Directadmin offers support for DNSSEC. In order to config this you have to edit the zone file, twice. You first to to dns management, search for the domain and click the generate keys button. Then you have to go back and clik the sign button.
You can use the script /usr/local/directadmin/scripts/dnssec.sh but you have to run that twice, first to generate, second to sign. And then you still have to search for the keys in the ksk and vsk files. This script makes that less cumbersome.
#!/bin/bash SCRIPTPATH=/usr/local/directadmin/scripts ZONEPATH=/var/named if [ -z "$1" ] then echo "Usage: "$0" domain" exit fi DOMAIN=$1 $SCRIPTPATH/dnssec.sh keygen $DOMAIN $SCRIPTPATH/dnssec.sh sign $DOMAIN SEC256=`cat $ZONEPATH/$DOMAIN.zsk.key` SEC257=`cat $ZONEPATH/$DOMAIN.ksk.key` echo 'Flag 256 (ZSK)' echo 'Algorithm (RSA/SHA-256)' echo 'Key: ' $SEC256 echo 'Flag 257 (KSK)' echo 'Algorithm (RSA/SHA-256)' echo 'Key: ' $SEC257