APIRef_tm_ltm_dns_dnssec_keyΒΆ

mgmt/tm/ltm/dns/dnssec/key

/tm/ltm/dns/dnssec

DNSSEC key configuration

REST Endpoints

Collection URI
/mgmt/tm/ltm/dns/dnssec/key
Collection Methods
OPTIONS, GET
Resource URI
/mgmt/tm/ltm/dns/dnssec/key/~resource id
Resource Methods
OPTIONS, GET, PUT, PATCH, DELETE, POST
Resource Natural Key
name, subPath

Properties

Name Type Default Value Required Access Description
algorithm string rsasha1 optional read/write Specifies the algorithm to use to generate the key. The default value is RSASHA1.
appService string   optional read/write The application service to which the object belongs.
bitWidth integer 1024 optional read/write Specifies the length of the key you want to generate. The default value is 1024. If the key is manually managed, MCPD will derive this value from the key file.
certificateFile string   optional read/write Specifies the file containing the public key. Fields certificate-file and key-file are required for manual DNSSEC key import.
description string   optional read/write User defined description.
disabled boolean true optional read/write Specifies that the DNSSEC key is disabled.
enabled boolean true optional read/write Specifies that the DNSSEC key is enabled.
expirationPeriod string 0 optional read/write Specifies the length of time before the key expires. The default value is 0 (zero). This value must be greater than the value of the rollover-period option.
keyFile string   optional read/write Specifies the file containing the private key. Fields certificate-file and key-file are required for manual DNSSEC key import.
keyType string zsk optional read/write Specifies whether the key is of type KSK or ZSK. The default value is ZSK.
rolloverPeriod string 0 optional read/write Specifies the length of time before the key changes to another key. The default value is 0 (zero). This value must be less than the value of the expiration-period option.
signaturePubPeriod string 403200 optional read/write Specifies the length of time before we create a new signature. The default value is 403200.
signatureValidPeriod string 604800 optional read/write Specifies the length of time (seconds) that the signature of the key is valid. The default value is 604800.
ttl integer 86400 optional read/write Specifies the number of seconds that a DNS server can cache the key. The default value is 86400.
useFips string none optional read/write Specifies the type of FIPS-compliant hardware security module to use when storing, and signing with, the private key. The default value is none. Optionally external or internal.

Subcollections

Name Type Default Value Required Access Description
tm-generation array_structure   optional read/write DNSSEC key generation configuration
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.