Applying a DNSSEC signing policy to a forward zone - BlueCat Integrity - 9.4.0

Address Manager Administration Guide

Product name
BlueCat Integrity

Link a created signing policy to a DNS forward zone.

To apply a DNSSEC signing policy to a DNS forward zone:

  1. From the configuration drop-down menu, select a configuration.
  2. Select the DNS tab. Tabs remember the page you last worked on, so select the tab again to ensure you're on the Configuration information page.
  3. Under DNS Views, click the name of a DNS view. The Top Level Domains section opens.
  4. Under Top Level Domains, click the name of a top level domain. The Sub Zones section opens.
  5. Click the DNSSEC tab. The Zone Signing, Zone Signing Keys, and Key Signing Keys sections appear.
  6. Under Zone Signing, click Configure Zone Signing.
  7. Select the Signed check box.
  8. From the Signing Policy drop-down menu, select a DNSSEC signing policy.
  9. Click Update.
  10. Configure DNSSEC deployment options if needed prior to deploying DNS service. For details, refer to Configuring a DNSSEC validating server.
  11. Deploy DNS service with your DNSSEC signing policy.