Developer Hub

Welcome to CertCenter's Developer Hub. You'll find comprehensive guides and documentation to help you start working with CertCenter as quickly as possible, as well as support if you get stuck.

Let's jump right in!

Get Started Full API Reference

/Profile

Retrieve information about your profile

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Profile
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
x = api.Profile()
print repr(x)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->Profile() );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Get my profile information
	//
	res, _ := certcenter.Profile()
	fmt.Println(res)
}
curl "https://api.certcenter.com/rest/v1/Profile" -H "Authorization: Bearer #token#"
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "AuthType": "OAUTH2",
  "AuthorizationID": 123,
  "Country": "DE",
  "Currency": "EUR",
  "CustomerID": 123456,
  "Locale": "de_DE",
  "OAuth2_Token": "#token#",
  "Scope": "UI",
  "Timezone": "Europe/Berlin"
}
 

Retrieve information regarding the current profile.

Response Attributes

  • Currency - Current currency
  • AuthType - Type of the applied authentication (currently only "OAUTH2" possible)
  • OAuth2_Token - OAuth2 Bearer Token used for the Authentication
  • Country - Country set in your user profile (ISO code, e.g. DE, US, GB, ..)
  • Timezone - Time zone related to your user profile (e.g. "Europe/Berlin")
  • Locale - Local settings (e.g. "de_DE")
  • Scope - API = Pure API-User, UI = Token authorized via CertCenter Extranet
  • AuthorizationID - OAuth2 Bearer Token authorized with specified user with ID
  • CustomerID - User’s Customer ID

/Limit

Retrieve information about your individual limits

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Limit
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
x = api.Limit()
print repr(x)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->Limit() );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Inquire limit informations
	res, _ := certcenter.Limit()
	fmt.Println(res)
	return
}
curl "https://api.certcenter.com/rest/v1/Limit" -H "Authorization: Bearer #token#"
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "LimitInfo": {
    "Limit": 10000,
    "Used": 4508.35
  },
  "success": true
}
 

Retrieve current information about the individual limit.
Here you can find more general information about your limits.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • LimitInfo.Limit - Credit limit
  • LimitInfo.Used - Currently used

CURRENCIES

Amounts are always in the currency of your account.

/Quote

Create a quotation

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Quote
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.Quote(req={
	"ProductCode": "GlobalSign.ExtendedSSL",
	"SubjectAltNameCount": 2,
	"ValidityPeriod": 12,
	"ServerCount": 1
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
	"ProductCode"=>"GlobalSign.ExtendedSSL",
	"SubjectAltNameCount"=>2,
	"ValidityPeriod"=>12,
	"ServerCount"=>1
);
print_r( $api->Quote($request) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Get a Quote
  //
	res, _ := certcenter.Quote(&certcenter.QuoteRequest{
		ProductCode: "Comodo.InstantSSL",
		SubjectAltNameCount: 0,
		ValidityPeriod: 24,
		ServerCount: 1,
	})
	fmt.Println(res)
	return
}
curl "https://api.certcenter.com/rest/v1/Quote?ProductCode=GlobalSign.ExtendedSSL&ValidityPeriod=12&ServerCount=1&SubjectAltNameCount=2" -H "Authorization: Bearer #token#"
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "Currency": "EUR",
  "OrderParameters": {
    "ProductCode": "GlobalSign.ExtendedSSL",
    "ServerCount": 0,
    "SubjectAltNameCount": 2,
    "ValidityPeriod": 12
  },
  "Price": 123.45,
  "success": true
}

Query Params

ProductCode
string
required

Valid ProductCode

ValidityPeriod
int32
required

Unit is "number of months" on regular ProductCodes (12 or 24) and "number of days" on AlwaysOnSSL products (min: 180, max: 365).

ServerCount
int32
required

Number of server licenses

SubjectAltNameCount
int32
required

Number of (NON-wildcard) SAN hosts

 

This method may be used to determine an exact price before purchase.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Currency - Current currency
  • Price - Total amount for the required product
  • OrderParameters.ProductCode - Requested Product Code
  • OrderParameters.ServerCount - Requested amount of licenses
  • OrderParameters.SubjectAltNameCount - Requested amount of additional SANs
  • OrderParameters.ValidityPeriod - Requested validity period in months

CURRENCIES

Amounts are always in the currency of your account.

/Products

Retrieve valid ProductCodes

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Products
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.Products()
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->Products() );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Get all valid ProductCodes
	res, _ := certcenter.Products()
	fmt.Println(res)
	return
}
curl "https://api.certcenter.com/rest/v1/Products" -H "Authorization: Bearer #token#"
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "Products": [
    "Symantec.SecureSite",
    "Symantec.SecureSitePro",
    "Symantec.SecureSiteEV",
    "Symantec.SecureSiteProEV",
    "Symantec.SecureSiteWildcard",
    {..}
  ],
  "success": true
}
 

This method let you retrieve all valid product codes and corresponding options and properties.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Products - Array of valid ProductCodes (eg. Symantec.SecureSiteEV)

/ProductDetails

Retrieve details on a proper product

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/ProductDetails
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.ProductDetails(req={"ProductCode":"GlobalSign.ExtendedSSL"})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->ProductDetails(Array("ProductCode"=>"GlobalSign.ExtendedSSL")) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Inquire details about a product
  //
	res, _ := certcenter.ProductDetails("Comodo.InstantSSL")
	fmt.Println(res)
	return
}
curl "https://api.certcenter.com/rest/v1/ProductDetails?ProductCode=GlobalSign.ExtendedSSL" -H "Authorization: Bearer #token#"
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "ProductDetails": {
    "CA": "GlobalSign",
    "Currency": "EUR",
    "Features": [
      "EV",
      "SAN",
      "ECC"
    ],
    "Licenses": 0,
    "MaxValidityPeriod": 24,
    "Price": 123.45,
    "ProductCode": "GlobalSign.ExtendedSSL",
    "ProductName": "GlobalSign ExtendedSSL",
    "ProductType": "SSL",
    "RefundPeriod": 30,
    "RenewPeriod": 90,
    "SANFeatures": [
      "externalDomains",
      "HostOnlyIncluded"
    ],
    "SANHostPrice": 123.00,
    "SANMaxHosts": 100,
    "SANPackagePrice": 0.00,
    "SANPackageSize": 0.00,
    "SANWildcardPrice": 0.00,
  },
  "success": true
}

Query Params

ProductCode
string

Valid ProductCode's are available through /Products

 

This method let you retrieve details about the specified ProductCode, like

  • Product Features
  • Maximum period of validity
  • Base price
  • Included server licenses
  • Product Description
  • Certification Authority (CA)

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • ProductDetails.Features - Multiple values are possible. Possible values:
Value
Description

DV

Support for Domain Validation

OV

Support for Organization Validation

EV

Support for Extended Validation

SAN

Support for Subject Alternative Names

WC

Wildcard option (*.example.com)

ECC

Elliptic Curve Cryptography

DSA

Digital Signature Algorithm

DMS

Daily Malware Scan

TS

Trust Seal

WVS

Vulnerability Assessment

RI

Ready Issuance (Pre-Validation)

  • ProductDetails.MaxValidityPeriod - Period of validity in months (at least 12)
  • ProductDetails.RenewPeriod - Remaining time before the expiration of old certificates may be applied to the period of validity of a new certificate
  • ProductDetails.RefundPeriod - Days allotted after the issuance of the certificate where revocation of the certificate can be made free of charge.
  • ProductDetails.Price - Price for the certificate
  • ProductDetails.Currency - Currency
  • ProductDetails.Licenses Number of included licenses (0 = unlimited)
  • ProductDetails.DVAuthMethods - Multiple values are possible. Possible values:
Value
Description

FILE

File-based validation is available

DNS

DNS based validation is available

META

META-Tag validation is available (only GlobalSign products)

EMAIL

EMAIL based validation is available

  • ProductDetails.ProductType - Possible Values:
Value
Description

SSL

SSL/TLS Certificates

CODESIGN

Code Signing Certificates

SMIME

S/MIME Certificates / Digital IDs

TRUSTSEAL

Dynamic Trust Seals without SSL/TLS Certificate

Additional Response Attributes (if the certificate allows SANs):

  • ProductDetails.SANFeatures - Multiple values possible. Possible values:
Value
Description

externalDomains

Additional hostnames possible where the domain can be different to those in the CommonName

equalDomains

Additional hostnames possible, equal to the CommonName

HostOnlyIncluded

APEX-Domain (e.g. "example.com") included in the order if the common name is "www.example.com."

dailyMalwareScan

Daily malware scan, also included for SAN-Hosts

wildcard

Wildcard DNSNames allowed

  • ProductDetails.SANPackagePrice - Package price for the initial minimum of SAN-Hosts (currently only for GeoTrust True BusinessID Certificates)
  • ProductDetails.SANPackageSize - SAN package size (included hosts)
  • ProductDetails.SANMaxHosts - Max number of SANs
  • ProductDetails.SANHostPrice - Price for one additional SAN (For GeoTrust True BusinessID Certificates every SAN after the SAN Package)
  • ProductDetails.SANWildcardPrice - Price for one additional Wildcard SAN (For GeoTrust True BusinessID Certificates every SAN after the SAN Package)

CURRENCIES

Amounts are always in the currency of your account.

