cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Helper II

dnssec digest type 4 support

Hi!

I have a VPS I rent from Linode and I have the domain name registered with GoDaddy.   I also purchase a cPanel license (annually) and have cPanel / WHM installed.   I'm running cPanel version 64.0.36.   In cPanel >> DOMAINS >> Zone Editor >> DNSSEC, I see for Digest Type:

1  SHA-1
2  SHA-256
4  SHA-384

However, when I log into GoDaddy and go to my domain and try setting up the DNSSEC record, for Digest Type, I only have the options for 1 and 2, not 4.   Does GoDaddy not support type 4 and if not, is there any chance to get GoDaddy to implement this?

Thanks!

3 REPLIES 3
Helper VI
Helper VI

Re: dnssec digest type 4 support

@SporkSchivago take a look at the DNSSEC FAQ.

 

Hope it helps!

If you find my replies helpful, give me a like or kudo 🙂
And if I solved your issue, mark it as solution 😄
Helper II

Re: dnssec digest type 4 support

@jpablo,

Thank you for the response.   That FAQ doesn't seem to answer my question though.   I see where it talks about the algorithms that DNSSEC supports and how the registrar determines what algorithms they support.

It doesn't seem to mention anything about digest types.   Maybe my question wasn't 100% clear.   Sorry about that.

I currently have DNSSEC properly configured.   It works.   I have PowerDNS installed on my VPS.   I have it configured in narrow mode so it sends out "white lies" and prevents zone walking.  For the algorithm, I'm using type 8 (RSA/SHA-256):
https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml

GoDaddy supports type 8, even though it doesn't seem to list it in the FAQ you pointed me to, because I have successfully configured it on GoDaddy (the registrar) to use type 8.   For the digest type though, I want to use type 4.   I believe type 1 and 2 are mandatory, but type 4 is optional (source: https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml ).

Is there any way to configure it, on the GoDaddy end, to support digest type 4?   If not, does GoDaddy plan on implementing it any time soon.

Thank you and I apologize if I wasn't clear with my question or if I misunderstood something in that FAQ you pointed me to.

Re: dnssec digest type 4 support

I am having the same issue. Cloudflare is giving me SHA-256 but I can't add it to GoDaddy =/