My domain manager INWX finally allows me to enter DNSKEYs via the GUI. That's why I tried it right now, but I noticed that DNS-UI does not display the data correctly (therefore the registration was refused).
pdnsutil show-zone example.de.
root@a6d5805beffc:/# pdnsutil show-zone example.de.
May 09 22:34:34 [bindbackend] Done parsing domains, 0 rejected, 0 new, 0 removed
This zone is owned by admin
This is a Native zone
Metadata items:
API-RECTIFY 1
SOA-EDIT-API DEFAULT
Zone has NSEC semantics
keys:
ID = 32 (CSK), flags = 257, tag = 49233, algo = 13, bits = 256 Active ( ECDSAP256SHA256 )
CSK DNSKEY = example.de. IN DNSKEY 257 3 13 zAGHYzC6n2xFYayTKqAhCChHz3fKJ/IUmbLgSANofkxanae0cFkGNKUfh4Sy0Yl9/lPiNLJ3iMhuLMHfqbfUDg== ; ( ECDSAP256SHA256 )
DS = example.de. IN DS 49233 13 1 8d95529a01a5d4eea169c880d1b437013627dda0 ; ( SHA1 digest )
DS = example.de. IN DS 49233 13 2 3c40e11e249b83048264a2b27ce4f0901ee4b91b4e36da27922722cb8d2a4f8a ; ( SHA256 digest )
DS = example.de. IN DS 49233 13 4 a2f9071dca3f7e78a2a63284ac3096c84fa13c5f8f50d7a8f7786a5b6f5f366cb333f089bf0ce6e014f09a4d10390474 ; ( SHA-384 digest )
as you can see the IN is missing in dns-ui (example.de. IN ...), that was the reason why INWX didn't accept my DNSKEY from dns-ui, because it wasn't a correct RR.
It was also nice if the DS Key would be labeled with SHA1, SHA-256 and SHA-384.
My domain manager INWX finally allows me to enter DNSKEYs via the GUI. That's why I tried it right now, but I noticed that DNS-UI does not display the data correctly (therefore the registration was refused).
pdnsutil show-zone example.de.
dns-ui gui
as you can see the IN is missing in dns-ui (example.de. IN ...), that was the reason why INWX didn't accept my DNSKEY from dns-ui, because it wasn't a correct RR.
It was also nice if the DS Key would be labeled with SHA1, SHA-256 and SHA-384.