You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficcontrol.apache.org by "David Neuman (JIRA)" <ji...@apache.org> on 2017/04/07 14:53:41 UTC
[jira] [Updated] (TC-223) Creating a DS through the API results in
an invalid DNSSEC keypair
[ https://issues.apache.org/jira/browse/TC-223?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Neuman updated TC-223:
----------------------------
Description:
If you have DNSSEC enabled and you create a DS from the API, a DNSSEC keypair with name = "" gets created (example below). It looks like this happens because when you create a DS through the API you don't create the DS with a regex. When the create method calls create_dnssec_keys that method uses the regex to create the name field.
{quote}
"Test-DS-1491489049" : {
"zsk" : [
{
"effectiveDate" : 1491489041,
"public" : "...",
"private" : "...",
"expirationDate" : 1494081041,
"name" : "",
"status" : "new",
"inceptionDate" : 1491489041,
"ttl" : "60"
}
],
"ksk" : [
{
"status" : "new",
"ttl" : "60",
"inceptionDate" : 1491489041,
"public" : "...",
"effectiveDate" : 1491489041,
"name" : "",
"private" : "...",
"expirationDate" : 1523025041
}
]
},
{quote}
was:If you have DNSSEC enabled and you create a DS from the API, a DNSSEC keypair with name = "" gets created (example below). It looks like this happens because when you create a DS through the API you don't create the DS with a regex. When the create method calls create_dnssec_keys that method uses the regex to create the name field.
> Creating a DS through the API results in an invalid DNSSEC keypair
> ------------------------------------------------------------------
>
> Key: TC-223
> URL: https://issues.apache.org/jira/browse/TC-223
> Project: Traffic Control
> Issue Type: Bug
> Components: Traffic Ops
> Affects Versions: 2.0.0, 2.1.0
> Reporter: David Neuman
>
> If you have DNSSEC enabled and you create a DS from the API, a DNSSEC keypair with name = "" gets created (example below). It looks like this happens because when you create a DS through the API you don't create the DS with a regex. When the create method calls create_dnssec_keys that method uses the regex to create the name field.
> {quote}
> "Test-DS-1491489049" : {
> "zsk" : [
> {
> "effectiveDate" : 1491489041,
> "public" : "...",
> "private" : "...",
> "expirationDate" : 1494081041,
> "name" : "",
> "status" : "new",
> "inceptionDate" : 1491489041,
> "ttl" : "60"
> }
> ],
> "ksk" : [
> {
> "status" : "new",
> "ttl" : "60",
> "inceptionDate" : 1491489041,
> "public" : "...",
> "effectiveDate" : 1491489041,
> "name" : "",
> "private" : "...",
> "expirationDate" : 1523025041
> }
> ]
> },
> {quote}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)