DNS/DHCP Management Console

Creating a DNS Key

DNS server supports secure updates and secure queries by using TSIG-key mechanism.

The DNS Key Management role consists of tasks that allow you to create, modify, and delete DNS Key objects.
DNS Key provides a means of authentication for dynamic DNS updates and for secured queries to a DNS Server. DNS Key uses shared secret keys as a cryptographically secure means of authenticating a DNS update/query.

To create a DNS Key:

  1. Specify a name to identify the DNS key. The DNS key is associated with zone and server objects using the key id.
  2. Specify the name of the algorithm. Key algorithm is the hashing algorithm used to hash the DNS data.
  3. Specify the Secret Key used by the DNS server to encrypt/decrypt the hashed data. In the below example, Secret-456errt4545= is the Secret Key generated by dnssec-keygen.
    The Secret key provided must be base64 encoded, else the DNS server fails to start.
  4. Specify or browse to select the NDS context.
  5. Click Create. The DNS Key is created in the specified context.
    Example: DNS KeyName-Key1,Algorithm-HMAC-MD5,Key Secret-456errt4545=

Note: DNS Key option is supported for Linux DNS only.


Help Topics

For information on copyright, see Legal Notices.