Configuring a DNSSEC Zone

In this scenario, the zone companyabc.com will be encrypted. The zone is unsecured to start and contains several records, shown in Figure 10.18.

Image

Figure 10.18. Unsecured DNS zone.

The DNSSEC configuration and management is done using the DNS Manager utility. To sign a DNS zone, follow these steps:

1. Launch Server Manager from a Windows 2012 server with a full GUI.

2. Select the DNS section. The list of servers in the server pool with the DNS role installed will be shown.

3. Right-click the DNS server to configure and select DNS Manager.

4. Select the DNS server name to configure.

5. Select the Forward Lookup Zones node. ...

Get Windows Server® 2012 Unleashed now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.