You can perform an emergency key rollover at the DNS zone or reverse zone level, or for one or both DNSSEC keys.
After performing an emergency key rollover, you must deploy the configuration to re-sign the zone on your servers.
All Keys
Performing the rollover at the zone or reverse zone level affects all keys in the zone.
To perform an emergency rollover for all keys in a zone:
- Select the DNS tab or IPAM tab in the sidebar and navigate to the DNS zone or reverse zone.
- Select the DNSSEC tab.
- Select .
- Review the object IDs of the keys for the rollover.
- In the Change control section, add comments if required.
- Select Confirm.