This documentation is the development version for the upcoming release.

Only changes which apply to the next release should be made here. Corrections may need to be made here and in any already published documentation versions.

The documentation for the latest release is available at the current documentation home.

Skip to end of metadata
Go to start of metadata



The OpenDNSSEC documentation gives information on how to install, configure, and run OpenDNSSEC. There might still remain some questions, so we try to reflect them in our a growing list of frequently asked questions.

Remember that you also need an HSM, which uses the PKCS#11 interface. We do provide the SoftHSM, a software-only implementation of an HSM. Read the HSM Buyer’s Guide for more information and consult the list of HSM vendors.

This documentation is for the 2.0 release of OpenDNSSEC


The goal of OpenDNSSEC is to have a complete DNSSEC zone signing system which maintains stability and security of signed domains. DNSSEC adds many cryptographic concerns to DNS; OpenDNSSEC automates those to allow current DNS administrators to adopt DNSSEC. This document provides DNS administrators with the necessary information to get the system up and running with a basic configuration.




A PDF version is available on our Downloads page, along with instructions on how to export selected pages.

  • No labels