I have a .leg.br domain It's a government dns domain, in this domain it is mandatory to use dnssec, but they told me I need to configure dnssec in my server to the domain works, main question is: How to enable dnssec on a vps hosting or via cpanel? How do I get DS.NAMESERVER.COM insted of NS.NAMESERVER.COM ?
Due to internal bureaucracy they did't accepted the cloudeflare DNSSEC option because it need to be pointed without dnssec first to next enable dnssec The domain it's already with dnssec enable but they don't give me ownership of the domain they don't even allow me to edit nameservers and things like that, what they told me is that I need to configure DNSSEC in my server and send them the Authoritative records. so this way they will put records in the domain that's the question , How can I enable DNSSEC in my vps. or create a DNSSEC server in my vps?
If you must support DNSSEC, your best bet is to use a DNS hosting service that supports managed DNSSEC. Your VPS hosting service won't be one of them, and cpanel does not support it either, I would expect.
Your choices right now (March 2017) are basically CloudFlare (if it has to be free, and if leg.br registry supports ECDSA DNSSEC keys), or Google Cloud DNS alpha support for DNSSEC. I believe that Verisign offers managed DNSSEC as well, but perhaps only if they are your registrar, and if so I doubt they are able to support .leg.br domains.