HI,
We have 2 server 2012 that we are going to use them as NS1 and NS2 for some 100 domains that is accessble from internet and we want to use DNSSEC for some of these domains, If I understod the configuration I have to enable the DNSSEC for the zones that I want then share the c:\windows\system32\dns then import the DNS keys to the second name servers and then export the key for each zone and give this key to the domain registrar of the domain.
for example,
I have a primery zone on the ns1 that called mycompany.com, I have to enable the DNSSEC for this zone then export this key to the nss that host the secondry zone for mycompany.com then import the key for the secondery zone then give the same key to the ISP that register the mycompany.com domain is this correct?
or just enable the DNSSEC for the mycompany.com primery zone and then give this key to the domaion registrar, if so then what is going to be configure for the ns2?
Thanks
Shahin