SSL Certificate (Purchase)

/ssl-certificate

GET

Returns a list of all certificates.

Request parameters

All values are optional.

plan uuid  
client_reference string Filter on the client_reference (optional) used when creating the certificate.

JSON response

Possible errors

Sample

curl \
--request GET \
--user "{{api_username}}:{{api_key}}" \
"{{api_base_url}}/ssl-certificate" | python -m json.tool

POST

Create a new certificate.

This is an asynchronous call. This means that certificate will get created with the status ‘pending’ until it’s fully provisioned, after which the status becomes ‘active’.

JSON request

csr string The full Certificate Signing Request (CSR) file contents (including header and footer line) of the domain you’re creating the certificate for. Can be supplied with JSON new lines sign \n (see the request examples below). The CSR should be generated using a key of at least 2048 bits in length.
dcv_type string

Domain Control Validation (DCV) method to prove domain ownership. There are 3 possible options:

  • EMAIL
  • FILE
  • DNS

Please read the section on how to prepare a domain for the validation

chamber_of_commerce string Required for OV* and EV*. Chamber of commerce number of your company.
company_name string Optional. If it isn’t supplied explicitly, the company name will be taken from the CSR.
department string Required for OV* and EV*.
address string Street address
city string  
approver_first_name string Required for OV* and EV*.
approver_last_name string Required for OV* and EV*.
approver_email_address string Required for ‘EMAIL’ Domain Control Validation (DCV)
approver_phone_number string  
zip_code string  
plan string A UUID identifier of the plan to be purchased.
client_reference string An optional value to be filled by the client. This is usable to identify the created object by an client-side defined value. A use case is the ability to recover from an network-error during creation e.g. no response returned after creation of the customer.
ee_reference_order_id string Optional. An Encryption Everywhere order number used to upgrade the certificate.

OV* = organization validation EV* = extended validation

JSON response

Possible errors

Sample

curl \
--request POST \
--user "{{api_username}}:{{api_key}}" \
--data '
    {
        "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIICwTCCAakCAQAwfDELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEUMBIGA1UEAwwLZXhh\nbXBsZS5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9AZXhhbXBsZS5jb20wggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxeHuQf/NN9tQqnFv1h0bvwTY0kWhp\nesx3JUwOnah/FwkZpv+VDJpMG1nzxTRX87GNqn5jPHTzCSiRtGuZpSURj4QYXkh0\npQHsyjZxLE3o+XY9CCxKZ6IkdhCBvvBiPTi9OCY3jyk+3kcqqbX1ETrKGgT4G8T5\nvyPh61YJBpFrrV1Faw2+8DnriOeYbIgoP6Kmq6nRp41GoXOoaP01eAtLqp1uYWuy\npc97N68xZqKR2aXfHJxlof+KMDbnHOuWbFX0GxvziqdXByc//c9J4AN4zDJlGy8C\nA5n9ocbPAP0udZ45tFCI78zfQ5GPe7QaAb7zVzG37hAfNFLpocJMi4CFAgMBAAGg\nADANBgkqhkiG9w0BAQsFAAOCAQEAT/xJ1HCSqj97qK6UE7wC9KzlwL0W43IdxkeZ\nT9In33FwPpvO2G1d57AenO6F/Z+RTdUk0nfpIxGKu1AgiNziK82ko83l8MSRysD6\nxv/jdzIDzBrn8hYpGHNm73FXSmgh4KSJrOb2YTXwHkesgOZb1wMa6okGLjXCdOmc\n7LEtfxsEMwaQukXzgoO9QmqF3QuOMS/2uNK7ZlYICQdiiCRm5KHNDUKT/mtYs1en\nW7TsK+4NUkbiCxC1iFzPrgXaCMXepXXUTzWfbbiLNLmdxra/HhVlhnh2pJXQLhx8\nbt80ifX2OEUlaDgYj2Hg6hhMJ0E8Tyl0MnJI7qwCSczOBzlAlw==\n-----END CERTIFICATE REQUEST-----",

        "dcv_type": "EMAIL",

        "chamber_of_commerce": "12345678",
        "company_name": "Johns inc.",
        "department": "Development",
        "address": "Example street 13",
        "zip_code": "12345",
        "city": "Smallville",

        "approver_first_name": "John",
        "approver_last_name": "Doe",
        "approver_email_address": "john.doe@example.com",
        "approver_phone_number": "+31.612345678",

        "client_reference": "#123",
        "plan": "3f7830c3-3fa4-404d-908f-35daaa1cd17b"
    }
' \
"{{api_base_url}}/ssl-certificate" | python -m json.tool

/ssl-certificate/{id}

GET

Get detailed information about a certificate.

Request parameters

N/A

JSON response

Possible errors

Sample

curl \
--request GET \
--user "{{api_username}}:{{api_key}}" \
"{{api_base_url}}/ssl-certificate/{id}" | python -m json.tool

/ssl-certificate/{id}/renew

Renew the certificate.

