Table of Contents

Function

The DNSSecKeyRollover task renews the KSK key (key signing key) of a DNSSEC-signed domain.
The KSK is automatically transmitted to the registry. A key rollover may be necessary for operational reasons or for security reasons if one or more keys have been compromised.

The last key rollover of a domain can be displayed with DNSSEC Info. With DNSSEC List the key rollovers of all domains signed with DNSSEC can be displayed.

The last key rollover of a domain can be inquired with DNSSEC Info. With DNSSEC List the key rollovers of all domains signed with DNSSEC can be inquired.

Description

Route: PUT ​/domain/{name}/_autoDnssecKeyRollover
There is no need to send a body with it.

Request 
{
}
Response 
{
    "stid": "20210423-app-14965",
    "status": {
        "code": "N0120002",
        "text": "The DNSSEC key rollover was startet successfully.",
        "type": "NOTIFY"
    },
    "object": {
        "type": "AutoDnssec",
        "value": "example.com"
    },
    "data": [
        {
            "created": "2021-04-23T12:22:19.605+0200",
            "updated": "2021-04-23T12:22:19.605+0200",
            "owner": {
                "context": 4,
                "user": "customer"
            },
            "updater": {
                "context": 4,
                "user": "customer"
            },
            "status": "NOT_SET",
            "execution": "2021-04-23T12:22:19.000+0200",
            "id": 4307991758
        }
    ]
}

Task code: 0120002
Uses Auto_DNSSEC object

Request 
<request>
	<auth>
		<user>customer</user>
		<context>4</context>
		<password>password</password>
	</auth>
	<owner>
		<user>customer2</user>
		<context>4</context>
	</owner>
	<task>
		<code>0120002</code>
		<auto_dnssec>
			<name>example.com</name>
		</auto_dnssec>
	</task>
</request>
Response 
<response>
	<result>
		<data>
			<auto_dnssec_job>
				<job>
					<id>3603918</id>
					<status>NOT_SET</status>
				</job>
			</auto_dnssec_job>
		</data>
		<status>
			<code>N0120002</code>
			<text>The DNSSEC key rollover was startet successfully.</text>
			<type>notify</type>
			<object>
				<type>auto_dnssec</type>
				<value>example.com</value>
			</object>
		</status>
	</result>
	<stid>20150702-app-282</stid>
</response>