projects / thirdparty / pdns.git / blame
| Commit | Line | Data |
|---|---|---|
| 0e2063c3 PL |
1 | CryptoKeys endpoint |
| 2 | =================== | |
| 3 | ||
| 4 | .. versionadded:: 4.1.0 | |
| 5 | ||
| 6 | These endpoints allow for the manipulation of DNSSEC crypto material. | |
| 7 | ||
| 8 | .. http:get:: /api/v1/servers/:server_id/zones/:zone_id/cryptokeys | |
| 9 | ||
| 10 | Get all :json:object:`CryptoKeys <CryptoKey>` for a zone, except the privatekey | |
| 11 | ||
| 12 | :param server_id: The name of the server | |
| 13 | :param zone_id: The id value of the :json:object:`Zone` | |
| 14 | ||
| 15 | .. http:post:: /api/v1/servers/:server_id/zones/:zone_id/cryptokeys | |
| 16 | ||
| 17 | This method adds a new key to a zone. | |
| 18 | The key can either be generated or imported by supplying the ``content`` parameter. | |
| 19 | ||
| 43215ca6 PL |
20 | if ``content``, ``bits`` and ``algo`` are null, a key will be generated based |
| 21 | on the :ref:`setting-default-ksk-algorithm` and :ref:`setting-default-ksk-size` | |
| 22 | sttings for a KSK and the :ref:`setting-default-zsk-algorithm` and :ref:`setting-default-zsk-size` | |
| 23 | options for a ZSK. | |
| 24 | ||
| 0e2063c3 PL |
25 | :param server_id: The name of the server |
| 26 | :param zone_id: The id value of the :json:object:`Zone` | |
| 27 | :reqjson string content: The private key to use (The format used is compatible with BIND and NSD/LDNS) | |
| 28 | :reqjson string keytype: Either "ksk" or "zsk" | |
| 29 | :reqjson bool active: If not set the key will not be active by default | |
| 30 | :reqjson int bits: Number of bits in the key (if ``content`` is not set) | |
| 31 | :reqjson int,string algo: The DNSSEC algorithm (if ``content`` is not set), see :ref:`dnssec-supported-algos` | |
| 32 | :statuscode 201: Everything was fine, returns all public data as a :json:object:`CryptoKey`. | |
| 33 | :statuscode 422: Returned when something is wrong with the content of the request. | |
| 34 | Contains an error message | |
| 35 | :resjson string error: Has the error message | |
| 36 | ||
| 37 | .. http:get:: /api/v1/servers/:server_id/zones/:zone_name/cryptokeys/:cryptokey_id | |
| 38 | ||
| 39 | Returns all data about the :json:object:`CryptoKey`, including the ``privatekey``. | |
| 40 | ||
| 41 | :param string server_id: The name of the server | |
| 42 | :param string zone_id: The id value of the :json:object:`Zone` | |
| 43 | :param string cryptokey_id: The id value of the :json:object:`CryptoKey` | |
| 44 | ||
| 45 | .. http:put:: /api/v1/servers/:server_id/zones/:zone_name/cryptokeys/:cryptokey_id | |
| 46 | ||
| 47 | This method (de)activates a key from ``zone_name`` specified by ``cryptokey_id``. | |
| 48 | ||
| 49 | :param string server_id: The name of the server | |
| 50 | :param string zone_id: The id value of the :json:object:`Zone` | |
| 51 | :param string cryptokey_id: The id value of the :json:object:`CryptoKey` | |
| 52 | :reqjson bool active: The new 'active' status of the key | |
| 53 | :statuscode 204: Everything was fine, the key with ``cryptokey_id`` is de/activated. | |
| 54 | :statuscode 422: Returned when something is wrong with the content of the request. | |
| 55 | Contains an error message | |
| 56 | :resjson string error: Has the error message | |
| 57 | ||
| 58 | .. http:delete:: /api/v1/servers/:server_id/zones/:zone_name/cryptokeys/:cryptokey_id | |
| 59 | ||
| 60 | This method deletes a key from ``zone_name`` specified by ``cryptokey_id``. | |
| 61 | ||
| 62 | :param string server_id: The name of the server | |
| 63 | :param string zone_id: The id value of the :json:object:`Zone` | |
| 64 | :param string cryptokey_id: The id value of the :json:object:`CryptoKey` | |
| 65 | :statuscode 200: Everything was fine, the key with ``cryptokey_id`` is gone | |
| 66 | :statuscode 422: Returned when the key could not be removed. | |
| 67 | Contains an error message | |
| 68 | :resjson string error: Has the error message |