Tag Archives: SIGNZONE

Configuring DNSSEC on EL6 and bind 9

It looks like there isn’t much in the way of documentation to step people through enabling DNSSEC on their Scientific Linux 6 / CentOS 6 / RHEL6 servers – so as I normally do, I’ve decided to write a quick howto based on MANY searches and trial and error.

1) Firstly, we need to enable dnssec in /etc/named.conf. This will enable the DNSSEC feature set in bind. Check you have the following, or add it if it doesn’t exist:
options {
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
}