SSL Certificate (Purchase)

/ssl-certificate

GET

Returns a list of all certificates.

Request parameters

All values are optional.

plan

uuid

client_reference

string

Filter on the client_reference (optional) used when creating the certificate.

JSON response

Possible errors

Sample

curl \
--request GET \
--user "{{api_username}}:{{api_key}}" \
"{{api_base_url}}/ssl-certificate" | python -m json.tool

POST

Create a new certificate.

This is an asynchronous call. This means that certificate will get created with the status ‘pending’ until it’s fully provisioned, after which the status becomes ‘active’.

JSON request

csr

string

The full Certificate Signing Request (CSR) file contents (including header and footer line) of the domain you’re creating the certificate for. Can be supplied with JSON new lines sign \n (see the request examples below). The CSR should be generated using a key of at least 2048 bits in length.

dcv_type

string

Domain Control Validation (DCV) method to prove domain ownership. There are 3 possible options:

  • EMAIL

  • FILE

  • DNS

Please read the section on how to prepare a domain for the validation

chamber_of_commerce

string

Required for OV* and EV*. Chamber of commerce number of your company.

company_name

string

Optional. If it isn’t supplied explicitly, the company name will be taken from the CSR.

department

string

Required for OV* and EV*.

address

string

Street address

city

string

approver_first_name

string

Required for OV* and EV*.

approver_last_name

string

Required for OV* and EV*.

approver_email_address

string

Required for ‘EMAIL’ Domain Control Validation (DCV)

approver_phone_number

string

zip_code

string

plan

string

A UUID identifier of the plan to be purchased.

client_reference

string

An optional value to be filled by the client. This is usable to identify the created object by an client-side defined value. A use case is the ability to recover from an network-error during creation e.g. no response returned after creation of the customer.

ee_reference_order_id

string

Optional. An Encryption Everywhere order number used to upgrade the certificate.

OV* = organization validation EV* = extended validation

JSON response

Possible errors

Sample

curl \
--request POST \
--user "{{api_username}}:{{api_key}}" \
--data '
    {
        "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIICwTCCAakCAQAwfDELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEUMBIGA1UEAwwLZXhh\nbXBsZS5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9AZXhhbXBsZS5jb20wggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxeHuQf/NN9tQqnFv1h0bvwTY0kWhp\nesx3JUwOnah/FwkZpv+VDJpMG1nzxTRX87GNqn5jPHTzCSiRtGuZpSURj4QYXkh0\npQHsyjZxLE3o+XY9CCxKZ6IkdhCBvvBiPTi9OCY3jyk+3kcqqbX1ETrKGgT4G8T5\nvyPh61YJBpFrrV1Faw2+8DnriOeYbIgoP6Kmq6nRp41GoXOoaP01eAtLqp1uYWuy\npc97N68xZqKR2aXfHJxlof+KMDbnHOuWbFX0GxvziqdXByc//c9J4AN4zDJlGy8C\nA5n9ocbPAP0udZ45tFCI78zfQ5GPe7QaAb7zVzG37hAfNFLpocJMi4CFAgMBAAGg\nADANBgkqhkiG9w0BAQsFAAOCAQEAT/xJ1HCSqj97qK6UE7wC9KzlwL0W43IdxkeZ\nT9In33FwPpvO2G1d57AenO6F/Z+RTdUk0nfpIxGKu1AgiNziK82ko83l8MSRysD6\nxv/jdzIDzBrn8hYpGHNm73FXSmgh4KSJrOb2YTXwHkesgOZb1wMa6okGLjXCdOmc\n7LEtfxsEMwaQukXzgoO9QmqF3QuOMS/2uNK7ZlYICQdiiCRm5KHNDUKT/mtYs1en\nW7TsK+4NUkbiCxC1iFzPrgXaCMXepXXUTzWfbbiLNLmdxra/HhVlhnh2pJXQLhx8\nbt80ifX2OEUlaDgYj2Hg6hhMJ0E8Tyl0MnJI7qwCSczOBzlAlw==\n-----END CERTIFICATE REQUEST-----",

        "dcv_type": "EMAIL",

        "chamber_of_commerce": "12345678",
        "company_name": "Johns inc.",
        "department": "Development",
        "address": "Example street 13",
        "zip_code": "12345",
        "city": "Smallville",

        "approver_first_name": "John",
        "approver_last_name": "Doe",
        "approver_email_address": "john.doe@example.com",
        "approver_phone_number": "+31.612345678",

        "client_reference": "#123",
        "plan": "3f7830c3-3fa4-404d-908f-35daaa1cd17b"
    }
' \
"{{api_base_url}}/ssl-certificate" | python -m json.tool

/ssl-certificate/{id}

GET

Get detailed information about a certificate.

Request parameters

N/A

JSON response

Possible errors

Sample

curl \
--request GET \
--user "{{api_username}}:{{api_key}}" \
"{{api_base_url}}/ssl-certificate/{id}" | python -m json.tool

/ssl-certificate/{id}/renew

Renew the certificate.

