Closed wiz closed 3 years ago
To configure DNSSEC, you first enable it in the Cloudflare dashboard and then add a DS record at your domain registrar.
I'll do this for all the domains above that are managed under Cloudflare DNS. I'll then assign @ManfredKarrer to take care of the domain registrar part, as he plays the role of Domain Name Owner (bisq-network/roles#77) and is now the only one with access to make such changes.
I have enabled DNSSEC on the bisq.services domain.
Attn @ManfredKarrer: I have just enabled DNSSEC for the bisq.network domain via Cloudflare DNS. You now need to follow the instructions at https://www.namecheap.com/support/knowledgebase/article.aspx/9722/2232/managing-dnssec-for-domains-pointed-to-custom-dns to register the values below with Namecheap. A screenshot from the Cloudflare interface follows, with each of the individual values pasted below.
bisq.network. 3600 IN DS 2371 13 2 29A0443DC8173F7C3A57E58645C0E10FDD0E4B757CDB276020D9AFCBE79F52CD
29A0443DC8173F7C3A57E58645C0E10FDD0E4B757CDB276020D9AFCBE79F52CD
SHA256
13
mdsswUyr3DPW132mOi8V9xESWE8jTo0dxCjjnopKl+GqJxpVXckHAeF+KkxLbxILfDLUT0rAK9iUzy1L53eKGQ==
2371
257 (KSK)
Done.
@ManfredKarrer looks great, just verified it. thank you!
Also done now for bisq.io.
bisq.community has dnssec enabled now. Sorry for the delay, had to change the domain provider.
emzy.de has dnssec now.
Since the last 3 explorers are the ones that don't have DNSSEC, closing per https://github.com/bisq-network/bisq/pull/4791
Finally enabled dnssec for sqrrm.net, thanks for the reminder.
Okay cool... Well, I checked your checkbox, but your legacy BSQ explorer is still retired :)
Yeah, I think I will stop running an explorer. I don't think we need that many and getting mempool up and running, and then keeping it stable, is better left for those of you with more ops experience.
I'll keep running the bitcoin nodes.