WHM API.
Download OpenAPI description
Overview
URL
WebPros International, LLC
License
Languages
Servers
Mock server
https://api.docs.cpanel.net/_mock/specifications/whm.openapi/
A server running WHM.
https://{host}:{port}/json-api/
Request
This function disables DNSSEC on the domain.
Note:
Only servers that run PowerDNS can use DNSSEC. If you call this function on a server that doesn't use PowerDNS, you will receive an error.
Warning:
- This action is irreversible. If you disable DNSSEC on the domain, you will lose the associated keys. You can only retrieve the keys by restoring them from a full back up of the account.
- If you disable DNSSEC, you must remove the Delegation of Signing (DS) records on your DNS server and with your registrar.
Security
BasicAuth
Query Examples:
The domain for which to disable DNSSEC.
Note:
To disable DNSSEC for multiple domains, duplicate or increment the parameter name. For example, to check three domains, you could:
- Use the
domainparameter multiple times. - Use the
domain,domain-1,domain-2parameters.
domain=domain=example.com&domain-1=example1.com&domain-2=example2.com
domain=domain=example.com&domain=example1.com&domain=example2.com
domain=example.com
- Mock server
https://api.docs.cpanel.net/_mock/specifications/whm.openapi/disable_dnssec_for_domains
- A server running WHM.
https://whm-server.tld:2087/json-api/disable_dnssec_for_domains
- curl
- JavaScript
- Node.js
- Python
- Java
- C#
- PHP
- Go
- Ruby
- R
- Payload
curl -i -X GET \
-u <username>:<password> \
'https://api.docs.cpanel.net/_mock/specifications/whm.openapi/disable_dnssec_for_domains?domain=string'Response
application/json
{ "data": { "domains": [ … ] }, "metadata": { "command": "disable_dnssec_for_domains", "reason": "OK", "result": 1, "version": 1 } }
Request
This function enables DNSSEC on the domain.
Note:
- Only servers that run PowerDNS can use DNSSEC. If you call this function on a server that doesn't use PowerDNS, you will receive an error.
- After you enable DNSSEC on the domain, you must add the Delegation of Signing (DS) records on your DNS server and with your registrar.
- You cannot modify the DNSSEC security key. To make any changes, you must disable, delete, and re-create the DNSSEC security key.
Security
BasicAuth
Query Examples:
The domain for which to enable DNSSEC.
Note:
To enable DNSSEC on multiple domains, duplicate or increment the parameter name. For example, to check three domains, you could:
- Use the
domainparameter multiple times. - Use the
domain,domain-1, anddomain-2parameters.
domain=domain=example.com&domain-1=example1.com&domain-2=example2.com
domain=domain=example.com&domain=example1.com&domain=example2.com
domain=example.com
Whether to activate the newly-created key.
1- Activate the key.0- Do not activate the key.
Default 1
Enum01
Example: active=1
The algorithm that the system uses to generate the security key.
5- RSA/SHA-16- DSA-NSEC3-SHA17- RSASHA1-NSEC3-SHA18- RSA/SHA-25610- RSA/SHA-51213- ECDSA Curve P-256 with SHA-25614- ECDSA Curve P-384 with SHA-384
Note:
We recommend that you use an ECDSA Curve P-256 with SHA-256 (13) value if your registrar supports it.
Default 8
Enum5678101314
Example: algo_num=8
The manner in which the system creates the security key.
classic- Use separate keys for KSK and ZSK. Use this value when thealgo_numparameter is equal to or less than 8.simple- Use a single key for both KSK and ZSK. Use this value when thealgo_numparameter is greater than 8.
Default "classic"
Enum"classic""simple"
Example: key_setup=classic
The number of times that the system rehashes the first resource record hash operation.
Default 7
Example: nsec3_iterations=7
Whether NSEC3 operates in Narrow or Inclusive mode.
Note:
For information about these modes, read PowerDNS's DNSSEC documentation.
1- Narrow mode.0- Inclusive mode.
Default 1
Enum01
Example: nsec3_narrow=1
Whether the system will create records for all delegations.
1- Create records for all delegations.0- Create records only for secure delegations.
Note:
Only use the 1 value if you must create records for all delegations.
Default 0
Enum01
Example: nsec3_opt_out=1
A hexadecimal string that the system appends to the domain name before it applies the hash function to the name.
Note:
For information about salt values, read RFC 5155.
Example: nsec3_salt=1a2b3c4d5e6f
Whether the domain will use Next Secure Record (NSEC) or NSEC3 semantics.
1- Use NSEC3 semantics.0- Use NSEC semantics.
Note:
If you use this value, the system ignores the other NSEC3 options.
Default 1
Enum01
Example: use_nsec3=1
- Mock server
https://api.docs.cpanel.net/_mock/specifications/whm.openapi/enable_dnssec_for_domains
- A server running WHM.
https://whm-server.tld:2087/json-api/enable_dnssec_for_domains
- curl
- JavaScript
- Node.js
- Python
- Java
- C#
- PHP
- Go
- Ruby
- R
- Payload
curl -i -X GET \
-u <username>:<password> \
'https://api.docs.cpanel.net/_mock/specifications/whm.openapi/enable_dnssec_for_domains?domain=example.com&active=1&algo_num=8&key_setup=classic&nsec3_iterations=7&nsec3_narrow=1&nsec3_opt_out=1&nsec3_salt=1a2b3c4d5e6f&use_nsec3=1'Response
application/json
{ "data": { "domains": [ … ] }, "metadata": { "command": "enable_dnssec_for_domains", "reason": "OK", "result": 1, "version": 1 } }
- Mock server
https://api.docs.cpanel.net/_mock/specifications/whm.openapi/export_zone_key
- A server running WHM.
https://whm-server.tld:2087/json-api/export_zone_key
- curl
- JavaScript
- Node.js
- Python
- Java
- C#
- PHP
- Go
- Ruby
- R
- Payload
curl -i -X GET \
-u <username>:<password> \
'https://api.docs.cpanel.net/_mock/specifications/whm.openapi/export_zone_key?domain=example.com&key_id=1'Response
application/json
{ "data": { "key_tag": 40481, "key_type": "CSK" }, "metadata": { "command": "export_zone_key", "reason": "OK", "result": 1, "version": 1 } }