/Order

Submitting an Order

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/Order
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
 "OrganizationInfo": {
  "OrganizationName": "Super Mall, Inc.",
  "OrganizationAddress": {
   "AddressLine1": "5550 E Woodmen Rd",
   "PostalCode": "80920",
   "City": "Colorado Springs",
   "Region": "CO",
   "Country": "US",
   "Phone": "+1 719-111-111",
   "Fax": "+1 719-111-112"
  }
 },
 "OrderParameters": {
  "ProductCode": "Comodo.ComodoMDC",
  "IsCompetitiveUpgrade": False,
  "DVAuthMethod": "EMAIL",
  "SubjectAltNames": [
   "www.super-mall-inc.net",
   "www.super-mall-inc.de"
  ],
  "PartnerOrderID": "WhatEverYouWant-ItsYourOrderIdentifier",
  "IsRenewal": False,
  "ServerCount": 1,
  "SignatureHashAlgorithm": "SHA256-ECC-HYBRID",
  "CSR": "#CSR#",
  "ValidityPeriod": 12,
  "DomainApprovers": [{
        "Domain": "super-mall-inc.net",
        "Approvers": [
          "admin@super-mall-inc.net",
          "jon.doe@super-mall-inc.net"
        ]
      }, {
        "Domain": "super-mall-inc.de",
        "Approvers": [
          "hans.mueller@super-mall-inc.de"
        ]
      }
  ]
 },
 "AdminContact": {
  "Title": "CIO",
  "FirstName": "John",
  "LastName": "Doe",
  "OrganizationName": "Super Mall, Inc.",
  "OrganizationAddress": {
    "AddressLine1": "5550 E Woodmen Rd",
    "PostalCode": "80920",
    "City": "Colorado Springs",
    "Region": "CO",
    "Country": "US"
  },
  "Phone": "+1 719-111-111",
  "Fax": "+1 719-111-112",
  "Email": "admin@super-mall.com"
 },
}
request['TechContact'] = request['AdminContact']
res = api.Order(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "OrganizationInfo"=>Array(
 "OrganizationName"=>"Super Mall, Inc.",
 "OrganizationAddress"=>Array(
		"AddressLine1"=>"5550 E Woodmen Rd",
		"PostalCode"=>"80920",
		"City"=>"Colorado Springs",
		"Region"=>"CO",
		"Country"=>"US",
		"Phone"=>"string",
		"Fax"=>"string",
		"Phone"=>"+1 719-111-111",
		"Fax"=>"+1 719-111-112"
	)
  ),
  "OrderParameters"=>Array(
    "ProductCode"=>"GlobalSign.OrganizationSSL",
    "IsCompetitiveUpgrade"=>false,
    "SubjectAltNames"=>Array(
      "www.super-mall-inc.net",
      "www.super-mall-inc.de"
    ),
    "PartnerOrderID"=>"WhatEverYouWant-ItsYourOrderIdentifier",
    "IsRenewal"=>false,
    "ServerCount"=>1,
    "SignatureHashAlgorithm"=>"SHA256-ECC-HYBRID",
    "CSR"=>"-----BEGIN CERTIFICATE REQUEST-----
MIIBVTCB/QIBADCBmjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNPMRkwFwYDVQQH
ExBDb2xvcmFkbyBTcHJpbmdzMRkwFwYDVQQKExBTdXBlciBNYWxsLCBJbmMuMR8w
HQYDVQQDExZ3d3cuc3VwZXItbWFsbC1pbmMuY29tMScwJQYJKoZIhvcNAQkBFhhh
ZG1pbkBzdXBlci1tYWxsLWluYy5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC
AAT4E1K5QOPD55LbB7x8ydEJhVa69SpScj5at6R1f8HdBckhuXvxJX+XvaLQvA0d
M6aZFEfcPlzoLgmTbtcnUEWloAAwCQYHKoZIzj0EAQNIADBFAiAB0XTEhsle2SNb
A2462JcRYBSAWf4gSRUHpCxCRHm6OQIhAK6rn6B40kh4EdAvuL9BaCQjeU0HHIG9
lj1JDQDKSbBZ
-----END CERTIFICATE REQUEST-----
",
    "Email"=>"domains@super-mall.com",
    "ValidityPeriod"=>12
  ),
  "AdminContact"=>Array(
    "Title"=>"CIO",
    "FirstName"=>"John",
    "LastName"=>"Doe",
    "OrganizationName"=>"Super Mall, Inc.",
    "OrganizationAddress"=>Array(
      "AddressLine1"=>"5550 E Woodmen Rd",
      "PostalCode"=>"80920",
      "City"=>"Colorado Springs",
      "Region"=>"CO",
      "Country"=>"US"
    ),
    "Phone"=>"+1 719-111-111",
    "Fax"=>"+1 719-111-112",
    "Email"=>"admin@super-mall.com"
  ),
);
$request['TechContact'] = $request['AdminContact'];
print_r( $api->Order($request) );
?>
package main

