1
TSIG API Question
Question asked by Rina Serafino - February 21 at 3:21 PM
Answered
The HTTP API in Simple DNS Plus is an easy 'no brainer' to figure out. 
With the exception of generating 'keys', however, the Documentation/Help does not elaborate or explain the API used for TSIG Dynamic Updates in any way at all. 
Does the TSIG API use the same 'GET/POST' functions and data fields as are used for the HTTP API??? 
For example POST:
addrecord?data=127.0.0.1&zone=example.com&name=subdomain&type=A&ttl=300
 
I am in the process of putting the 'finishing touches' on a Windows client application for the fully automated issuance, deployment and renewal of SSL/TLS Certificates through the "Let's Encrypt" Certificate Authority. 
One of the secure domain challenge/verification methods used by Let's Encrypt is 'dns01', which is the placement of a temporary 'challenge key' into a TXT record for each domain/subdomain being validated. 
These TXT records are then immediately removed upon validation being completed.  The entire process takes about 2-5 minutes. 
 
I have already completed API integration for the 15 most popular DNS daemons/services and I would very much like to include functionality for Simple DNS Plus. 
(Why???  Because, personally, I **really like** Simple DNS Plus, that's all.) 
Sorry for the long question but..., the good news is..., it should involve a fairly short answer. 
 
Thanks,
Rina
 

1 Reply

Reply to Thread
0
JH Software Replied
March 14 at 4:11 AM
Employee Post
>> Does the TSIG API use the same 'GET/POST' functions and data fields as are used for the HTTP API??? 
 
No. TSIG [signed] dynamic updates are updates sent through the DNS protocol - through DNS update requests - not via HTTP.
This process is described in various RFCs - let us know if you need details.
 
>> ...placement of a temporary 'challenge key' into a TXT record...
 
You can easily do this through the HTTP API "addrecord" and "deleterecord" functions.
See http://simpledns.com/swagger-ui/#/Records
 
Let us know if you need any assistance with this.
 
>> (Why???  Because, personally, I **really like** Simple DNS Plus, that's all.) 
 
Thank you very much. And we would certainly like to see Simple DNS Plus included as an option in your application.
 

Reply to Thread