This is an asynchronous call. This means that certificate will get updated with the status ‘pending’ until the renew is completed, after which the status becomes ‘active’ again.

Request parameters

csr

string

The full Certificate Signing Request (CSR) file contents (including header and footer line) of the domain you’re creating the certificate for. Can be supplied with JSON new lines sign \n (see the request examples below). The CSR should be generated using a key of at least 2048 bits in length.

dcv_type

string

Domain Control Validation (DCV) method to prove domain ownership. There are 3 possible options:

  • EMAIL

  • FILE

  • DNS

Please read the section on how to prepare a domain for the validation

chamber_of_commerce

string

Required for OV* and EV*. Chamber of commerce number of your company.

company_name

string

department

string

Required for OV* and EV*.

address

string

Street address

city

string

approver_first_name

string

Required for OV* and EV*.

approver_last_name

string

Required for OV* and EV*.

approver_email_address

string

Required for ‘EMAIL’ Domain Control Validation (DCV)

approver_phone_number

string

zip_code

string

plan

string

A UUID identifier of the plan to be purchased.

client_reference

string

An optional value to be filled by the client. This is usable to identify the created object by an client-side defined value. A use case is the ability to recover from an network-error during creation e.g. no response returned after creation of the customer.

OV* = organization validation EV* = extended validation

JSON response

Note: the response returns current state of the object. This changes after the asynchronous request is completed.

object: SSL Certificate

Possible errors

Sample

curl \
--request POST \
--user "{{api_username}}:{{api_key}}" \
--data '
    {
    "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIICwTCCAakCAQAwfDELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEUMBIGA1UEAwwLZXhh\nbXBsZS5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9AZXhhbXBsZS5jb20wggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxeHuQf/NN9tQqnFv1h0bvwTY0kWhp\nesx3JUwOnah/FwkZpv+VDJpMG1nzxTRX87GNqn5jPHTzCSiRtGuZpSURj4QYXkh0\npQHsyjZxLE3o+XY9CCxKZ6IkdhCBvvBiPTi9OCY3jyk+3kcqqbX1ETrKGgT4G8T5\nvyPh61YJBpFrrV1Faw2+8DnriOeYbIgoP6Kmq6nRp41GoXOoaP01eAtLqp1uYWuy\npc97N68xZqKR2aXfHJxlof+KMDbnHOuWbFX0GxvziqdXByc//c9J4AN4zDJlGy8C\nA5n9ocbPAP0udZ45tFCI78zfQ5GPe7QaAb7zVzG37hAfNFLpocJMi4CFAgMBAAGg\nADANBgkqhkiG9w0BAQsFAAOCAQEAT/xJ1HCSqj97qK6UE7wC9KzlwL0W43IdxkeZ\nT9In33FwPpvO2G1d57AenO6F/Z+RTdUk0nfpIxGKu1AgiNziK82ko83l8MSRysD6\nxv/jdzIDzBrn8hYpGHNm73FXSmgh4KSJrOb2YTXwHkesgOZb1wMa6okGLjXCdOmc\n7LEtfxsEMwaQukXzgoO9QmqF3QuOMS/2uNK7ZlYICQdiiCRm5KHNDUKT/mtYs1en\nW7TsK+4NUkbiCxC1iFzPrgXaCMXepXXUTzWfbbiLNLmdxra/HhVlhnh2pJXQLhx8\nbt80ifX2OEUlaDgYj2Hg6hhMJ0E8Tyl0MnJI7qwCSczOBzlAlw==\n-----END CERTIFICATE REQUEST-----",

    "dcv_type": "EMAIL",

    "chamber_of_commerce": "12345678",
    "company_name": "Johns inc.",
    "department": "Development",
    "address": "Example street 13",
    "zip_code": "12345",
    "city": "Smallville",

    "approver_first_name": "John",
    "approver_last_name": "Doe",
    "approver_email_address": "john.doe@example.com",
    "approver_phone_number": "+31.612345678",

    "client_reference": "#123",
    "plan": "3f7830c3-3fa4-404d-908f-35daaa1cd17b"
}
' \
"{{api_base_url}}/ssl-certificate/{id}/renew" | python -m json.tool

DELETE

Delete the certificate which disables it directly.

You will get refunded if the certificate is still within the grace period as defined in the certificate’s plan.

Request parameters

N/A

JSON response

Possible errors

Sample

curl \
--request DELETE \
--user "{{api_username}}:{{api_key}}" \
"{{api_base_url}}/ssl-certificate/{id}" | python -m json.tool

/ssl-certificate/{id}/validate

Retry the Domain Control Validation (DCV).

Request parameters

dcv_type

string

Domain Control Validation (DCV) method to prove domain ownership. There are 3 possible options:

  • EMAIL

  • FILE

  • DNS

Please read the section on how to prepare a domain for the validation

email_address

string

Applicable for the dcv_type ‘EMAIL’. Email address to send the validation email to.

