Configuring DNSSEC DS at GoDaddy

I have registered a couple of domains with Godaddy. example.com works fine when adding DS records, but for example.camera Godaddy does not allow me to choose the correct algorithm (only 8, 13 and 14 available) which the box states I should use, which is 7.

My mailinabox version is 0.17c

Please advise!

This line will need to be modified:

So, if I add "camera" to the list the box will create a digest using the algorithm that is supported by Godaddy?
Am I right?

Thanks a lot!

… Or do I have to run the mailinabox script to make it work?

Running mailinabox is the fastest way to make sure it actually does it, yeah. (I think…)

It’s just that I’ve got a rather complicated setup with owncloud and its apps and the nginx configurations and I don’t want mailinabox to overwrite my changes. Is there a way to limit its capabilities, as such?

You are on your own then.

Ok, after some time, I got a new droplet running, everything’s clean and I’ve modified the file to include "camera". I ran mailinabox but when heading over to the status panel, the domain example.camera still shows algorithm 7! My other domains that I added, such as example.wtf work absolutely fine with DNSSEC, but not .camera. What am I doing wrong?

Try:

sudo tools/dns_update --force
1 Like

Thank you soo much!!! It updated!

One error left now on my status page - the ssh keys error still says that my box permits password-based login, after I created ssh keys and did a PermitPasswordLogin no in ssh_config and restarted it.

You need to search through your entire sshd_config–sometimes settings are in twice and the second one will override. Also, the setting you need to change to no is:
PasswordAuthentication no

You might also consider setting PermitRootLogin to “no” or “without-password”

1 Like

Hi…

I have the same problem with Godaddy, but for example.net.au domains.

Only able to select Algorithm 4 with Godaddy.

I did add the au to the file and it changed from 7 to 8,

Any idea about to makes this work ?

Cheers

If you’re still having problems, in the end, I found it’s much easier to manage the DNS using Cloudflare, as it’s faster (the main reason) and less messy. Be aware, though, that the status page will show errors regarding the DNS (that’s ok, because Cloudflare will handle it). And you can enable DNSSEC through it, as well. There are some threads on here regarding the service.

I am using the .group TLD – I have modified the line as stated.

I have the same issue - at GoDaddy when I select DNSSEC for this domain/TLD, the only Algorithms it offers are 8,13, and 14.

Mailinabox, though, offers 7 as the algorithm. Even after adding “group” to the above, and re-running mailinabox.

Do I have to make a change elsewhere?