import (
	"fmt"
	"io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {

	// Order a certificate
	csr, _ := ioutil.ReadFile("csr")
	res, _ := certcenter.Order(&certcenter.OrderRequest{
			OrderParameters: &certcenter.OrderParameters{
				ProductCode: "Comodo.InstantSSL",
				CSR: string(csr),
				ValidityPeriod: 24,
				ServerCount: 1,
				DomainApprovers: &certcenter.DomainApprovers{
					DomainApprover: []certcenter.DomainApproverItem{certcenter.DomainApproverItem{
						Domain: "certcenter.com",
						Approvers: []certcenter.Approver{certcenter.Approver{
							ApproverEmail: "domains@certcenter.com",
						}},
					}},
				},
			},
			OrganizationInfo: &certcenter.OrganizationInfo{
				OrganizationName: "CertCenter AG",
				OrganizationAddress: &certcenter.OrganizationAddress{
					AddressLine1: "Bleichstraße 8a",
					PostalCode: "35390",
					City: "Gießen",
					Region: "Hessen",
					Country: "DE",
					Phone: "+49 641 80899520",
					Fax: "+49 641 80899521",
				},
			},
			AdminContact: &certcenter.Contact{
				FirstName: "John",
				LastName: "Doe",
				Title: "CTO",
				Phone: "+49 641 80899520",
				Fax: "+49 641 80899521",
				Email: "john.doe@example.com",
				OrganizationName: "CertCenter AG",
				OrganizationAddress: &certcenter.OrganizationAddress{
					AddressLine1: "Bleichstraße 8a",
					PostalCode: "35390",
					City: "Gießen",
					Region: "Hessen",
					Country: "DE",
					Phone: "+49 641 80899520",
					Fax: "+49 641 80899521",
				},
			},
			TechContact: &certcenter.Contact{
				FirstName: "John",
				LastName: "Doe",
				Title: "CTO",
				Phone: "+49 641 80899520",
				Fax: "+49 641 80899521",
				Email: "john.doe@example.com",
				OrganizationName: "CertCenter AG",
				OrganizationAddress: &certcenter.OrganizationAddress{
					AddressLine1: "Bleichstraße 8a",
					PostalCode: "35390",
					City: "Gießen",
					Region: "Hessen",
					Country: "DE",
					Phone: "+49 641 80899520",
					Fax: "+49 641 80899521",
				},
			},
		},
	)
	fmt.Println(res)
	return
}
curl -X POST 'https://api.certcenter.com/rest/v1/Order' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer #token#' \
  -d '{
  "OrderParameters": {
    "PartnerOrderID": "UniqueId",
    "ProductCode": "GlobalSign.ExtendedSSL",
    "ValidityPeriod": 12,
    "CSR": "#CSR#",
    "ServerCount": 1,
    "SubjectAltNames": [
      "www.example-bank.net",
      "www.example-bank.com"
    ],
    "IsCompetitiveUpgrade": false,
    "IsRenewal": false
  },
  "OrganizationInfo": {
    "OrganizationName": "Muster Bank AG",
    "OrganizationAddress": {
      "AddressLine1": "Friedrich-Ebert-Anlage 49",
      "City": "Frankfurt am Main",
      "PostalCode": "60308",
      "Region": "Hessen",
      "Country": "DE",
      "Fax": "+49 69 1234567891",
      "Phone": "+49 69 1234567890"
    }
  },
  "AdminContact": {
    "Title": "CIO",
    "FirstName": "Max",
    "LastName": "Mustermann",
    "Phone": "+49 69 1234567890",
    "Fax": "+49 69 1234567891",
    "Email": "it@example-bank.de",
    "OrganizationName": "Muster Bank AG",
    "OrganizationAddress": {
      "AddressLine1": "Friedrich-Ebert-Anlage 49",
      "City": "Frankfurt am Main",
      "PostalCode": "60308",
      "Region": "Hessen",
      "Country": "DE"
    }
  },
  "TechContact": {
    "Title": "CIO",
    "FirstName": "Max",
    "LastName": "Mustermann",
    "Phone": "+49 69 1234567890",
    "Fax": "+49 69 1234567891",
    "Email": "it@muster-bank.de",
    "OrganizationName": "Muster Bank AG",
    "OrganizationAddress": {
      "AddressLine1": "Friedrich-Ebert-Anlage 49",
      "City": "Frankfurt am Main",
      "PostalCode": "60308",
      "Region": "Hessen",
      "Country": "DE"
    }
  }
}'
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.Order(req={
	'OrderParameters': {
		"ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
		"CSR": "#CSR#",
		"ValidityPeriod": 180,
		"DVAuthMethod": "DNS"
	}
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->Order(Array(
	'OrderParameters' => Array(
		"ProductCode" => "AlwaysOnSSL.AlwaysOnSSL",
		"CSR" => $CSR,
		"ValidityPeriod" => 180,
		"DVAuthMethod" => "DNS"
	)
)) );
?>
curl -X POST 'https://api.certcenter.com/rest/v1/Order' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer #token#' \
  -d '{
  "OrderParameters": {
    "ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
    "CSR": "#CSR#",
    "ValidityPeriod": 180
  }
}'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "success": true,
  "Timestamp": "2015-12-31T23:59:59Z",
  "CertCenterOrderID": 1234567890,
  "OrderParameters": {
    "CSR": "#CSR#",
    "IsCompetitiveUpgrade": false,
    "IsRenewal": false,
    "PartnerOrderID": "UniqueId",
    "ProductCode": "Comodo.ComodoMDC",
    "ServerCount": 0,
    "SignatureHashAlgorithm": "SHA256-ECC-HYBRID",
    "SubjectAltNameCount": 2,
    "SubjectAltNames": [
      "www.example-bank.net",
      "www.example-bank.com"
    ],
    "ValidityPeriod": 12
  }
}
{
  "success": true
  "Timestamp": "2016-02-23T12:45:31Z",
  "CertCenterOrderID": 1234567890,
  "Fulfillment": {
    "Certificate": "-----BEGIN CERTIFICATE-----
{..}
-----END CERTIFICATE-----",
    "Certificate_PKCS7": "-----BEGIN PKCS #7 SIGNED DATA-----
{..}
-----END PKCS #7 SIGNED DATA-----",
    "Intermediate": "-----BEGIN CERTIFICATE-----
{..}
-----END CERTIFICATE-----"
  },
  "OrderParameters": {
    "CSR": "-----BEGIN CERTIFICATE REQUEST-----
{...}
-----END CERTIFICATE REQUEST-----",
    "DVAuthMethod": "DNS",
    "PartnerOrderID": "APIR-XYZ123-EXAMPLE",
    "ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
    "SignatureHashAlgorithm": "SHA256-FULL-CHAIN",
    "ValidityPeriod": 180
  }
}

Body Params

OrderParameters
object
required
 
OrderParameters.ProductCode
string
required

Valid Product Code (e.g. GeoTrust.TrueBusinessID)

OrderParameters.PartnerOrderID
string

You may specify a value for your own reference

OrderParameters.ValidityPeriod
integer
required

Unit is "number of months" on regular ProductCodes (12 or 24) and "number of days" on AlwaysOnSSL products (min: 180, max: 365).

OrderParameters.CSR
string
required

PEM encoded Certificate Signing Request (PKCS#10)

OrderParameters.ServerCount
integer

Number of server licenses (default: 1), Mandatory for products with license based pricing (e.g. Symantec Secure Site)

OrderParameters.DVAuthMethod
string

Possible values: EMAIL, DNS, FILE. (default: EMAIL)

OrderParameters.SubjectAltNames
array of strings

Array of SAN hosts (available for products with SAN feature)

OrderParameters.InstallationService
boolean

True if you want CertCenter to configure the (customer's) web server (plus 89€)

OrderParameters.ExpediteIssuance
boolean

True if you want to expedite issuance time for OV/EV orders (plus 29€) [Only available for Comodo products]

OrderParameters.ApproverEmail
string

Email Address which should be used to validate a DV order

OrderParameters.SignatureHashAlgorithm
string

Desired Signature Hash Algorighm

OrderParameters.IsRenewal
boolean

Indicates whether this order is a renewal or a new order

OrderParameters.IsCompetitiveUpgrade
boolean

Indicates whether this order is a competitive updated (from CAs POV) or not

OrderParameters.DomainApprovers
object

Domain Control Validation information (if you want to use email based DCV)

 
AdminContact
object
required
 
AdminContact.FirstName
string
AdminContact.LastName
string
AdminContact.Phone
string
AdminContact.Fax
string
AdminContact.Email
string
AdminContact.OrganizationName
string
AdminContact.OrganizationAddress
string
TechContact
object
required
 
TechContact.FirstName
string
TechContact.LastName
string
TechContact.Phone
string
TechContact.Fax
string
TechContact.Email
string
TechContact.OrganizationName
string
TechContact.OrganizationAddress
string
OrganizationInfo
object

Required for OV/EV order only

 
OrganizationInfo.OrganizationAddress
object
 
 

Required Parameters for Certificates with Domain Validation

  • OrderParameters.ProductCode - Valid ProductCode for DV certificates (e.g. GlobalSign.DomainSSL)
  • OrderParameters.ValidityPeriod - Unit is "number of months" on regular ProductCodes (12 or 24) and "number of days" on AlwaysOnSSL products (min: 180, max: 365).
  • OrderParameters.CSR - Valid Certificate Signing Request (CSR) (PEM-encoded PKCS#10). Generated with a RSA-/ECC-Key (min. 2048 bit)
  • AdminContact.FirstName - First name of contact person
  • AdminContact.LastName - Last name of contact person
  • AdminContact.Phone - Phone number of contact person
  • AdminContact.Email - E-mail address of contact person
  • TechContact.FirstName - First name of contact person
  • TechContact.LastName - Last name of contact person
  • TechContact.Phone - Phone number of contact person
  • TechContact.Email - E-mail address of contact person

Additional required parameters for Organization-Validated certificates

  • OrderParameters.ServerCount - For certificates from Symantec
  • AdminContact.OrganizationName - For certificates from Symantec
  • AdminContact.OrganizationAddress - For certificates from Symantec
  • AdminContact.OrganizationAddress.AddressLine1 - Address
  • AdminContact.OrganizationAddress.PostalCode - Area Code
  • AdminContact.OrganizationAddress.City - City
  • AdminContact.OrganizationAddress.Region - State
  • AdminContact.OrganizationAddress.Country - ISO country code
  • AdminContact.Title - Title of contact person (z.B. CIO)
  • AdminContact.Fax - Fax number of contact person
  • TechContact.OrganizationName - For certificates from Symantec
  • TechContact.OrganizationAddress - For certificates from Symantec
  • TechContact.OrganizationAddress.AddressLine1 - Address
  • TechContact.OrganizationAddress.PostalCode - Area Code
  • TechContact.OrganizationAddress.City - City
  • TechContact.OrganizationAddress.Region - State
  • TechContact.OrganizationAddress.Country - ISO country code
  • TechContact.Title - Title of contact person (z.B. CIO)
  • TechContact.Fax - Fax number of contact person
  • OrganizationInfo.OrganizationName - Name of Organization/Company
  • OrganizationInfo.OrganizationAddress
  • OrganizationInfo.OrganizationAddress.AddressLine1 - Address
  • OrganizationInfo.OrganizationAddress.PostalCode - Area Code
  • OrganizationInfo.OrganizationAddress.City - City
  • OrganizationInfo.OrganizationAddress.Region - State
  • OrganizationInfo.OrganizationAddress.Country - ISO country code
  • OrganizationInfo.OrganizationAddress.Phone - Phone number

