Skip to content

dnskey

Configuration for dns key resource.

Properties

(click to see Operations)

NameData TypePermissionsDescription
keyname<String>Read-writeName of the public-private key pair to publish in the zone.
Minimum length = 1
publickey<String>Read-writeFile name of the public key.
privatekey<String>Read-writeFile name of the private key.
expires<Double>Read-writeTime period for which to consider the key valid, after the key is used to sign a zone.
Default value: 120
Minimum value = 1
Maximum value = 32767
units1<String>Read-writeUnits for the expiry period.
Default value: DAYS
Possible values = MINUTES, HOURS, DAYS
notificationperiod<Double>Read-writeTime at which to generate notification of key expiration, specified as number of days, hours, or minutes before expiry. Must be less than the expiry period. The notification is an SNMP trap sent to an SNMP manager. To enable the appliance to send the trap, enable the DNSKEY-EXPIRY SNMP alarm.
Default value: 7
Minimum value = 1
Maximum value = 32767
units2<String>Read-writeUnits for the notification period.
Default value: DAYS
Possible values = MINUTES, HOURS, DAYS
ttl<Double>Read-writeTime to Live (TTL), in seconds, for the DNSKEY resource record created in the zone. TTL is the time for which the record must be cached by the DNS proxies. If the TTL is not specified, either the DNS zone's minimum TTL or the default value of 3600 is used.
Default value: 3600
Minimum value = 0
Maximum value = 2147483647
password<String>Read-writePassphrase for reading the encrypted public/private DNS keys.
Minimum length = 1
zonename<String>Read-writeName of the zone for which to create a key.
Minimum length = 1
keytype<String>Read-writeType of key to create.
Default value: NS_DNSKEY_ZSK
Possible values = KSK, KeySigningKey, ZSK, ZoneSigningKey
algorithm<String>Read-writeAlgorithm to generate for zone signing.
Default value: NS_DNSKEYALGO_RSASHA1
Possible values = RSASHA1
keysize<Double>Read-writeSize of the key, in bits.
Default value: 512
filenameprefix<String>Read-writeCommon prefix for the names of the generated public and private key files and the Delegation Signer (DS) resource record. During key generation, the .key, .private, and .ds suffixes are appended automatically to the file name prefix to produce the names of the public key, the private key, and the DS record, respectively.
src<String>Read-writeURL (protocol, host, path, and file name) from where the DNS key file will be imported. NOTE: The import fails if the object to be imported is on an HTTPS server that requires client certificate authentication for access. This is a mandatory argument.
Minimum length = 1
Maximum length = 2047
__count<Double>Read-onlycount parameter

Operations

(click to see Properties)

ADD| CREATE| UPDATE| UNSET| DELETE| IMPORT| GET (ALL)| GET| COUNT

Some options that you can use for each operations:

  • Getting warnings in response:NITRO allows you to get warnings in an operation by specifying the "warning" query parameter as "yes". For example, to get warnings while connecting to the Citrix ADC appliance, the URL is as follows:

    http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code "209 X-NITRO-WARNING".

  • Authenticated access for individual NITRO operations:NITRO allows you to logon to the Citrix ADC appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER:<username>

    X-NITRO-PASS:<password>

    Note:In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

Note:

Mandatory parameters are marked in redand placeholder content is marked in <green>.

add

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"dnskey":{
<b>"keyname":<String_value>,
</b><b>"publickey":<String_value>,
</b><b>"privatekey":<String_value>,
</b>"expires":<Double_value>,
"units1":<String_value>,
"notificationperiod":<Double_value>,
"units2":<String_value>,
"ttl":<Double_value>,
"password":<String_value>
}}

Response:

HTTP Status Code on Success: 201 Created HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

create

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey?action=create

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"dnskey":{
<b>"zonename":<String_value>,
</b><b>"keytype":<String_value>,
</b><b>"algorithm":<String_value>,
</b><b>"keysize":<Double_value>,
</b><b>"filenameprefix":<String_value>,
</b>"password":<String_value>
}}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

update

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey

HTTP Method:PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"dnskey":{
<b>"keyname":<String_value>,
</b>"expires":<Double_value>,
"units1":<String_value>,
"notificationperiod":<Double_value>,
"units2":<String_value>,
"ttl":<Double_value>
}}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

unset

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey?action=unset

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"dnskey":{
<b>"keyname":<String_value>,
</b>"expires":true,
"units1":true,
"notificationperiod":true,
"units2":true,
"ttl":true
}}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

delete

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey/keyname_value<String>

HTTP Method:DELETE

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

Import

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey?action=Import

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"dnskey":{
<b>"keyname":<String_value>,
</b><b>"src":<String_value>
</b>}}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

get (all)

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey

Query-parameters:

attrs

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey?attrs=property-name1,property-name2

Use this query parameter to specify the resource details that you want to retrieve.

filter

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey?filter=property-name1:property-val1,property-name2:property-val2

Use this query-parameter to get the filtered set of dnskey resources configured on Citrix ADC. Filtering can be done on any of the properties of the resource.

view

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey?view=summary

Note:By default, the retrieved results are displayed in detail view (?view=detail).

pagination

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey?pagesize=#no;pageno=#no

Use this query-parameter to get the dnskey resources in chunks.

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:

{ "dnskey": [ {
"keyname":<String_value>,
"publickey":<String_value>,
"privatekey":<String_value>,
"expires":<Double_value>,
"units1":<String_value>,
"notificationperiod":<Double_value>,
"units2":<String_value>,
"ttl":<Double_value>,
"zonename":<String_value>,
"password":<String_value>
}]}

get

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey/keyname_value<String>

Query-parameters:

attrs

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey/keyname_value<String>?attrs=property-name1,property-name2

Use this query parameter to specify the resource details that you want to retrieve.

view

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey/keyname_value<String>?view=summary

Note:By default, the retrieved results are displayed in detail view (?view=detail).

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:

{ "dnskey": [ {
"keyname":<String_value>,
"publickey":<String_value>,
"privatekey":<String_value>,
"expires":<Double_value>,
"units1":<String_value>,
"notificationperiod":<Double_value>,
"units2":<String_value>,
"ttl":<Double_value>,
"zonename":<String_value>,
"password":<String_value>
}]}

count

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/dnskey?count=yes

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:

{ "dnskey": [ { "__count": "#no"} ] }