For a long time, SHA-1 hash algorithms are considered non-secure. The bit-length is insufficient for the current computer power. In January 2020, researchers described an attack that has the potential for dangerous and far-reaching consequences in the DNS ecosystem.Continue reading “SHA-1 DNSSEC algorithms disabled”
By default, the PowerDNS api comes with it’s own built in web server and API endpoint, which listens on port 8081. This is not a problem if you use it on your internal trusted network, or if you just need to get something up quickly and don’t care about security. But if you want to access the API for example over the internet, it’s a good idea to use a more secure solution.
This blog post will detail how to wrap your PowerDNS webserver/API with SSL using the Nginx web server as a reverse proxy.Continue reading “Configuring SSL for PowerDNS api”
We are making great progress on a brand new application, build from the ground up. For easier deployment we changed architecture as well.Continue reading “Wanted! Beta testers”
Hi there, great news from DNSSEC Script: We have build a native Linux DNSSEC agent for direct communication with PowerDNS and the DNSSEC-Script.com backend.
Do you already have a PowerDNS cluster?
Install this DNSSEC Agent on your master server and it will do all the DNSSEC signing and key processing for you. Continue reading “Native Linux DNSSEC Agent”
Yesterdag on october 11th 2017 would have been the date for a key rollover. ICANN, the organisation who controls the root of the DNSSEC trust tree, however postponed this key rollover until further notice. This is because they see that about 5% of all resolvers still use the old key, and doing a rollover breaks DNS resolving. Continue reading “ICANN key rollover postponed”
Today we are going to install our first node of a PowerDNS cluster. This node is going to be the Master, this means this server will host the MySQL/MariaDB master and this server will do the DNSSEC signing. Continue reading “Install PowerDNS Cluster Part 1”
Welcome to our blog page, today this website is born, we are working on it.