Optional Parameters

  • OrderParameters.PartnerOrderID - Partner Order number
  • OrderParameters.InstallationService - Possible values: true/false (boolean), True if you want CertCenter to configure the (customer's) web server (plus 89 €)
  • OrderParameters.ExpediteIssuance - Possible values: true/false (boolean). True if you want to expedite issuance time for OV/EV orders (plus 29 €) [Only available for Comodo products!]
  • OrderParameters.DVAuthMethod - Method for Domain Control Validation. Possible values are: EMAIL, DNS, FILE (default: EMAIL)
Value
Description

EMAIL

Domain Control Validation will be carried out via E-Mail (Standard)

DNS

Domain Control Validation will be carried out via DNS-Entry

FILE

Domain Control Validation will be carried out via File-Auth

  • OrderParameters.ApproverEmail [deprecated] - Valid e-mail from the domain owner. Information is required for Domain Validation via e-mail.
  • OrderParameters.DomainApprovers[] - With DomainApprovers you can set one or more approver emails per unique domain in your order (e.g., for SAN hosts). This type of DCV (Domain Control Validation) is currently not supported by GlobalSign. Please use OrderParameters.ApproverEmail for all GlobalSign orders. OrderParameters.ApproverEmail will be ignored if DomainApprovers has been submitted.
  • OrderParameters.DomainApprovers[] - Array of DCV information
  • OrderParameters.DomainApprovers[].Domain - Authorization Domain Name
  • OrderParameters.DomainApprovers[].Approvers[] - Array of email addresses for the given domain
  • OrderParameters.SubjectAltNames - Additional Hostnames, comma separated (Subject Alternative Names)
  • OrderParameters.IsCompetitiveUpgrade - Upgrade from a product of a competitor (= free month, no discount). For competitor upgrade, validity can only be up to 12 months; as remaining validity from your existing cert will get added (up to 12 months).
  • OrderParameters.IsRenewal - Renewal of an existing product (= remaining time will be accounted for the period of validity of the new certificate)
  • OrderParameters.SignatureHashAlgorithm - Key Encryption Algorithm (RSA, ECC) with the related private key, you can choose the desired Signature Hashing Algorithm for your certificate:
Value
Description

SHA256-FULL-CHAIN

Default and recommended

SHA2-256

Use SHA2 leaf certificate with a SHA1 root

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Errors - Should this situation arise - Error structure (see handling Errors)
  • Timestamp - Timestamp in UTC
  • CertCenterOrderID - >0 (integer), if successful, otherwise 0
  • OrderParameters
  • OrderParameters.CSR - CSR from the order
  • OrderParameters.IsCompetitiveUpgrade - Is the order a competitive upgrade? Possible values: true/false (boolean)
  • OrderParameters.IsRenewal - Is it a renewal? Possible values: true/false (boolean)
  • OrderParameters.IsUpsell - Upgrade from AlwaysOnSSL to another Product? Possible values: true/false (boolean)
  • OrderParameters.PartnerOrderID - Partner- OrderID. If not transmitted, it will be generated automatically
  • OrderParameters.ProductCode - Transmitted Product Code
  • OrderParameters.ServerCount - Amount of server licenses
  • OrderParameters.SignatureHashAlgorithm - Signature Hash Algorithmus
  • OrderParameters.SubjectAltNameCount - Amount of SANs (max. of 250 for DigiCert brands)
  • OrderParameters.SubjectAltNames - Transmitted SANs
  • OrderParameters.ValidityPeriod - Validity period
  • OrderParameters.DomainApprovers[] - Information for the Domain Control Validation via EMAIL
  • OrderParameters.DNSAuthDetails - Information for the Domain Control Validation via DNS
  • OrderParameters.DNSAuthDetails.PointerType - Possible value: TXT (DigiCert, GlobalSign), CNAME (Comodo)
  • OrderParameters.DNSAuthDetails.DNSEntry - DNS entry to be created (e.g. example.com.). If this value is equal to OrderParameters.DNSAuthDetails.FQDNs[0] or even empty, then you shall replace DNSEntry by the name of the FQDNs; otherwise this DNSEntry field contains a hash value (e.g. for Comodo DCV via DNS).
  • OrderParameters.DNSAuthDetails.DNSValue - Value for required entry
  • OrderParameters.DNSAuthDetails.FQDNs[] - List of hostnames for which you need to create a DNS entry
  • OrderParameters.FileAuthDetails - Information for the Domain Control Validation via FILE
  • OrderParameters.FileAuthDetails.FileName - File name
  • OrderParameters.FileAuthDetails.FilePath - File path
  • OrderParameters.FileAuthDetails.FileContents - Content of the File
  • OrderParameters.FileAuthDetails.FQDNs[] - List of hostnames the file needs to be placed on
  • OrderParameters.ApproverEmail [deprecated] - If applicable

/ApproverList

Request allowed email addresses for domain validation via EMAIL

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/ApproverList
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.ApproverList(req={
 "CommonName": "www.certcenter.com",
 "ProductCode": "GeoTrust.RapidSSL",
 # Optional DNSNames
 "DNSNames": "www.certcenter.de,www.certcenter.fr,www.certcenter.co.uk",
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
	"CommonName"=> "www.certcenter.com",
	"ProductCode"=> "GeoTrust.QuickSSL",
  # Optional DNSNames
  "DNSNames" => "www.certcenter.de,www.certcenter.fr,www.certcenter.co.uk",
);
print_r( $api->ApproverList($request) );
?>
package main

import (
	"fmt"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)
func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Get valid email addresses for email based DV validation
	res, _ := certcenter.ApproverList(&certcenter.ApproverListRequest{
		CommonName: "www.example.com",
		ProductCode: "GeoTrust.QuickSSLPremium",
		// optional value (comma seperated list of hosts)
		DNSNames: "www.example.org, www.example.co.uk",
	})

	if res.DomainApprovers != (&certcenter.DomainApprovers{}) {
		// Make use of the new DomainApprovers structure
		for i:=0; i < len(res.DomainApprovers.DomainApprover); i++ {
			fmt.Println(res.DomainApprovers.DomainApprover[i])
		}
	} else {
		// Use the legacy structure (provided by non-compatible CAs)
		for i:=0; i < len(res.ApproverList); i++ {
			fmt.Println(res.ApproverList[i])
		}
	}

	return
}
curl 'https://api.certcenter.com/rest/v1/ApproverList?CommonName=www.certcenter.com&DNSNames=www.certcenter.de,www.certcenter.fr,www.certcenter.co.uk' -H 'Authorization: Bearer #token#'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
 "success" : true,

 // List of valid approvers for CN's domain
 "ApproverList" : [
  {
   "ApproverEmail" : "domains@certcenter.com",
   "ApproverType" : "Domain"
  },
  {
   "ApproverEmail" : "admin@certcenter.com",
   "ApproverType" : "Generic"
  },
  // {...}
 ],

 // Domain speficic list of valid approvers
 "DomainApprovers" : {
  "DomainApprover" : [
   {
    "Domain" : "certcenter.fr",
    "Approvers" : [
     {
      "ApproverEmail" : "domains@certcenter.com",
      "ApproverType" : "Domain"
     },
     {
      "ApproverEmail" : "admin@certcenter.fr",
      "ApproverType" : "Generic"
     },
     // {...}
    ]
   },
   {
    "Domain" : "certcenter.com",
    "Approvers" : [
     {
      "ApproverType" : "Domain",
      "ApproverEmail" : "domains@certcenter.com"
     },
     {
      "ApproverEmail" : "admin@certcenter.com",
      "ApproverType" : "Generic"
     },
     // {...}
    ]
   },
  // {...}
  ]
 }
}

Query Params

CommonName
string
required
ProductCode
string
required
DNSNames
string

Comma separated list of additional host names (SANs)

 

To issue domain validated certificates, you need to validate domains ownership either by sending out an email to an address specified by the CA or by checking a special file on a proper web server address. To do email validations, it is necessary to look up qualified email addresses. This method is suitable for exactly this purpose.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • ApproverList[] - Array with valid e-mail addresses
  • ApproverList[].ApproverEmail - E-mail
  • ApproverList[].ApproverType - Possible values: Generic, Domain
  • DomainApprovers.DomainApprover[] - Array of DomainApprover
  • DomainApprovers.DomainApprover[].Domain - E-mail
  • DomainApprovers.DomainApprover[].Approvers[] - Array with valid e-mail addresses for the domain, specified
  • DomainApprovers.DomainApprover[].Approvers[].ApproverEmail - E-mail
  • DomainApprovers.DomainApprover[].Approvers[].ApproverType - Possible values: Generic, Domain

ApproverType "Generic"

This approver type refers to the common e-mail address (like admin@ or postmaster@) which you can use for your DV order. The customer will receive an e-mail to confirm and release the order.

