Cryptokeys

New in version 4.1.0.

Allows for modifying DNSSEC key material via the API.

Endpoints

GET /servers/{server_id}/zones/{zone_id}/cryptokeys

Get all CryptoKeys for a zone, except the privatekey

Parameters:

• server_id (string) – The id of the server to retrieve
• zone_id (string) – The id of the zone to retrieve

Status Codes:

• 200 OK – List of Cryptokey objects Returns: array of Cryptokey objects

POST /servers/{server_id}/zones/{zone_id}/cryptokeys

Creates a Cryptokey

This method adds a new key to a zone. The key can either be generated or imported by supplying the content parameter. if content, bits and algo are null, a key will be generated based on the default-ksk-algorithm and default-ksk-size settings for a KSK and the default-zsk-algorithm and default-zsk-size options for a ZSK.

Parameters:

• server_id (string) – The id of the server to retrieve
• zone_id (string) –

Status Codes:

• 201 Created – Created Returns: Cryptokey object

GET /servers/{server_id}/zones/{zone_id}/cryptokeys/{cryptokey_id}

Returns all data about the CryptoKey, including the privatekey.

Parameters:

• server_id (string) – The id of the server to retrieve
• zone_id (string) – The id of the zone to retrieve
• cryptokey_id (string) – The id value of the CryptoKey

Status Codes:

• 200 OK – Cryptokey Returns: Cryptokey object

PUT /servers/{server_id}/zones/{zone_id}/cryptokeys/{cryptokey_id}

This method (de)activates a key from zone_name specified by cryptokey_id

Parameters:

• server_id (string) – The id of the server to retrieve
• zone_id (string) –
• cryptokey_id (string) – Cryptokey to manipulate

Status Codes:

• 204 No Content – OK
• 422 Unprocessable Entity – Returned when something is wrong with the content of the request. Contains an error message

DELETE /servers/{server_id}/zones/{zone_id}/cryptokeys/{cryptokey_id}

This method deletes a key specified by cryptokey_id.

Parameters:

• server_id (string) – The id of the server to retrieve
• zone_id (string) – The id of the zone to retrieve
• cryptokey_id (string) – The id value of the Cryptokey

Status Codes:

• 204 No Content – OK
• 422 Unprocessable Entity – Returned when something is wrong with the content of the request. Contains an error message

Objects

Cryptokey

Describes a DNSSEC cryptographic key

Object Properties:  

• type (string) – set to “Cryptokey”
• id (integer) – The internal identifier, read only
• keytype (string) –
• active (boolean) – Whether or not the key is in active use
• published (boolean) – Whether or not the DNSKEY record is published in the zone
• dnskey (string) – The DNSKEY record for this key
• ds ([string]) – An array of DS records for this key
• privatekey (string) – The private key in ISC format
• algorithm (string) – The name of the algorithm of the key, should be a mnemonic
• bits (integer) – The size of the key