Model:
I have my domain registered in provider subreg.cz and he have ability of DNSSEC. I am pointing domain to AWS Route 53 with AWS nameservers. Trying setup DNSSEC on DNS records. Without any success.
Why I am doing it?
I have for domain ALIAS on AWS Cloudfront with offered certificate.
I want enable DNSSEC for this ALIAS and don't know what is the best way without loosinng possibility of Certificate.
Can you please, share your suggestions, how I can achieve solution?
Sadly, Amazon AWS' Route 53 service does not, currently, support your workflow.
Route 53 supports DNSSEC for domain registration but does not support DNSSEC for DNS service.(from AWS Route 53 Support docs)