APIRef_tm_ltm_dns_dnssec_keyΒΆ
mgmt/tm/ltm/dns/dnssec/key
DNSSEC key configuration
REST Endpoints
- Collection URI
/mgmt/tm/ltm/dns/dnssec/key
- Collection Methods
OPTIONS, GET
- Resource URI
/mgmt/tm/ltm/dns/dnssec/key/~resource id
- Resource Methods
OPTIONS, GET, PUT, PATCH, DELETE, POST
- Resource Natural Key
name, subPath
Properties
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
algorithm |
string | rsasha1 | optional | read/write | Specifies the algorithm to use to generate the key. The default value is RSASHA1. |
appService |
string | optional | read/write | The application service to which the object belongs. | |
bitWidth |
integer | 1024 | optional | read/write | Specifies the length of the key you want to generate. The default value is 1024. If the key is manually managed, MCPD will derive this value from the key file. |
certificateFile |
string | optional | read/write | Specifies the file containing the public key. Fields certificate-file and key-file are required for manual DNSSEC key import. | |
description |
string | optional | read/write | User defined description. | |
disabled |
boolean | true | optional | read/write | Specifies that the DNSSEC key is disabled. |
enabled |
boolean | true | optional | read/write | Specifies that the DNSSEC key is enabled. |
expirationPeriod |
string | 0 | optional | read/write | Specifies the length of time before the key expires. The default value is 0 (zero). This value must be greater than the value of the rollover-period option. |
keyFile |
string | optional | read/write | Specifies the file containing the private key. Fields certificate-file and key-file are required for manual DNSSEC key import. | |
keyType |
string | zsk | optional | read/write | Specifies whether the key is of type KSK or ZSK. The default value is ZSK. |
rolloverPeriod |
string | 0 | optional | read/write | Specifies the length of time before the key changes to another key. The default value is 0 (zero). This value must be less than the value of the expiration-period option. |
signaturePubPeriod |
string | 403200 | optional | read/write | Specifies the length of time before we create a new signature. The default value is 403200. |
signatureValidPeriod |
string | 604800 | optional | read/write | Specifies the length of time (seconds) that the signature of the key is valid. The default value is 604800. |
ttl |
integer | 86400 | optional | read/write | Specifies the number of seconds that a DNS server can cache the key. The default value is 86400. |
useFips |
string | none | optional | read/write | Specifies the type of FIPS-compliant hardware security module to use when storing, and signing with, the private key. The default value is none. Optionally external or internal. |
Subcollections
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
tm-generation |
array_structure | optional | read/write | DNSSEC key generation configuration |
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.