Admin partition support for DNSSEC

In a partitioned NetScaler appliance, the DNS keys that are generated are stored in the following locations:

  • Default partition: /nsconfig/dns/
  • Non-default partition: /nsconfig/partitions/<partitionname>/dns/

You can now add a password to the DNS key. To add a password to the DNS key, you must first add the password in the create dns key  command and then provide the same password in the add dns key  command when adding the DNS key to the NetScaler appliance. For example:

create dns key -zoneName com -keytype ksK -algorithm rsASHA1 -keysize 4096 - fileNamePrefix com.ksk.rsasha1.4096 -password 1jsfd3Wa

add dns key com.zsk.4096 /nsconfig/dns/com.zsk.rsasha1.4096.private -password 1jsfd3Wa

Note:

  • For default partitioned environment, the keys are read from default location/nsconfig/dns/. However, if the keys are stored in a different location, the path name has to be provided in the add dns key –private  command. Example, add dns key –private <path name>.
  • For non-default partitioned environment, the keys are read from the default location/nsconfig/partitions/<partitionname>/dns/.

Admin partition support for DNSSEC

In this article