Use the DNSSEC Validation deployment option in combination with the DNSSEC Trust Anchors deployment option to configure manual DNSSEC validation.
The DNSSEC Validation deployment option with a value of True enables DNSSEC validation using the manually configured trust anchors set in the DNSSEC Trust Anchors deployment option. If there is no configured trust anchor, validation does not take place. This option can be set at the configuration, view, or server levels, and it should be set for any server to which signed zones are deployed.
To set the DNSSEC Validation deployment option:
- Select the Servers tab. Tabs remember the page you last worked on, so select the tab again to ensure you're on the Configuration information page.
- Under Servers, click a server name. The Details tab for the server opens.
- Click the Deployment Options tab.
- Under Deployment Options, click New and select DNS Option.
- From the Option list, select DNSSEC Validation. The fields for the DNSSEC Validation option appear.
- Select the True option. If disabling DNSSEC validation, select the False option.
- Under Change Control, add comments, if required.
- Click Add.