ApproverType "Domain"

This approver type indicates the CA got from the public domain whois server.

/UserAgreement

Get the CAs Subscriber Agreement for the product specified

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/UserAgreement
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.UserAgreement(req={'ProductCode':'Symantec.SecureSite'})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->UserAgreement(Array("ProductCode"=>"GeoTrust.QuickSSLPremium")) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Get the CA's User Subscriber Agreement
  //
	res, _ := certcenter.UserAgreement("Symantec.SecureSite")
	fmt.Println(res)
	return
}
curl 'https://api.certcenter.com/rest/v1/UserAgreement?ProductCode=Symantec.SecureSite' -H 'Authorization: Bearer #token#'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "success": true,
  "ProductCode": "Symantec.SecureSite",
  "UserAgreement": "SSL Certificate Subscriber Agreement
YOU MUST READ THIS SSL CERTIFICATE SUBSCRIBER AGREEMENT {..}"
}

Query Params

ProductCode
string
required

Valid ProductCode

 

We encourage to display the Certificate Authorities' Subscriber Agreement in your order routine - right ahead of the order button.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • ProductCode - Requested Product Code
  • UserAgreement - Terms of Use for the related Product Code

/ApproverEmail/:CertCenterOrderID

Changing a approvers email address

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
puthttps://api.certcenter.com/rest/v1/ApproverEmail/CertCenterOrderID
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.UpdateApproverEmail(req={
 'CertCenterOrderID': 1234567890,
 'ApproverEmail': 'admin@exmaple.com'
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "CertCenterOrderID" => 1234567890,
 "ApproverEmail" => "admin@exmaple.com"
);
print_r( $api->UpdateApproverEmail($request) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Re-set the approvers email address
	res, _ := certcenter.PutApproverEmail(&certcenter.PutApproverEmailRequest{
		CertCenterOrderID: 123456789,
		ApproverEmail: "valid-approver@example.com",
	})
	fmt.Println(res)
	return
}
curl -X PUT "https://api.certcenter.com/rest/v1/ApproverEmail/123456789?ApproverEmail=neue@adresse.com" -H "Authorization: Bearer #token#"
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "Message": "ApproverEmail successfully changed",
  "success": true
}

Path Params

CertCenterOrderID
int32
required

Query Params

ApproverEmail
string
required

Valid email addresses for approvers can be inquired by using /ApproverList

 

You can use the PUT ApproverEmail Method to change the approver e-mail in an order with Domain Validation if the order is not yet completed.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Message - Message (in case of success & or error)
  • ErrorId - If success=false, an ErrorID can be included

/ApproverEmail/:CertCenterOrderID

Resend verification email to approvers email address

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/ApproverEmail/CertCenterOrderID
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.ResendApproverEmail(req={
 'CertCenterOrderID': 123456789,
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array( "CertCenterOrderID" => 123456789 );
print_r( $api->ResendApproverEmail($request) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Re-send the approver email to the approvers address
	res, _ := certcenter.ResendApproverEmail(&certcenter.ResendApproverEmailRequest{
		CertCenterOrderID: 123456789,
	})
	fmt.Println(res)
	return
}
curl -X POST "https://api.certcenter.com/rest/v1/ApproverEmail/123456789" -H "Authorization: Bearer #token#"
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "Message": "Validation email resent successfully",
  "success": true
}

Path Params

CertCenterOrderID
int32
required
 

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Message - Message (in case of success & or error)
  • ErrorId - If success=false, an ErrorID can be included

/IssuanceTimes

Predicts the current time our partner CA's need to issue a certifiate

 
gethttps://api.certcenter.com/rest/v1/IssuanceTimes
curl 'https://api.certcenter.com/rest/v1/IssuanceTimes?CA=Comodo&Type=EV&Days=90'
A binary file was returned

You couldn't be authenticated

{
  "_meta": {
    "CA": "Comodo",
    "Days": 90,
    "Type": "EV"
  },
  "median": 885.3583,
  "prediction": 544.1333,
  "success": true,
  "top": 484.1333
}
{
  "ErrorField": "Invalid Type (OV, DV, EV)",
  "ErrorId": -2011,
  "Message": "Missing or erroneous field",
  "success": false
}

Query Params

CA
string
required

DigiCert, Comodo or GlobalSign

Type
string
required

EV, OV, DV

Days
int32
required

30, 60, 90, 120, 150, 180

 

If your want to predict your customers how long it takes to issue a certain certificate, feel free to use our prediction API. That API doesn't need authentication information.

The result contains a median value, a top value and a prediction value in minutes.

/Orders

Query orders

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Orders
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.Orders(req={
 'Status': 'COMPLETE',
 'ProductType': 'SSL',
 'ProductSpecs': 'EV,OV',
 'CommonName': '*.%',
 'Page': 1,
 'ItemsPerPage': 1000,
 'OrderBy': 'ID',
 'OrderDir': 'DESC',
 'filterScheduledToReplace': False,
 'includeFulfillment': False,
 'includeOrderParameters': False,
 'includeBillingDetails': False,
 'includeContacts': False,
 'includeOrganizationInfos': False,
 'includeVettingDetails': False,
 'includeDCVStatus': True
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
	"Status"=> "COMPLETE",
	"ProductType"=> "SSL",
	"CommonName"=> "*.%",
	"Page"=> 1,
	"ItemsPerPage"=> 1000,
	"OrderBy"=> "ID",
	"OrderDir"=> "DESC",
	"includeFulfillment"=> false,
	"includeOrderParameters"=> false,
	"includeBillingDetails"=> false,
	"includeContacts"=> false,
	"includeOrganizationInfos"=> false,
	"filterScheduledToReplace"=> false,
  "includeDCVStatus"=> true
);
print_r( $api->Orders($request) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Get filtered orders
  //
	res, _ := certcenter.GetOrders(&certcenter.GetOrdersRequest{
		Status: "COMPLETE", // COMPLETE, PENDING, CANCELLED, REVOKED
		ProductType: "SSL", // SSL, CODESIGN, SMIME, TRUSTSEAL
		CommonName: "%",
		IncludeFulfillment: true,
		IncludeOrderParameters: true,
		IncludeBillingDetails: true,
		IncludeContacts: true,
		IncludeOrganizationInfos: true,
		IncludeDCVStatus: true,
	})
	fmt.Println(res)
	return
}
curl "https://api.certcenter.com/rest/v1/Orders?Status=COMPLETE&\
ProductType=SSL&\
CommonName=www.certcenter.com&\
filterScheduledToReplace=false& \
includeFulfillment=true&\
includeOrderParameters=true&\
includeBillingDetails=true&\
includeContacts=true&\
includeOrganizationInfos=true& \
includeDCVStatus=true" \
  -H "Authorization: Bearer #token#"
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "OrderInfos": [
    {
      "BillingInfo": {
        "Currency": "EUR",
        "Price": 1234.56,
        "Status": "uncleared"
      },
      "CertCenterOrderID": 1234567890,
      "CommonName": "www.certcenter.com",
      "ConfigurationAssessment": {
        "CriteriaVersion": "2009k",
        "Effective": "2015-11-22T16:40:57Z",
        "Engine": "ssllabs/1.20.28",
        "Ranking": "A+"
      },
      "ContactInfo": {
        "AdminContact": {
          "Email": "vorname.nachname@certcenter.com",
          "FirstName": "Vorname",
          "LastName": "Nachname",
          "OrganizationAddress": {
            "AddressLine1": "Bleichstrasse 8",
            "City": "Giessen",
            "Country": "DE",
            "PostalCode": "35390",
            "Region": "Hessen"
          },
          "OrganizationName": "CertCenter AG",
          "Phone": "0641 80899520",
          "Title": "CIO"
        },
        "TechContact": {
          "Email": "vorname.nachname@certcenter.com",
          "FirstName": "Vorname",
          "LastName": "Nachname",
          "OrganizationAddress": {
            "AddressLine1": "Bleichstrasse 8",
            "City": "Giessen",
            "Country": "DE",
            "PostalCode": "35390",
            "Region": "Hessen"
          },
          "OrganizationName": "CertCenter AG",
          "Phone": "0641 80899520",
          "Title": "CIO"
        }
      },
      "Fulfillment": {
        "CSR": "#CSR#",
        "Certificate": "#Certificate#",
        "DownloadLinks": {
          "Certificate": "https://cert.sh/#Hash#/cert",
          "Intermediate": "https://cert.sh/#Hash#/chain",
          "PKCS7": "https://cert.sh/#Hash#/pkcs7"
        },
        "EndDate": "2016-05-10T22:59:59Z",
        "Intermediate": "#Intermediate#",
        "StartDate": "2015-03-12T00:00:00Z"
      },
      "OrderParameters": {
        "PartnerOrderID": "UI-b4156a48aa7480cab6e4ca0xxxxxxxxx",
        "ProductCode": "Symantec.SecureSite",
        "ServerCount": 1,
        "SubjectAltNames": [
          "certcenter.com",
          "certcenter.co.uk"
        ],
        "ValidityPeriod": 12
      },
      "OrderStatus": {
        "OrderDate": "2015-03-11T13:20:14Z",
        "UpdateDate": "2015-11-19T18:25:03Z",
        "MajorStatus": "COMPLETE",
        "MinorStatus": "COMPLETED",
        "Progress": 100,
        "StartDate": "2015-03-12T00:00:00Z",
        "EndDate": "2016-05-10T22:59:59Z",
      },
      "OrganizationInfo": {
        "OrganizationAddress": {
          "AddressLine1": "Bleichstrasse 8",
          "City": "Giessen",
          "Country": "DE",
          "Fax": "0641 80899521",
          "Phone": "0641 80899520",
          "PostalCode": "35390",
          "Region": "Hessen"
        },
        "OrganizationName": "CertCenter AG"
      }
    },
    "scheduledForReplacement": {
    	"eventSymantecDistrust": {
    		"phase1": true,
    		"phase2": false
    	}
    },
    "VettingDetails" : {
   	 	"ct" : -1,
    	"call" : 0,
  	  "org" : 0,
	    "dcv" : 1,
    	"vcs" : 0
    },
    "DCVStatus": [
    	{
    		"Domain": "certcenter.com",
    		"Status": "pending",
    		"DomainControlValidationID": 1234567890,
    		"ApproverEmail": "email-1@domain.com,email-2@domain.com",
    		"LastCheckDate": "2018-01-18T22:59:59Z",
    		"LastUpdateDate": "2018-01-16T19:49:10Z"
    	},
    	{
    		"Domain": "certcenter.co.uk",
    		"Status": "approved",
    		"DomainControlValidationID": 1234567891,
    		"ApproverEmail": "email@domain.co.uk",
    		"LastCheckDate": "2018-01-18T22:59:59Z",
    		"LastUpdateDate": "2018-01-16T19:49:10Z"
    	}
    ]
  ],
  "_meta": {
    "CommonName": "www.certcenter.com",
    "ItemsAvailable": 1,
    "ItemsPerPage": 10,
    "OrderBy": "ID",
    "OrderDir": "DESC",
    "Page": 1,
    "ProductType": [
      "SSL"
    ],
    "Status": [
      "COMPLETE"
    ]
  },
  "success": true
}

