DNSSEC: Let’s Go! (Hexonet Edition) Recently, I purchased several new domain names with .gd and .io extensions. While exploring Hexonet’s features, I noticed that they support DNSSEC (Domain Name System Security Extensions). However, I couldn’t find any option to enable it directly through their control panel. After some research, I finally figured out how to activate DNSSEC on Hexonet. Spoiler: It involves using their API. The Process To enable DNSSEC, you’ll need to manually send a command via Hexonet’s API. Here’s how you can do it: Access the Hexonet API Execution Page Open the API tools page at this URL: https://cp.hexonet.net/cp2/index.php/tools/apiaccess Input the API Command Use the following command format to enable DNSSEC for your domain: command = ModifyDomain domain = example.com secDNS-urgent = 1 secDNS-ds0 = [KEYTAG] [ALGORITHM] [DIGEST-TYPE] [DIGEST] Replace the placeholders with the specific DNSSEC values provided by your DNS provider (e.g., Cloudflare). A Quick Note on Digest Types The trickiest part of this setup is figuring out the correct Digest Type. If you’re using Cloudflare, they’ll provide a digest labeled SHA256. However, Hexonet’s system doesn’t directly list "SHA256" as an option. After checking the official documentation, I found that: SHA256 corresponds to 2 in Hexonet’s system. So, for the secDNS-ds0 parameter, make sure to use 2 as the Digest Type. Helpful Resources Here are a couple of resources that helped me understand the process: Hexonet’s DNSSEC Wiki