API: OpenSRS

OpenSRS API Guide: Domains and SSL

Welcome to the OpenSRS API guide. Here you will find comprehensive documentation regarding our domain and SSL services. We hope this guide will help you start working with OpenSRS as quickly as possible. If you have any questions or concerns, please do not hesitate to contact help@opensrs.com

Get Started

DNSSEC stands for DNS Security Extensions, and it is designed to protect Internet resolvers (clients) from forged DNS in order to prevent DNS tampering. DNSSEC works by digitally signing the DNS records at the authoritative DNS server. By checking the digital signature, a DNS resolver knows whether the information it receives is identical (correct and complete) to the information on the authoritative DNS server. This attests to the validity of the address, and ensures that the site you visit is the one you intended to go to rather than a site where your personal information could be compromised. If the DNS cannot be authenticated, your browser won't display the site.

Your DNS provider supplies the DNSSEC values that you enter for your domains.
Note: OpenSRS does not do any DNSSEC validation; we simply pass the DNSSEC values on to the registry.

You cannot assign DNSSEC values to the domain at the time that you register it, but once the domain is registered, you can modify it and add the DNSSEC values. There is no charge for this service.

Transfers in

For domains being transferred in, DS records will be maintained and carried over to OpenSRS.

This section contains the following:

Request and response parameters for all DNSSEC commands

Example requests and responses can be found for the following commands:

Note

DNSSEC commands are only available to certain TLDs. Please check the TLD reference chart and look under the column "Reseller managed DNSSEC"

Please also see Configuring DNSSEC in the API for more detailed overview of DNSSEC.

Overview