dnssec template

template Settings

template Specification

Type Collection
Object Key(s) dnssec-temp-name
Collection Name template-list
Collection URI /axapi/v3/dnssec/template/
Element Name template
Element URI /axapi/v3/dnssec/template/{dnssec-temp-name}
Element Attributes template_attributes
Schema template schema

Operations Allowed:

Operation Method URI Payload

Create Object

POST

/axapi/v3/dnssec/template/

template Attributes

Create List

POST

/axapi/v3/dnssec/template/

template Attributes

Get Object

GET

/axapi/v3/dnssec/template/{dnssec-temp-name}

template Attributes

Get List

GET

/axapi/v3/dnssec/template/

template-list

Modify Object

POST

/axapi/v3/dnssec/template/{dnssec-temp-name}

template Attributes

Replace Object

PUT

/axapi/v3/dnssec/template/{dnssec-temp-name}

template Attributes

Replace List

PUT

/axapi/v3/dnssec/template/

template-list

Delete Object

DELETE

/axapi/v3/dnssec/template/{dnssec-temp-name}

template Attributes

template-list

template-list is JSON List of template Attributes

template-list : [

template Attributes

algorithm

Description: ‘RSASHA1’: RSASHA1 algorithm; ‘RSASHA256’: RSASHA256 algorithm; ‘RSASHA512’: RSASHA512 algorithm;

Type: string

Supported Values: RSASHA1, RSASHA256, RSASHA512

combinations-limit

Description: the max number of combinations per RRset (Default value is 31)

Type: number

Range: 1-65535

dnskey-ttl-k

Description: The TTL value of DNSKEY RR

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

dnskey-ttl-v

Description: in seconds, 14400 seconds by default

Type: number

Range: 1-864000

Default: 14400

dnssec-temp-name

Description: DNSSEC Template Name

Type: string

Required: Yes

dnssec-template-ksk

Description: dnssec-template-ksk is a JSON Block . Please see below for dnssec-template-ksk

Type: Object

dnssec-template-zsk

Description: dnssec-template-zsk is a JSON Block . Please see below for dnssec-template-zsk

Type: Object

enable-nsec3

Description: enable NSEC3 support. disabled by default

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

hsm

Description: specify the HSM template

Type: string

Reference Object: /axapi/v3/hsm/template

return-nsec-on-failure

Description: return NSEC/NSEC3 or not on failure case. return by default

Type: boolean

Supported Values: true, false, 1, 0

Default: 1

signature-validity-period-k

Description: The period that a signature is valid

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

signature-validity-period-v

Description: in days, 10 days by default

Type: number

Range: 5-30

Default: 10

user-tag

Description: Customized tag

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

dnssec-template-ksk

Specification
Type object

ksk-keysize-k

Description: Specify the number of bits in the DNSSEC KSK keys

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ksk-keysize-v

Description: Default size is 2048 and must be an exact multiple of 64

Type: number

Range: 1024-4096

ksk-lifetime-k

Description: Set the lifetime for DNSSEC KSK keys in days

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ksk-lifetime-v

Description: Default value is 365 days

Type: number

Range: 2-3650

ksk-rollover-time-k

Description: Set the rollover time in days

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

zsk-rollover-time-v

Description: 7 days less than the lifetime by default

Type: number

Range: 1-3650

Default: 358

dnssec-template-zsk

Specification
Type object

zsk-keysize-k

Description: Specify the number of bits in the DNSSEC ZSK keys

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

zsk-keysize-v

Description: Default size is 2048 and must be an exact multiple of 64

Type: number

Range: 1024-4096

zsk-lifetime-k

Description: Set the lifetime for DNSSEC ZSK keys in days

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

zsk-lifetime-v

Description: Default value is 90 days

Type: number

Range: 2-3650

Default: 90

zsk-rollover-time-k

Description: Set the rollover time in days

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

zsk-rollover-time-v

Description: 7 days less than the lifetime by default

Type: number

Range: 1-3650

Default: 83