Resolved How to activate DNSSEC automatically via Plesk API (REST or XML)?

[Riculum]

Server operating system version

Debian

Plesk version and microupdate number

18.0.73 Update 3

Hey everyone

I'm trying to enable and sign DNSSEC automatically for a specific domain using either the Plesk REST API or the XML API, but I can’t find a clear example that actually works.

The REST CLI endpoint works fine for other commands (e.g. settings, server), but it seems like dnssec isn’t recognized — even though the DNSSEC extension is installed and works in the GUI.

I simply need to automate enabling DNSSEC and generating DS records for a given domain (so I can sync them to a registrar).
Is there an official way or supported endpoint to:

• Activate/sign DNSSEC for a domain
• Retrieve the DS records
• All via API (either REST or XML)?

Any example requests or hints would be really appreciated.

 

[Kaspar]

You can use execute the following CLI command of the DNSSEC extension via the /extension/call/ endpoint of the REST API

• To sign a domain with default settings:
  plesk ext dnssec sign --domain-name example.com
  
  
• To view DNSSEC information for a domain:
  plesk ext dnssec info --domain-name example.com
  
  
• To unsign a domain:
  plesk ext dnssec unsign --domain-name example.com

For example, to get the DNSSEC status of an domain you can make the following API call:

curl -X 'POST' \
'https://yourrserver.tld:8443/api/v2/cli/extension/call' \
-H 'accept: application/json' \
-H 'authorization: Basic ABCDEFGHIJKLMNOP==' \
-H 'Content-Type: application/json' \
-d '{
"params": [
   "--call",
   "dnssec",
   "info",
    "--domain-name",
    "example.com"
   ]
}'

 

[Riculum]

Thanks, that did the trick!
Calling /api/v2/cli/extension/call with dnssec info --domain-name example.com returned the DNSSEC status correctly. Appreciate the clear example!