DnsEditor
Multi-Provider DNS Zone Editor. Manage your DNS zones across Cloudflare, AWS Route 53, Google Cloud DNS, and BIND9 servers — all from a single native app on your Mac, iPhone, or iPad.
Designed for system administrators, DevOps engineers, and anyone who manages DNS across multiple providers.
Connect to Cloudflare, AWS Route 53, Google Cloud DNS, or your own BIND9 servers — all from one app.
Create and edit A, AAAA, CNAME, DS, MX, TLS, TXT, SRV, SSHFP, NS, PTR, and CAA records with intuitive type-specific editors.
View DNSSEC status at a glance, inspect DS and DNSKEY records, and verify delegation signer configurations.
Generate and verify TLSA/SSHFP records for DANE and ssh by fetching certificates directly from your servers.
Validate DS records against published DNSKEY records to ensure proper DNSSEC delegation.
Auto-hides complex DNSSEC chain records (RRSIG, NSEC) while displaying the records you need to manage.
Configure multiple DNS providers and switch between them effortlessly. Mix cloud and self-hosted DNS.
Manage your zones from anywhere — with a clean interface designed for Apple platforms.
After entering your TSIG credentials, tap "Test Key" to send a signed query to the server and verify the key is accepted — before saving the provider. The app validates Base64 format and key length against the selected algorithm in real time.
The TSIG authentication section now provides dedicated fields for key name, algorithm, and secret, making it easier to enter credentials directly. Import from a BIND key file is still available via a disclosure group.
All editor sheets on macOS are now presented as resizable panel windows. Resize the provider editor, record editor, DS chain validation, and scanner windows to suit your workflow.
The LOC record editor now features a "Fuzz" button to randomise coordinates within a configurable radius, and a live map preview that updates as you edit.
Scan all A/AAAA hosts in a zone for TLS certificates and generate or update TLSA records (DANE-EE 3 1 1). Review results before applying, with automatic detection of new, changed, and unchanged records.
Scan all hosts for SSH keys and manage SSHFP records across the entire zone. Detects new keys, orphaned records for removed hosts, and fingerprint changes with man-in-the-middle warnings requiring explicit confirmation.
The LOC record editor now includes a "Current Location" button to auto-fill coordinates from your device. The QuickLook viewer shows a map preview with the location pinned.
Zone scanners, DS chain validation, undo history, and refresh are consolidated into a single overflow menu on iOS, keeping the toolbar clean on smaller screens.
Preview read-only records without leaving the record list. On macOS, a floating panel keeps keyboard focus on the main window. On iPad, use arrow keys or toolbar buttons. On iPhone, use the navigation buttons.
View a KSK DNSKEY record and copy a ready-to-use DS record (SHA-256) to the clipboard for pasting into your registrar's control panel.
All records now show a "View" option in the context menu (long press or right-click), making it easy to preview any record in QuickLook mode.
The record type filter menu is now sorted alphabetically, making it easier to find specific record types like AAAA right after A.
Full IDN support with Punycode encoding. Domains like "høsteng.no" display in Unicode while automatically encoding to "xn--hsteng-bya.no" for DNS operations.
Improved record management using Google's Changes API for more reliable create, update, and delete operations.
AAAA records now display IPv6 addresses in compressed format (e.g., ::1 instead of 0:0:0:0:0:0:0:1) for easier reading.
DNSSEC-signed zones hosted on Cloudflare, Route 53, and Google Cloud DNS are now correctly detected and display the DNSSEC badge.
Toolbar buttons on iPad now display directly in the toolbar without requiring an overflow menu.