Cryptokeys
Allows for modifying DNSSEC key material via the API.
Endpoints
-
GET
/servers/{server_id}/zones/{zone_id}/cryptokeys
Get all CryptoKeys for a zone, except the privatekey
Parameters: |
- server_id (string) – The id of the server to retrieve
- zone_id (string) – The id of the zone to retrieve
|
Status Codes: |
|
-
POST
/servers/{server_id}/zones/{zone_id}/cryptokeys
Creates a Cryptokey
This method adds a new key to a zone. The key can either be generated or imported by supplying the content parameter. if content, bits and algo are null, a key will be generated based on the default-ksk-algorithm and default-ksk-size settings for a KSK and the default-zsk-algorithm and default-zsk-size options for a ZSK.
Parameters: |
- server_id (string) – The id of the server to retrieve
- zone_id (string) –
|
Status Codes: |
|
-
GET
/servers/{server_id}/zones/{zone_id}/cryptokeys/{cryptokey_id}
Returns all data about the CryptoKey, including the privatekey.
Parameters: |
- server_id (string) – The id of the server to retrieve
- zone_id (string) – The id of the zone to retrieve
- cryptokey_id (string) – The id value of the CryptoKey
|
Status Codes: |
|
-
PUT
/servers/{server_id}/zones/{zone_id}/cryptokeys/{cryptokey_id}
This method (de)activates a key from zone_name specified by cryptokey_id
Parameters: |
- server_id (string) – The id of the server to retrieve
- zone_id (string) –
- cryptokey_id (string) – Cryptokey to manipulate
|
Status Codes: |
|
-
DELETE
/servers/{server_id}/zones/{zone_id}/cryptokeys/{cryptokey_id}
This method deletes a key specified by cryptokey_id.
Parameters: |
- server_id (string) – The id of the server to retrieve
- zone_id (string) – The id of the zone to retrieve
- cryptokey_id (string) – The id value of the Cryptokey
|
Status Codes: |
|
Objects
-
Cryptokey
Describes a DNSSEC cryptographic key
Object Properties: |
|
- type (string) – set to “Cryptokey”
- id (integer) – The internal identifier, read only
- keytype (string) –
- active (boolean) – Whether or not the key is in active use
- published (boolean) – Whether or not the DNSKEY record is published in the zone
- dnskey (string) – The DNSKEY record for this key
- ds ([string]) – An array of DS records for this key
- cds ([string]) – An array of DS records for this key, filtered by CDS publication settings
- privatekey (string) – The private key in ISC format
- algorithm (string) – The name of the algorithm of the key, should be a mnemonic
- bits (integer) – The size of the key
|