This is an asynchronous call. This means that certificate will get updated with the status ‘pending’ until the renew is completed, after which the status becomes ‘active’ again.

Request parameters

csr string The full Certificate Signing Request (CSR) file contents (including header and footer line) of the domain you’re creating the certificate for. Can be supplied with JSON new lines sign \n (see the request examples below). The CSR should be generated using a key of at least 2048 bits in length.
dcv_type string

Domain Control Validation (DCV) method to prove domain ownership. There are 3 possible options:

  • EMAIL
  • FILE
  • DNS

Please read the section on how to prepare a domain for the validation

chamber_of_commerce string Required for OV* and EV*. Chamber of commerce number of your company.
company_name string  
department string Required for OV* and EV*.
address string Street address
city string  
approver_first_name string Required for OV* and EV*.
approver_last_name string Required for OV* and EV*.
approver_email_address string Required for ‘EMAIL’ Domain Control Validation (DCV)
approver_phone_number string  
zip_code string  
plan string A UUID identifier of the plan to be purchased.
client_reference string An optional value to be filled by the client. This is usable to identify the created object by an client-side defined value. A use case is the ability to recover from an network-error during creation e.g. no response returned after creation of the customer.

OV* = organization validation EV* = extended validation

JSON response

Note: the response returns current state of the object. This changes after the asynchronous request is completed.

object: SSL Certificate

Possible errors

Sample

curl \
--request POST \
--user "{{api_username}}:{{api_key}}" \
--data '
    {
    "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIICwTCCAakCAQAwfDELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEUMBIGA1UEAwwLZXhh\nbXBsZS5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9AZXhhbXBsZS5jb20wggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxeHuQf/NN9tQqnFv1h0bvwTY0kWhp\nesx3JUwOnah/FwkZpv+VDJpMG1nzxTRX87GNqn5jPHTzCSiRtGuZpSURj4QYXkh0\npQHsyjZxLE3o+XY9CCxKZ6IkdhCBvvBiPTi9OCY3jyk+3kcqqbX1ETrKGgT4G8T5\nvyPh61YJBpFrrV1Faw2+8DnriOeYbIgoP6Kmq6nRp41GoXOoaP01eAtLqp1uYWuy\npc97N68xZqKR2aXfHJxlof+KMDbnHOuWbFX0GxvziqdXByc//c9J4AN4zDJlGy8C\nA5n9ocbPAP0udZ45tFCI78zfQ5GPe7QaAb7zVzG37hAfNFLpocJMi4CFAgMBAAGg\nADANBgkqhkiG9w0BAQsFAAOCAQEAT/xJ1HCSqj97qK6UE7wC9KzlwL0W43IdxkeZ\nT9In33FwPpvO2G1d57AenO6F/Z+RTdUk0nfpIxGKu1AgiNziK82ko83l8MSRysD6\nxv/jdzIDzBrn8hYpGHNm73FXSmgh4KSJrOb2YTXwHkesgOZb1wMa6okGLjXCdOmc\n7LEtfxsEMwaQukXzgoO9QmqF3QuOMS/2uNK7ZlYICQdiiCRm5KHNDUKT/mtYs1en\nW7TsK+4NUkbiCxC1iFzPrgXaCMXepXXUTzWfbbiLNLmdxra/HhVlhnh2pJXQLhx8\nbt80ifX2OEUlaDgYj2Hg6hhMJ0E8Tyl0MnJI7qwCSczOBzlAlw==\n-----END CERTIFICATE REQUEST-----",

    "dcv_type": "EMAIL",

    "chamber_of_commerce": "12345678",
    "company_name": "Johns inc.",
    "department": "Development",
    "address": "Example street 13",
    "zip_code": "12345",
    "city": "Smallville",

    "approver_first_name": "John",
    "approver_last_name": "Doe",
    "approver_email_address": "john.doe@example.com",
    "approver_phone_number": "+31.612345678",

    "client_reference": "#123",
    "plan": "3f7830c3-3fa4-404d-908f-35daaa1cd17b"
}
' \
"{{api_base_url}}/ssl-certificate/{id}/renew" | python -m json.tool

DELETE

Delete the certificate which disables it directly.

You will get refunded if the certificate is still within the grace period as defined in the certificate’s plan.

Request parameters

N/A

JSON response

Possible errors

Sample

curl \
--request DELETE \
--user "{{api_username}}:{{api_key}}" \
"{{api_base_url}}/ssl-certificate/{id}" | python -m json.tool

/ssl-certificate/{id}/validate

Retry the Domain Control Validation (DCV).

Request parameters

dcv_type string

Domain Control Validation (DCV) method to prove domain ownership. There are 3 possible options:

  • EMAIL
  • FILE
  • DNS

Please read the section on how to prepare a domain for the validation

email_address string Applicable for the dcv_type ‘EMAIL’. Email address to send the validation email to.