Query Params

Status
string

Filter with the current status. Possible values: COMPLETE, PENDING. Also possible in combination with the status e.g. &Status=COMPLETE, PENDING

ProductType
string

Product Type filter. Possible values: SSL, SMIME, CODESIGN, TRUSTSEAL. Also possible in combination with e.g. &ProductType=SSL, SMIME

ProductSpecs
array of strings

Only returrn orders with given specifications: Possible values: DV, OV, EV, WC, SGC, SAN, DMS, TS, WVS, RI, ECC, DSA, WC_SAN, PV, PCI

CommonName
string

Filter set for the common name. Wildcard values are possible (e.g. "%.certcenter.%") ItemsPerPage - Maximum amount of orders on each page. Standard: 10

Page
int32

Current page. Standard: 1

ItemsPerPage
int32
filterScheduledToReplace
boolean

Only those who needs to be replaced

OrderBy
string

Sorted and listed by these possible columns (comma sparated): ID (CertCenterOrderID), PRODUCT_CODE (ProductCode), TS_VALIDITY_START (period of validity start), TS_VALIDITY_ENDE (end of the validity period)

OrderDir
string

Sort sequence by listing (ASC=Ascending, DESC=descending)

includeFulfillment
boolean

Output should (if applicable) contain Server and Intermediate Certificate.

includeOrderParameters
boolean

Output should include original order details

includeBillingDetails
boolean

Output should include billing details

includeContacts
boolean

Output should include contacts from the certificate

includeOrganizationInfos
boolean

Output should include (if available) the data from the organization

includeExpired
boolean

Output should also include expired certificates

includeDCVStatus
boolean

Output domain-control validation status information

includeVettingDetails
boolean

Return vetting status information

 

Filters are optional. If no Filter is set, no preselection will be made.

Additional Responses (if includeFulfillment is true)

  • OrderInfos[].Fulfillment - The Fulfillment Structure contains information about the product delivery
  • OrderInfos[].Fulfillment.CSR - Original Certificate Signing Request (CSR), which was used to create the certificate
  • OrderInfos[].Fulfillment.Intermediate - The correct Intermediate for your Certificate to complete the certificate chain
  • OrderInfos[].Fulfillment.Certificate - Includes the server certificate (End-Leaf-Certificate)
  • OrderInfos[].Fulfillment.IconScript - Site seal (if available)
  • OrderInfos[].Fulfillment.StartDate - Certificate is not valid until
  • OrderInfos[].Fulfillment.EndDate - Certificate is not valid after
  • OrderInfos[].Fulfillment.DownloadLinks - Contains an anonym link to download the fulfillment Data
  • OrderInfos[].Fulfillment.DownloadLinks.Certificate - Download link for server certificate (PEM)
  • OrderInfos[].Fulfillment.DownloadLinks.Intermediate - Download link for intermediate (PEM)
  • OrderInfos[].Fulfillment.DownloadLinks.PKCS7 - Download link for server certificate and intermediate as PKCS7-Bundle
  • OrderInfos[].Fulfillment.DownloadLinks.IconScript - Download-Link for Site-Seal (if available)

The OrderInfos[].Fulfillment-Data is only available for completed orders and dependent on the product type.

Additional Responses (If includeOrderParameters is true)

  • OrderInfos[].OrderParameters - Contains basic information of the order
  • OrderInfos[].OrderParameters.PartnerOrderID - Unique Partner OrderID (or automatically generated)
  • OrderInfos[].OrderParameters.ProductCode - Product Code
  • OrderInfos[].OrderParameters.ServerCount - Amount of licenses, 0 for unlimited
  • OrderInfos[].OrderParameters.ValidityPeriod - Period of validity in months
  • OrderInfos[].OrderParameters.SubjectAltNames[] - Subject Alternative Names (Array), if included
  • OrderInfos[].OrderParameters.DVAuthMethod - Domain Control Validation: EMAIL, DNS or FILE
  • OrderInfos[].OrderParameters.DNSAuthDetails - If Domain Control Validation via DNS
  • OrderInfos[].OrderParameters.DNSAuthDetails.DNSEntry - Detailed description, please see: POST /DNSData
  • OrderInfos[].OrderParameters.DNSAuthDetails.DNSValue - Value of the entry
  • OrderInfos[].OrderParameters.DNSAuthDetails.PointerType - TXT (DigiCert and GlobalSign brands) or CNAME (Comodo)
  • OrderInfos[].OrderParameters.DNSAuthDetails.FQDNs[] - List of hostnames for which you need to demonstrate the existence of the DNSValue (detailed description, please see: POST /DNSData)
  • OrderInfos[].OrderParameters.FileAuthDetails - If Domain Control Validation via FILE
  • OrderInfos[].OrderParameters.FileAuthDetails.FileName - Name of the file, which need to create
  • OrderInfos[].OrderParameters.FileAuthDetails.FilePath - Relative path
  • OrderInfos[].OrderParameters.FileAuthDetails.FileContents - Content of the File
  • OrderInfos[].OrderParameters.FileAuthDetails.PollStatus - current status of the last check
  • OrderInfos[].OrderParameters.FileAuthDetails.LastPollDate - last check for the existence of the file
  • OrderInfos[].OrderParameters.FileAuthDetails.FQDNs[] - List of hostnames for which you need to demonstrate the existence of FileName/FileContents
  • OrderInfos[].DCVStatus - If Domain Control Validation via EMAIL: Status contains status-information about the Domain Control Validation (one entry per unique domain)
  • OrderInfos[].OrderParameters.EmailAuthDetails [deprecated] - Only for DV certificates with validation via EMAIL
  • OrderInfos[].OrderParameters.EmailAuthDetails.ApproverMail [deprecated] - E-mail address of the contact person for the validation

Additional Responses (If includeBillingDetails is true)

  • OrderInfos[].BillingInfo - Billing information
  • OrderInfos[].BillingInfo.Price - Price Information
  • OrderInfos[].BillingInfo.Currency - Currency
  • OrderInfos[].BillingInfo.Status - Current billing status. Possible values: cleared, uncleared
  • OrderInfos[].BillingInfo.InvoiceRef - If the "Status" is cleared you will find the related document number.

