Using dnssec with cloudflare as my registrar but with my own DNS servers

reading the documentation, it is not clear to me if this is feasible.

I gather that if I want to use the “managed” cloudflare dnssec, I need to use cloudflare as my authoritative nameserver.

if not, the documentation says I need to add a DS record to my registrar… which is cloudflare.
there is a step for every registrar but not for cloudflare itself…

please enlight me!

I added my dns record type : DS sha256 (dset)… but from what I understand, it is cloudflare as a registrar that should send it to the tdl zone above (.net in my case)

It is probably fine and I am being impatient, I believe by activating the managed option (as a trial error), cloudflare must have created other dnssec records that stayed in the global dns cache…

aaarrrggg cannot use my own dns servers, the horror!

this is not a typical registrar!!! it is a “forced” managed dns service… I was coming from aws/route53 (which was my registrar) it was also managed… but you still had the option to only use the domain service and redirect to the nameserver of your choice… for less than 200$/month!!!

I should have read the terms and conditions better… seems like this one is on me.

1 Like

Cloudflare is a bit odd here. Even on the Business plan you can’t change the nameservers to point elsewhere, rather, you can have a custom name for your nameservers hosted at Cloudflare.

more like dns branding?

Pretty much. is an example, take a look at the dig output.

I see… thanks for your reply… I’ll wait my 60 days and will see my next move…

1 Like

Unfortunately that’s all you can do. Or just stick with it and see if you can get things going to your satisfaction.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.