Will I be able to use DNSSEC? My DNS records are currently on route53 with AWS

lane.c.wagner · September 17, 2018, 1:02pm

I want to secure my DNS using DNSSEC. I want to secure my domain (ogdolo.com) where my react app is served from an s3 bucket over cloudfront. I also want to secure my subdomain (opencap.ogdolo.com) which is the endpoint for my aws lambda functions. And finally I want to secure a SRV record hosted by route53 (_opencap._tcp.ogdolo.com)

Currently I am on route53 like I said, but I will migrate to wherever I need to fix these problems. At first I thought I could do it through Cloudflare but I’m not sure…

martin2 · September 17, 2018, 6:09pm

Yes, you can leave your domain with Amazon Route 53 being your registrar and point the nameservers to Cloudflare for DNS.

Both support DNSSEC, so that should work just fine.

Make sure you update the nameservers first, wait till it is propagated - and only then configure DNSSEC.

lane.c.wagner · September 19, 2018, 2:40am

This worked except for that the SRV record is supposed to point to opencap.ogdolo.com, but when I query it it returns dc-0fe891bdb83f.ogdolo.com (this happened after I configured DNSSEC) The google API says that DNSSEC is working… idk why it seems to be encrypting the subdomain though!

system · October 19, 2018, 2:40am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.