Additional Responses (If includeVettingDetails is true)

  • OrderInfos[].VettingDetails - Vetting details
  • OrderInfos[].VettingDetails.ct - Signed Subscriber Agreement (click-through) status
  • OrderInfos[].VettingDetails.call - Verification call status
  • OrderInfos[].VettingDetails.org - Organization validation status
  • OrderInfos[].VettingDetails.dcv - Domain Control Validation status (overall)
  • OrderInfos[].VettingDetails.vcs - Vetting Center Appointment status

-1 = n/a, 0 = pending, 1 = success, 2 = other

Additional Responses (If includeContacts is true)

  • OrderInfos[].ContactInfo - Contact person for the certificate, if available
  • OrderInfos[].ContactInfo.AdminContact - Administrative contact
  • OrderInfos[].ContactInfo.AdminContact.Title - Title, e.g. CIO
  • OrderInfos[].ContactInfo.AdminContact.FirstName - First name
  • OrderInfos[].ContactInfo.AdminContact.LastName - Last Name
  • OrderInfos[].ContactInfo.AdminContact.Phone - Phone number of contact person
  • OrderInfos[].ContactInfo.AdminContact.OrganizationName - Name of the organization (for OV/EV-- Certificates)
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress - Address of the organization (for OV/EV-Certificates)
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress.AddressLine1 - 1. Address Line
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress.AddressLine2 - 2. Address Line
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress.PostalCode - Postal code
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress.City - City
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress.Region - State
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress.Country - Country (ISO code)
  • OrderInfos[].ContactInfo.TechContact - Details similar to the Administrative contact
  • OrderInfos[].ContactInfo.TechContact.Title - Title, e.g. CIO
  • OrderInfos[].ContactInfo.TechContact.FirstName - First name
  • OrderInfos[].ContactInfo.TechContact.LastName - Last Name
  • OrderInfos[].ContactInfo.TechContact.Phone - Phone number of contact person
  • OrderInfos[].ContactInfo.TechContact.OrganizationName - Name of the organization (for OV/EV-Certificates)
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress - Address of the organization (for OV/EV-Certificates)
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress.AddressLine1 - 1. Address Line
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress.AddressLine2 - 2. Address Line
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress.PostalCode - Postal code
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress.City - City
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress.Region - State
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress.Country - Country (ISO code)

Additional Responses (If includeOrganizationInfos is true)

  • OrderInfos[].OrganizationInfo - If required by the product type (EV/OV), organization information
  • OrderInfos[].OrganizationInfo.OrganizationName - Name of the Organization
  • OrderInfos[].OrganizationInfo.OrganizationAddress - Address details of the Organization
  • OrderInfos[].OrganizationInfo.OrganizationAddress.AddressLine1 - 1. Address Line
  • OrderInfos[].OrganizationInfo.OrganizationAddress.AddressLine2 - 2. Address Line
  • OrderInfos[].OrganizationInfo.OrganizationAddress.PostalCode - Postal code
  • OrderInfos[].OrganizationInfo.OrganizationAddress.City - City
  • OrderInfos[].OrganizationInfo.OrganizationAddress.Region - State
  • OrderInfos[].OrganizationInfo.OrganizationAddress.Country - Country (ISO code)
  • OrderInfos[].OrganizationInfo.OrganizationAddress.Phone - Phone number of the organization
  • OrderInfos[].OrganizationInfo.OrganizationAddress.Fax - Fax number for the organization

Responses

  • success - Indicator of success. Possible values: true/false (boolean)
  • OrderInfos[]._meta (deprecated) - Meta-Data of the search and search results
  • OrderInfos[]._meta.CommonName - Search for this CommonName
  • OrderInfos[]._meta.ItemsAvailable - Total of search results
  • OrderInfos[]._meta.ItemsPerPage - Desired results each page
  • OrderInfos[]._meta.Page - Chosen page
  • OrderInfos[]._meta.OrderBy - Desired sorting
  • OrderInfos[]._meta.OrderDir - Desired order sequence
  • OrderInfos[]._meta.ProductType[] - Filter for product type (Array)
  • OrderInfos[]._meta.Status[] - Filter for status (Array)
  • OrderInfos[] - Array with search results
  • OrderInfos[].CertCenterOrderID - Unique CertCenter Order ID
  • OrderInfos[].CommonName - Common name of the certificate
  • OrderInfos[].OrderStatus.OrderDate - Date of the order
  • OrderInfos[].OrderStatus.UpdateDate - Last order update
  • OrderInfos[].OrderStatus.MajorStatus - Primary order status
  • OrderInfos[].OrderStatus.MinorStatus - Secondary order status
  • OrderInfos[].OrderStatus.Progress - Status in percent
  • OrderInfos[].OrderStatus.StartDate - Certificate is not valid until (Status COMPLETE)
  • OrderInfos[].OrderStatus.EndDate - Certificate is not valid after (Status COMPLETE)
  • OrderInfos[].ConfigurationAssessment - Information to the SSL labs scan
  • OrderInfos[].ConfigurationAssessment.CriteriaVersion - Version of the SSL labs criteria
  • OrderInfos[].ConfigurationAssessment.Effective - Time of the scan
  • OrderInfos[].ConfigurationAssessment.Engine - Current SSL labs Version
  • OrderInfos[].ConfigurationAssessment.Ranking - Current Ranking
  • OrderInfos[].scheduledForReplacement.eventSymantecDistrust - Certificate who needs to be replaced within certein phases due to root-CA distrusting. For this event, we have to phases, Phase 1 = Before 15 March 2018, Phase 2 = Before 13 September 2018.

The OrderInfos[].ConfigurationAssessment - Data available 4-5 days after the certificate was issued.

/ModifiedOrders

Get modified orders based on a time span

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/ModifiedOrders
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.ModifiedOrders(req={
 'FromDate': '2017-02-01T00:00:00Z',
 'ToDate': '2017-02-02T00:00:00Z',
 'includeFulfillment': False,
 'includeOrderParameters': False,
 'includeBillingDetails': False,
 'includeContacts': False,
 'includeOrganizationInfos': False,
 'includeVettingDetails': True,
 'includeDCVStatus': True
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "FromDate"=>"2017-02-01T00:00:00Z",
 "ToDate"=>"2017-02-2T00:00:00Z",
 "includeFulfillment"=> false,
 "includeOrderParameters"=> false,
 "includeBillingDetails"=> false,
 "includeContacts"=> false,
 "includeOrganizationInfos"=> false,
 "includeDCVStatus"=> true
);
print_r( $api->ModifiedOrders($request) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Get all modified orders in timespan
  //
	res, _ := certcenter.GetModifiedOrders(&certcenter.GetModifiedOrdersRequest{
		FromDate: time.Now().Add(-10 * time.Minutes),
		ToDate: time.Now(),
		IncludeFulfillment: true,
		IncludeOrderParameters: true,
		IncludeBillingDetails: true,
		IncludeContacts: true,
		IncludeOrganizationInfos: true,
		IncludeDCVStatus: true,
	})
	fmt.Println(res)
	return
}
curl "https://api.certcenter.com/rest/v1/ModifiedOrders?\
FromDate=2015-11-21T00:00:00Z&ToDate=2015-11-22T00:00:00Z" \
  -H "Authorization: Bearer #token#"
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "OrderInfos": [Array of OrderInfos],
  "success": true
}

Query Params

FromDate
date
required

Format: 2015-11-20T00:00:00Z

ToDate
date
required

Format: 2015-11-20T00:00:00Z

includeFulfillment
boolean

Output should include (if available) the server and intermediate certificate

includeOrderParameters
boolean

Output should include the original order data

includeBillingDetails
boolean

Output includes billing details

includeContacts
boolean

Output should include contact person from the certificate

includeOrganizationInfos
boolean

Output should include (if available) the organization data

includeDCVStatus
boolean

Output domain-control validation status information

includeVettingDetails
boolean

Return vetting status information

 

The main part of the certificate administration and the ongoing life-cycle process is to detect certificates status changes in time and to synchronize with your local database. To get this information you can use this particular method. The period FromDate and ToDate should always represent the time between the last query and the current time.

