if DNSSEC was signed before DNS is disabled, it should be re-signed with the same keys when DNS is re-enabled.
it should be standard practice to check whether or not the DNSSEC is signed before disabling DNS so that DNSSEC can be re-signed after re-enabling DNS.
A better option would be for Plesk Panel to automatically recognize if DNSSEC was signed before DNS is disabled and then re-signing with the same keys when DNS is re-enabled. If this isn't a possibility, the next best thing would be, if DNSSEC is signed, to provide a warning to the user in the form of a confirmation prompt saying something to the effect that "doing this will unsign DNSSEC and you will need to manually re-enable DNSSEC for the domain. Do you wish to continue?".
This came up as an issue, not just because I had DNSSEC enabled, but because it was preventing me from being able to issue a Let's Encrypt certificate for the domain.
![](https://secure.gravatar.com/avatar/b2f4ff380473495e833a9235b8a36a7e?size=40&default=https%3A%2F%2Fassets.uvcdn.com%2Fpkg%2Fadmin%2Ficons%2Fuser_70-6bcf9e08938533adb9bac95c3e487cb2a6d4a32f890ca6fdc82e3072e0ea0368.png)
Thank you for your input! We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
--
IG