API to control DNS?

Web hosting discussion, programming, and shared and dedicated servers.
5 posts Page 1 of 1
by lr » Sat Jun 16, 2018 9:33 pm
I have two domains for which Sonic is the DNS provider. I can edit the DNS by going into the web-based member tools, and change things. Is there a way to make the same change from an API?

Here's why. I'm using LetsEncrypt to get SSL certificates for my domain. The web server for the domains are actually not at Sonic, only the DNS is. The web server uses LetsEncrypt to get his SSL certificates. So far, this has worked well by using the web-server based challenges, with the "certbot" script which I have installed on my web server, and I'm getting host-specific certificates (for example one for www.example.com). So far, so good.

For truly bizarre reasons, I now need to get a wildcard certificate, for *.example.com. That can't be done with a web server challenge to a single host; it needs to be done by adding "text" DNS records to the domain. The good people who write the various certbot-like tools for LetsEncrypt have automated too ... if the DNS server provides an API for allowing text records to be updated by the LetsEncrypt scripts.

A few years ago, I remember learning that Sonic has some sort of API for DNS updates, but now I can't find it. Anyone know?
Linda and Ralph and John; 735 Sunset Ridge Road; Los Gatos, CA 95033; 408-395-1435
by dherr » Sun Jun 17, 2018 6:58 pm
by lr » Mon Jun 18, 2018 7:46 am
That looks right. Thanks so much. Now the fun starts: see whether and how this integrates with the LetsEncrypt tools. That will be my evening task.
Linda and Ralph and John; 735 Sunset Ridge Road; Los Gatos, CA 95033; 408-395-1435
by lr » Fri Jun 22, 2018 5:41 pm
So close, and yet so far ...

Yes, there is a wonderful API to update DNS information. I tested it, and it works like a charm. BUT: it is intended for dynamic DNS, and it can only be used to update A (and AAAA) records. I need to update TXT records for DNS challenges.

If someone from Sonic support is listening: Can you please wander over to the cubicle of whoever wrote this API, thank them for a job well done (it is really clear and logical, and I like the way the API key handles security). And then ask them whether it would fit into their schedule to add the capability to add TXT records? Considering in there that TXT records are pretty much arbitrary strings, and in the web-based user tools need to be quoted.

(Footnote: Small update to the documentation. In the "Requesting an API key" section, the "hostname" one has to supply is actually the domain name of the whole domain that the Sonic user owns, for example "example.com". In the "Updating host records" section, the hostname is the complete hostname, which would be "mail.example.com"
Linda and Ralph and John; 735 Sunset Ridge Road; Los Gatos, CA 95033; 408-395-1435
by lr » Fri Jun 29, 2018 8:56 pm
Hi. Could a Sonic staffer please think about supporting TXT records with an API? Or find some other way to interface to LetsEncrypt (and the certbot tool), so Sonic hosting / DNS customers can get HTTPS certificates using DNS-01 challenges?

I know Sonic has always been on the forefront of making the internet more secure for everyone, and generally "having our back". It would go along with that corporate culture to make it easier for Sonic's customers to also make their little corner of the Internet secure too, as easily as possible.
Linda and Ralph and John; 735 Sunset Ridge Road; Los Gatos, CA 95033; 408-395-1435
5 posts Page 1 of 1

Who is online

In total there are 3 users online :: 1 registered, 0 hidden and 2 guests (based on users active over the past 5 minutes)
Most users ever online was 422 on Sat May 26, 2012 5:28 am

Users browsing this forum: Bing [Bot] and 2 guests