How is disabling it going to help in this situation?Respectfully, Frank

For starters, it would surprise me if Google had such a requirement.

But even if they do, your registrar does not support it, so you have no other choice, except for transferring to a registrar which supports it.

I am just as surprised as you.
Thank You for all the help.Much appreciated

I’d clarify with Google if that really is their requirement and if it is, you can only transfer the domain. Though it would also surprise me if Tucows did not support it, as DNSSEC is mandatory for .com registrars.

Good point about Tucows.This experiance is mind boggling for me.
This is the notice in regard to DNSSEC/Domains that I received from Google:

11) DNSSEC

Your DNSSEC is unverified and recommend you verify it. To learn more: DNSSEC – What Is It and Why Is It Important? - ICANN
If your current provided does not allow you to set this up. Consider using Cloudflare.

More info: DNSSEC Protection | Provision and manage DNSSEC with Cloudflare | Cloudflare UK

Test: DNSSEC Analyzer - hopefordstreams.com

12) Domain Expiry Date

Your domain expires in 2021. I recommend increasing the trust factor is to extend this to the current maximum length, which is 10 years. Get in touch with your domain registrar for information on how to do this.

If your current provider does not allow you to set this up. Consider using Cloudflare.

More info: Cloudflare Registrar | New Domain Registration | Cloudflare UK

That reads like a recommendation, not a requirement.

And yes, having DNSSEC is not a bad idea, but it’s not a must either. You really best clarify this once more with your registrar I am afraid.

Thank You

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.