Resolution Issues for .de Domains

Incident Report for Cloudflare

Resolved

This incident has been resolved.
Posted May 06, 2026 - 15:09 UTC

Update

We have removed our mitigations and we are monitoring the results.
Posted May 06, 2026 - 12:40 UTC

Monitoring

The issue has been identified as a DNSSEC signing problem at DENIC, the organization responsible for the .DE top-level domain. Cloudflare has temporarily disabled DNSSEC validation for .de domains on 1.1.1.1 resolver (as per RFC 7646) in order to allow .DE names to continue to resolve. DNSSEC validation will be re-enabled when the signing problems at DENIC are known to have been resolved.

See RFC 7646 for more details:
https://datatracker.ietf.org/doc/html/rfc7646
Posted May 05, 2026 - 22:37 UTC

Update

We are continuing to work on a fix for this issue.
Posted May 05, 2026 - 22:14 UTC

Update

We are continuing to work on a fix for this issue.
Posted May 05, 2026 - 22:07 UTC

Update

The issue has been identified as a DNSSEC signing problem at DENIC, the organization responsible for the .DE top-level domain. Cloudflare is temporarily disabling DNSSEC validation for .de domains on 1.1.1.1 resolver (as per RFC 7646) in order to allow .DE names to continue to resolve. DNSSEC validation will be re-enabled when the signing problems at DENIC are known to have been resolved.

See RFC 7646 for more details:
https://datatracker.ietf.org/doc/html/rfc7646
Posted May 05, 2026 - 22:01 UTC

Identified

The issue has been identified and a fix is being implemented.
Posted May 05, 2026 - 21:20 UTC

Investigating

We are observing issues with authoritative resolution for the .de TLD.
Posted May 05, 2026 - 21:17 UTC
This incident affected: Cloudflare Sites and Services (Recursive DNS).
Current Status Powered by Atlassian Statuspage