OV* = organization validation EV* = extended validation

JSON response

Possible errors

Sample

curl \
--request POST \
--user "{{api_username}}:{{api_key}}" \
--data '
    {
        "dcv_type": "EMAIL",
        "email_address": "john.doe@example.com",
        "domain": "example.com"
    }
' \
"{{api_base_url}}/ssl-certificate/{id}/validate" | python -m json.tool

/ssl-certificate/{id}/reissue

Reissue the certificate.

The certificate will be activated right away, making the current one invalid.

Request parameters

csr string The full Certificate Signing Request (CSR) file contents (including header and footer line) of the domain you’re creating the certificate for. Can be supplied with JSON new lines sign \n (see the request examples below). The CSR should be generated using a key of at least 2048 bits in length.
dcv_type string

Domain Control Validation (DCV) method to prove domain ownership. There are 3 possible options:

  • EMAIL
  • FILE
  • DNS

Please read the section on how to prepare a domain for the validation

chamber_of_commerce string Required for OV* and EV*. Chamber of commerce number of your company.
company_name string  
department string Required for OV* and EV*.
address string Street address
city string  
approver_first_name string Required for OV* and EV*.
approver_last_name string Required for OV* and EV*.
approver_email_address string Required for ‘EMAIL’ Domain Control Validation (DCV)
approver_phone_number string  
zip_code string  
client_reference string An optional value to be filled by the client. This is usable to identify the created object by an client-side defined value. A use case is the ability to recover from an network-error during creation e.g. no response returned after creation of the customer.

OV* = organization validation EV* = extended validation

JSON response

Possible errors

Sample

curl \
--request POST \
--user "{{api_username}}:{{api_key}}" \
--data '
    {
        "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIICwTCCAakCAQAwfDELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEUMBIGA1UEAwwLZXhh\nbXBsZS5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9AZXhhbXBsZS5jb20wggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxeHuQf/NN9tQqnFv1h0bvwTY0kWhp\nesx3JUwOnah/FwkZpv+VDJpMG1nzxTRX87GNqn5jPHTzCSiRtGuZpSURj4QYXkh0\npQHsyjZxLE3o+XY9CCxKZ6IkdhCBvvBiPTi9OCY3jyk+3kcqqbX1ETrKGgT4G8T5\nvyPh61YJBpFrrV1Faw2+8DnriOeYbIgoP6Kmq6nRp41GoXOoaP01eAtLqp1uYWuy\npc97N68xZqKR2aXfHJxlof+KMDbnHOuWbFX0GxvziqdXByc//c9J4AN4zDJlGy8C\nA5n9ocbPAP0udZ45tFCI78zfQ5GPe7QaAb7zVzG37hAfNFLpocJMi4CFAgMBAAGg\nADANBgkqhkiG9w0BAQsFAAOCAQEAT/xJ1HCSqj97qK6UE7wC9KzlwL0W43IdxkeZ\nT9In33FwPpvO2G1d57AenO6F/Z+RTdUk0nfpIxGKu1AgiNziK82ko83l8MSRysD6\nxv/jdzIDzBrn8hYpGHNm73FXSmgh4KSJrOb2YTXwHkesgOZb1wMa6okGLjXCdOmc\n7LEtfxsEMwaQukXzgoO9QmqF3QuOMS/2uNK7ZlYICQdiiCRm5KHNDUKT/mtYs1en\nW7TsK+4NUkbiCxC1iFzPrgXaCMXepXXUTzWfbbiLNLmdxra/HhVlhnh2pJXQLhx8\nbt80ifX2OEUlaDgYj2Hg6hhMJ0E8Tyl0MnJI7qwCSczOBzlAlw==\n-----END CERTIFICATE REQUEST-----",

        "dcv_type": "EMAIL",

        "chamber_of_commerce": "12345678",
        "company_name": "Johns inc.",
        "department": "Development",
        "address": "Example street 13",
        "zip_code": "12345",
        "city": "Smallville",

        "approver_first_name": "John",
        "approver_last_name": "Doe",
        "approver_email_address": "john.doe@example.com",
        "approver_phone_number": "+31.612345678",

        "client_reference": "#123"
    }
' \
"{{api_base_url}}/ssl-certificate/{id}/reissue" | python -m json.tool

/ssl-certificate/{id}/download-{zip|pkcs7|crt|csr|ca}

Download the existing certificate in one of supported formats (zip, pkcs7, crt, csr or ca).

Response

A file-attachment (Content-Type: application/octet-stream) with the SSL-certificate. A format of the file corresponds the selected extension (zip, pkcs7, crt, csr or ca).

Possible errors

Sample

curl \
--request GET \
--user "{{api_username}}:{{api_key}}" \
"{{api_base_url}}/ssl-certificate/{{id}}/download-{{zip|pkcs7|crt|csr|ca}}"

/ssl-certificate/{id}/validation-details

Get the request validation details for a certain certificate which indicate the validation progress/steps that are done or still need to be taken.

Response

Possible errors

Sample

curl \
--request GET \
--user "{{api_username}}:{{api_key}}" \
"{{api_base_url}}/ssl-certificate/{{id}}/validation-details"