dnssec template¶
template Settings
template Specification¶
Type Collection Object Key(s) dnssec-temp-name Collection Name template-list Collection URI /axapi/v3/dnssec/template Element Name template Element URI /axapi/v3/dnssec/template/{dnssec-temp-name} Element Attributes template_attributes Schema template schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/dnssec/template | ||
Create List | POST | /axapi/v3/dnssec/template | ||
Get Object | GET | /axapi/v3/dnssec/template/{dnssec-temp-name} | ||
Get List | GET | /axapi/v3/dnssec/template | ||
Modify Object | POST | /axapi/v3/dnssec/template/{dnssec-temp-name} | ||
Replace Object | PUT | /axapi/v3/dnssec/template/{dnssec-temp-name} | ||
Replace List | PUT | /axapi/v3/dnssec/template | ||
Delete Object | DELETE | /axapi/v3/dnssec/template/{dnssec-temp-name} |
template-list¶
template-list is JSON List of template attributes
template-list : [
]
template attributes¶
algorithm
Description ‘RSASHA1’: RSASHA1 algorithm; ‘RSASHA256’: RSASHA256 algorithm; ‘RSASHA512’: RSASHA512 algorithm;
Type: string
Supported Values: RSASHA1, RSASHA256, RSASHA512
combinations-limit
Description the max number of combinations per RRset (Default value is 31)
Type: number
Range: 1-65535
dnskey-ttl-k
Description The TTL value of DNSKEY RR
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
dnskey-ttl-v
Description in seconds, 14400 seconds by default
Type: number
Range: 1-864000
Default: 14400
dnssec-temp-name
Description DNSSEC Template Name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
dnssec-template-ksk
Description: dnssec-template-ksk is a JSON Block. Please see below for dnssec-template-ksk
Type: Object
dnssec-template-zsk
Description: dnssec-template-zsk is a JSON Block. Please see below for dnssec-template-zsk
Type: Object
enable-nsec3
Description enable NSEC3 support. disabled by default
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
hsm
Description specify the HSM template
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/hsm/template
return-nsec-on-failure
Description return NSEC/NSEC3 or not on failure case. return by default
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
signature-validity-period-k
Description The period that a signature is valid
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
signature-validity-period-v
Description in days, 10 days by default
Type: number
Range: 5-30
Default: 10
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
dnssec-template-ksk¶
Specification Type object ksk-keysize-k
Description Specify the number of bits in the DNSSEC KSK keys
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ksk-keysize-v
Description Default size is 2048 and must be an exact multiple of 64
Type: number
Range: 1024-4096
ksk-lifetime-k
Description Set the lifetime for DNSSEC KSK keys in days
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ksk-lifetime-v
Description Default value is 365 days
Type: number
Range: 2-3650
ksk-rollover-time-k
Description Set the rollover time in days
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
zsk-rollover-time-v
Description 7 days less than the lifetime by default
Type: number
Range: 1-3650
Default: 358
dnssec-template-zsk¶
Specification Type object zsk-keysize-k
Description Specify the number of bits in the DNSSEC ZSK keys
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
zsk-keysize-v
Description Default size is 2048 and must be an exact multiple of 64
Type: number
Range: 1024-4096
zsk-lifetime-k
Description Set the lifetime for DNSSEC ZSK keys in days
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
zsk-lifetime-v
Description Default value is 90 days
Type: number
Range: 2-3650
Default: 90
zsk-rollover-time-k
Description Set the rollover time in days
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
zsk-rollover-time-v
Description 7 days less than the lifetime by default
Type: number
Range: 1-3650
Default: 83