Ascio Web Service v3
Python CreateDnsSecKey
DNSSEC is an extension to DNS that enables clients (like a web browser) to make sure that it is
accessing the domain that wants to access. DNSSEC was designed to protect clients from forged DNS data. When a DNSSEC-enabled name server is responding to a query for a domain that is DNSSEC-enabled, it
digitally signs the response, allowing the client to verify the authenticity of the response.
AWS allows you to register domains that are DNSSEC-enabled with the NIC. Note that the relevant NIC
needs to support DNSSEC for this to happen. You do this by creating DNSSEC Key Objects (handles), and you then specify up to five of these on your
orders. At the time of writing, AWS only supports DNSSEC for .SE, .FI, .EU, .NL. Refer to the relevant TLD Kits for additional information.
Also see the documentation for the DnsSecKey object in this document. Additional reading: http://en.wikipedia.org/wiki/Dnssec
Always get the right IP-address
CreateDnsSecKeyResponse CreateDnsSecKey(SecurityHeaderDetails securityHeader,CreateDnsSecKeyRequest request)
Response codes
ResultCode | Message | Value |
---|---|---|
200 | OK | |
401 | Authorization failed | |
501 | Syntax error in parameters or arguments | |
506 | Required attribute missing in request |
CreateDnsSecKey Request
Property |
---|
request |
CreateDnsSecKeyResponse
Property | Description |
---|---|
CreateDnsSecKeyResult | |
DnsSecKey | |
ResultCode | Example: 1 |
ResultMessage | |
Errors |
Used in Classes
Python example
import zeep
import base64
from zeep import xsd, Client, Settings
# This is the test-environment. Please remove "demo." for the live-environment
wsdl = "https://aws.demo.ascio.com/v3/aws.wsdl"
settings = Settings(strict=False)
client = zeep.Client(wsdl=wsdl, settings=settings)
client.set_ns_prefix('v3','http://www.ascio.com/2013/02')
security_header_details = xsd.Element(
'{http://www.ascio.com/2013/02}SecurityHeaderDetails',
xsd.ComplexType([
xsd.Element(
'{http://www.ascio.com/2013/02}Account',
xsd.String()),
xsd.Element(
'{http://www.ascio.com/2013/02}Password',
xsd.String())
])
)
# Please enter your ascio credentials here
security_header_details_value = security_header_details(Account='account', Password='password')
# Please enter the impersonated account here
impersonation_header_details = xsd.Element(
'{http://www.ascio.com/2013/02}ImpersonationHeaderDetails',
xsd.ComplexType([
xsd.Element(
'{http://www.ascio.com/2013/02}TransactionAccount',
xsd.String())
])
)
impersonation_header_details_values = impersonation_header_details(TransactionAccount = 'sub-account')
# DnsSecKey
dnsSecKey = {
"Handle" : "JD123",
"Status" : "StatusTest",
"DigestAlgorithm" : "RSA-SHA256",
"DigestType" : "SHA-256",
"Digest" : "846E5ED4AB6788032B89393619752F662CF2B7B2046A8EC0804DF88F1469AC1E",
"Protocol" : "ProtocolTest",
"KeyType" : "KeyTypeTest",
"KeyAlgorithm" : "KeyAlgorithmTest",
"KeyTag" : "2224",
"PublicKey" : "PublicKeyTest"
}
# CreateDnsSecKeyRequest
request = {
"DnsSecKey" : dnsSecKey
}
result = client.service.CreateDnsSecKey(_soapheaders=[security_header_details_value, impersonation_header_details_values],request = request)
print(result)
https://aws.demo.ascio.com/v3/aws.wsdl (OTE)
https://aws.ascio.com/v3/aws.wsdl (Live)
Please configure the IP-Whitelisting in the portal/demo-portal.