Understanding How The API Works »
Get TLSA Records using the API requires specific syntax depending on whether you are using REST or SOAP. Use this table to find the syntax for your command.
See RFC 6698 for more information about TLSA records.
REST Syntax
| Click to view all REST Resources |
| /REST/TLSARecord/ GET– Retrieve one or all existing TLSA Record on the zone/node indicated.
HTTP Action — GET
URIs:
Get One TLSA Record — https://api.dynect.net/REST/TLSARecord/<zone>/<fqdn>/<recordID>/
Get TLSA Records — https://api.dynect.net/REST/TLSARecord/<zone>/<fqdn>/ |
| Arguments — No Arguments. |
| Response:
Get One TLSA Record — Click for More Info
- string
zone — Name of the zone.
- string
fqdn — Fully qualified domain name of a node in the zone.
- hash
rdata — RData defining the record to add.
- string
cert_usage — Specifies the provided association that will be used to match the certificate presented in the TLS handshake.
- string
selector — Specifies which part of the TLS certificate presented by the server will be matched against the association data.
- string
match_type — Specifies how the certificate association is presented.
- string
certificate — Full certificate or its SubjectPublicKeyInfo, or hash based on the matching type.
- string
ttl — TTL for the record.
Get TLSA Records: array – Individual Records. |
SOAP Syntax
| Click to view all SOAP Commands |
GetOneTLSARecord — Get one TLSA Record on the zone/node indicated.
GetTLSARecord — Get all TLSA Records on the zone/node indicated. |
| Arguments:
GetOneTLSARecord — Click for More Info
- string
zone — Required. Name of zone where the record will be removed.
- string
fqdn — Required. Name of node where the record will be removed.
- string
record_id — Unique identifier of the record to remove.
- hash
rdata — RData defining the record to delete.
- string
cert_usage — Required. Specifies the provided association that will be used to match the certificate presented in the TLS handshake. Example values: 0 (CA constraint), 1 (Service certificate constraint), 2 (Trust anchor assertion ), 3 (Domain-issued certificate)
- string
selector — Required. Specifies which part of the TLS certificate presented by the server will be matched against the association data. Example values: 0 (Full certificate), 1 (SubjectPublicKeyInfo)
- string
match_type — Required. Specifies how the certificate association is presented. Example values: 0 (No hash used), 1 (SHA-256), 2 (SHA-512)
- string
certificate — Required. Full certificate or its SubjectPublicKeyInfo, or hash based on the matching type.
- string
ttl — TTL for the record in seconds. Set to “0” to use zone default.
- string
token — Required. The session identifier.
GetTLSARecords — Click for More Info
- string
zone — Required. Name of zone where the records are.
- string
fqdn — Required. Name of node where the records are.
- string
token — Required. The session identifier.
|
Response:
GetOneTLSARecord — Click for More Info
- hash
data
- string
zone — Name of the zone.
- string
fqdn — Fully qualified domain name of a node in the zone.
- hash
rdata — RData defining the record to add.
- string
cert_usage — Specifies the provided association that will be used to match the certificate presented in the TLS handshake.
- string
selector — Specifies which part of the TLS certificate presented by the server will be matched against the association data.
- string
match_type — Specifies how the certificate association is presented.
- string
certificate — Full certificate or its SubjectPublicKeyInfo, or hash based on the matching type.
- string
ttl — TTL for the record.
- string
token — The session identifier.
GetTLSARecords — Click for More Info
- array
data
- string
zone — Name of the zone.
- string
fqdn — Fully qualified domain name of a node in the zone.
- hash
rdata — RData defining the record to add.
- string
cert_usage — Specifies the provided association that will be used to match the certificate presented in the TLS handshake.
- string
selector — Specifies which part of the TLS certificate presented by the server will be matched against the association data.
- string
match_type — Specifies how the certificate association is presented.
- string
certificate — Full certificate or its SubjectPublicKeyInfo, or hash based on the matching type.
- string
ttl — TTL for the record.
- string
token — The session identifier.
|
| Example Request:
GetOneTLSARecord — Click for More Info
{
'zone' => 'example.com',
'fqdn' => 'www.example.com',
'record_id' => '43',
'rdata' => {
'cert_usage' => '0',
'selector' => '0',
'match_type' => '1',
'certificate' => 'k3ie9dowkd . . . ',
},
'token' => 'asdlkfjasl23j4879afa',
'ttl' => '3600',
}
GetTLSARecords — Click for More Info
{
'zone' => 'example.com',
'fqdn' => 'www.example.com',
'token' => 'asdlkfjasl23j4879afa',
}
|
<< DNS API Knowledge Base
