Where I can find the DNSSEC values at Google Cloud DNS?

Question

I am looking for the DNSSEC values (Key tag, Algorithm, Digest Type, and Digest) in Google Cloud DNS so that I can create a DS record for my domain in Google Domains.

Answer 1

I assume that you're following Google Domains documentation Set up DNSSEC security and want to configure Google Cloud DNS as your custom name servers.

At first, follow the instruction Managing DNSSEC Configuration to enable DNSSEC. Then, follow the documentation DNSSEC and registrars and activate DNSSEC at registrar side (Google Domains in your case).

After enabling DNSSEC for your zone, you must activate DNSSEC at your registrar. You do this by creating a DS record for your domain in the parent zone, so that resolvers know your domain is DNSSEC-enabled and can validate its data.

You can find required values at REGISTRAR SETUP menu in the top right corner:

which shows you:

In addition, have a look at the community tutorial Activating DNSSEC for Cloud DNS domains:

This tutorial is for DNS domain administrators using Google Cloud DNS who have enabled DNSSEC on the managed zones for their domains. It shows how to activate DNSSEC validation for those domains by adding DS records through their domain registrars. The specifics depend on the domain registrar, and this does not give detailed instructions for all domain registrars. It does have basic instructions and links for the most popular registrars and many others that support DNSSEC.

This tutorial also has instructions for de-activating DNSSEC by removing DS records. This is an essential step you must perform before disabling DNSSEC for Google Cloud DNS.

Answer 2

Using Google Cloud Platform, you can check these settings on Network Service > Cloud DNS > Click your zone or create a new one with DNSSEC turned On > Click Registrar Setup > Click MORE DNSSEC SETTINGS.

For more information about the topic, you can check this official GCP Documentation. [DNSSEC] 1