OV* = organization validation EV* = extended validation

JSON response

Possible errors

Sample

curl \
--request POST \
--user "{{api_username}}:{{api_key}}" \
--data '
    {
        "dcv_type": "EMAIL",
        "email_address": "john.doe@example.com",
        "domain": "example.com"
    }
' \
"{{api_base_url}}/ssl-certificate/{id}/validate" | python -m json.tool

/ssl-certificate/{id}/reissue

Reissue the certificate.

The certificate will be activated right away, making the current one invalid.

Request parameters

csr

string

The full Certificate Signing Request (CSR) file contents (including header and footer line) of the domain you’re creating the certificate for. Can be supplied with JSON new lines sign \n (see the request examples below). The CSR should be generated using a key of at least 2048 bits in length.

dcv_type

string

Domain Control Validation (DCV) method to prove domain ownership. There are 3 possible options:

  • EMAIL

  • FILE

  • DNS

Please read the section on how to prepare a domain for the validation

chamber_of_commerce

string

Required for OV* and EV*. Chamber of commerce number of your company.

company_name

string

department

string

Required for OV* and EV*.

address

string

Street address

city

string

approver_first_name

string

Required for OV* and EV*.

approver_last_name

string

Required for OV* and EV*.

approver_email_address

string

Required for ‘EMAIL’ Domain Control Validation (DCV)

approver_phone_number

string

zip_code

string

client_reference

string

An optional value to be filled by the client. This is usable to identify the created object by an client-side defined value. A use case is the ability to recover from an network-error during creation e.g. no response returned after creation of the customer.

OV* = organization validation EV* = extended validation

JSON response

Possible errors

Sample

curl \
--request POST \
--user "{{api_username}}:{{api_key}}" \
--data '
    {
        "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIICwTCCAakCAQAwfDELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEUMBIGA1UEAwwLZXhh\nbXBsZS5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9AZXhhbXBsZS5jb20wggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxeHuQf/NN9tQqnFv1h0bvwTY0kWhp\nesx3JUwOnah/FwkZpv+VDJpMG1nzxTRX87GNqn5jPHTzCSiRtGuZpSURj4QYXkh0\npQHsyjZxLE3o+XY9CCxKZ6IkdhCBvvBiPTi9OCY3jyk+3kcqqbX1ETrKGgT4G8T5\nvyPh61YJBpFrrV1Faw2+8DnriOeYbIgoP6Kmq6nRp41GoXOoaP01eAtLqp1uYWuy\npc97N68xZqKR2aXfHJxlof+KMDbnHOuWbFX0GxvziqdXByc//c9J4AN4zDJlGy8C\nA5n9ocbPAP0udZ45tFCI78zfQ5GPe7QaAb7zVzG37hAfNFLpocJMi4CFAgMBAAGg\nADANBgkqhkiG9w0BAQsFAAOCAQEAT/xJ1HCSqj97qK6UE7wC9KzlwL0W43IdxkeZ\nT9In33FwPpvO2G1d57AenO6F/Z+RTdUk0nfpIxGKu1AgiNziK82ko83l8MSRysD6\nxv/jdzIDzBrn8hYpGHNm73FXSmgh4KSJrOb2YTXwHkesgOZb1wMa6okGLjXCdOmc\n7LEtfxsEMwaQukXzgoO9QmqF3QuOMS/2uNK7ZlYICQdiiCRm5KHNDUKT/mtYs1en\nW7TsK+4NUkbiCxC1iFzPrgXaCMXepXXUTzWfbbiLNLmdxra/HhVlhnh2pJXQLhx8\nbt80ifX2OEUlaDgYj2Hg6hhMJ0E8Tyl0MnJI7qwCSczOBzlAlw==\n-----END CERTIFICATE REQUEST-----",

        "dcv_type": "EMAIL",

        "chamber_of_commerce": "12345678",
        "company_name": "Johns inc.",
        "department": "Development",
        "address": "Example street 13",
        "zip_code": "12345",
        "city": "Smallville",

        "approver_first_name": "John",
        "approver_last_name": "Doe",
        "approver_email_address": "john.doe@example.com",
        "approver_phone_number": "+31.612345678",

        "client_reference": "#123"
    }
' \
"{{api_base_url}}/ssl-certificate/{id}/reissue" | python -m json.tool

/ssl-certificate/{id}/download-{zip|pkcs7|crt|csr|ca}

Download the existing certificate in one of supported formats (zip, pkcs7, crt, csr or ca).

Response

A file-attachment (Content-Type: application/octet-stream) with the SSL-certificate. A format of the file corresponds the selected extension (zip, pkcs7, crt, csr or ca).

Possible errors

Sample

curl \
--request GET \
--user "{{api_username}}:{{api_key}}" \
"{{api_base_url}}/ssl-certificate/{{id}}/download-{{zip|pkcs7|crt|csr|ca}}"

/ssl-certificate/{id}/validation-details

Get the request validation details for a certain certificate which indicate the validation progress/steps that are done or still need to be taken.

Response

Possible errors

Sample

curl \
--request GET \
--user "{{api_username}}:{{api_key}}" \
"{{api_base_url}}/ssl-certificate/{{id}}/validation-details"