FromDate = Timestamp of last successful query
ToDate = Current timestamp

Response Attributes

The resulting attributes from this inquiry are not going to be documented again due to the matching OrderInfo-Structure in Listing Orders.

/Order/:CertCenterOrderID

Inquire details about a particular order

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Order/CertCenterOrderID
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.GetOrder(req={
 'CertCenterOrderID': 123456789,
 'includeFulfillment': False,
 'includeOrderParameters': False,
 'includeBillingDetails': False,
 'includeContacts': False,
 'includeOrganizationInfos': False,
 'includeVettingDetails': True,
 'includeDCVStatus': True
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "CertCenterOrderID"=> 123456789,
 "includeFulfillment"=> true,
 "includeOrderParameters"=> true,
 "includeBillingDetails"=> true,
 "includeContacts"=> true,
 "includeOrganizationInfos"=> true,
 "includeDCVStatus"=> true
);
print_r( $api->GetOrder($request) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Get a particular order by CertCenterOrderID
  //
	res, _ := certcenter.GetOrder(&certcenter.GetOrderRequest{
		CertCenterOrderID: 123456789,
		IncludeFulfillment: true,
		IncludeOrderParameters: true,
		IncludeBillingDetails: true,
		IncludeContacts: true,
		IncludeOrganizationInfos: true,
		IncludeDCVStatus: true,
	})
	fmt.Println(res)
	return
}
curl "https://api.certcenter.com/rest/v1/Order/123456789?\
includeFulfillment=False&\
includeBillingDetails=False&\
includeContacts=False&\
includeOrderParameters=False&\
includeOrganizationInfos=False& \
includeDCVStatus=True" \
  -H "Authorization: Bearer #token#"
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "OrderInfo": { <OrderInfo-Structure matching to /Orders> },
  "success": true
}

Path Params

CertCenterOrderID
int32
required

Unique ID of Certificate

Query Params

includeFulfillment
boolean

Listing should include (if available) the server and intermediate certificate

includeOrderParameters
boolean

Listing should include the original order data

includeBillingDetails
boolean

Listing includes billing details

includeContacts
boolean

Listing should include contact person from the certificate

includeOrganizationInfos
boolean

Listing should include (if available) the organization data

includeDCVStatus
boolean

Output domain-control validation status information

includeVettingDetails
boolean

Return vetting status information

 

include*-Filters are optional.
If no filter is set, no selection can be carried out.

Response attributes

The resulting attributes from this inquiry are not going to be documented again due to the matching OrderInfo-Structure in /Orders.

/Reissue

Reissue a particular certificate

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/Reissue
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.Reissue(req={
  'CertCenterOrderID': 123456789,
  'OrderParameters': {
    'SignatureHashAlgorithm': 'SHA256-FULL-CHAIN',
    'DVAuthMethod': 'EMAIL',
    'CSR': "#CSR#", # If CSR is not provided, the re-issue takes
      	           # place with the original CSR. (not recommended!)
    'DomainApprovers': [{
      'Domain': 'super-mall-inc.net',
      'Approvers': [
          'admin@super-mall-inc.net',
          'jon.doe@super-mall-inc.net'
        ]
      }, {..}
  ]
 }
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "CertCenterOrderID"=> 123456789,
 "OrderParameters"=> Array(
  "SignatureHashAlgorithm"=> "SHA256-FULL-CHAIN",
  "DVAuthMethod"=> "EMAIL",
  "CSR"=> "#CSR#"
 )
);
print_r( $api->Reissue($request) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Reissue a particular order
  //
	res, _ := certcenter.Reissue(&certcenter.ReissueRequest{
		CertCenterOrderID: 123456789,
		OrderParameters:certcenter.ReissueOrderParameters{
			CSR: "#CSR#",
			DVAuthMethod: "EMAIL",
			SignatureHashAlgorithm: "SHA256-FULL-CHAIN",
			DomainApprovers: &certcenter.DomainApprovers{
				DomainApprover: []certcenter.DomainApproverItem{certcenter.DomainApproverItem{
					Domain: "certcenter.com",
					Approvers: []certcenter.Approver{certcenter.Approver{
						ApproverEmail: "domains@certcenter.com",
					}},
				}},
			},
		},
		ReissueEmail: "domains@certcenter.com",
	})
	fmt.Println(res)
	return
}
curl -X POST "https://api.certcenter.com/rest/v1/Reissue" \
  -H "Authorization: Bearer #token#"
  -d '{
  "CertCenterOrderID": 1234567890,
  "OrderParameters": {
    "CSR": "#CSR#",
    "DVAuthMethod": "EMAIL",
    "SignatureHashAlgorithm": "SHA256-FULL-CHAIN"
  },
  "ReissueEmail": "administrator@commonna.me"
}'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "Message": "Reissue initiated",
  "success": true
}
{
  "Message": "Invalid OrderID (1234567890): Order is in invalid state",
  "ErrorField": "CertCenterOrderID",
  "ErrorId": -2011,
  "success": false
}

Body Params

CertCenterOrderID
int32
required
OrderParameters
object
required
 
OrderParameters.CSR
string

PEM-encoded PKCS#10 request

OrderParameters.DVAuthMethod
string

Desired validation method (DV only)

OrderParameters.SignatureHashAlgorithm
string

Please refer to the documentation (SHA256-FULL-CHAIN, SHA256-ECC-HYBRID, SHA2-256, SHA256-ECC-FULL)

OrderParameters.DomainApprovers
array of objects
required
ReissueEmail
string

If ReissueEmail hasn't set, the e-mail address of the administrative contact will be set automatically.

 

*Valid email addresses for the approver can be inquired by calling /ApproverList.

Detailed Description of OrderParameters used in /Reissue

  • CertCenterOrderID - Unique ID of certificate
  • ReissueEmail - If the DVAuthMethod wasn’t set to e-mail while ordering, but you want to change the validation method to e-mail for reissue, you can submit a valid* approver e-mail. If no e-mail were chosen, the e-mail address of the administrative contact would be set automatically.
  • OrderParameters.CSR - Certificate Signing Request (CSR). Please be aware that apart from a new CSR, a new private key should be generated.
  • OrderParameters.DVAuthMethod - Desired validation method
  • OrderParameters.DomainApprovers[] - Array of DCV information
  • OrderParameters.DomainApprovers[].Domain - Authorization Domain Name
  • OrderParameters.DomainApprovers[].Approvers[] - Array of email addresses for the given domain
  • OrderParameters.SubjectAltNames - Additional Hostnames, comma separated (Subject Alternative Names)
  • OrderParameters.SignatureHashAlgorithm - Depending on the key and encryption algorithms (RSA, ECC, DSA) that were used to create the private key, you can choose the Signature Hashing Algorithms for the server certificate and the root certificate:
Hashing Algorithm
Description

SHA256-FULL-CHAIN

SHA2 Leaf Certificate with SHA2 ICA as well as SHA2 Root Certificate

SHA2-256

SHA2 Leaf Certificate but SHA1 ICA/Root for higher compatibility with older mobile devices (e.g., Android 4.x)

Response attributes

The resulting attributes from this inquiry are not going to be documented again due to the matching OrderInfo-Structure in POST /Order.

IMPORTANT

Reissuing a certificate does not imply a proper revocation. That means that the reissued certificate stays active afterward. Thus we highly recommend revoking the old certificate after the new one has been deployed to the customer's systems.

*Calling this method implicates a cancellation of a prior requested reissue.

/Order/:CertCenterOrderID

Canceling a particular order

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
deletehttps://api.certcenter.com/rest/v1/Order/CertCenterOrderID
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.CancelOrder(req={
 'CertCenterOrderID': 1234567890
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "CertCenterOrderID" => 1234567890
);
print_r( $api->CancelOrder($request) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Delete a particular order
	res, _ := certcenter.DeleteOrder(&certcenter.DeleteOrderRequest{
		CertCenterOrderID: 123456789,
	})
	fmt.Println(res)
	return
}
curl -X DELETE "https://api.certcenter.com/rest/v1/Order/123456789" -H "Authorization: Bearer #token#"
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "Message": "Order has been successfully cancelled",
  "success": true
}

Path Params

CertCenterOrderID
int32
required
 

Certificates may be canceled free of charge before issuance, or up to 30 days afterward. Cancellation of orders older than 30 days will not be refunded and will be charged as normal. Please be aware that there could be a delay in the cancellation of issued certificates due to a rigorous verification process.

/Revoke/:CertCenterOrderID

Revoke a particular certificate

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
deletehttps://api.certcenter.com/rest/v1/Revoke/CertCenterOrderID
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
 'CertCenterOrderID': 123456789,
 'RevokeReason': 'Key compromised',
 'Certificate': "#CRT#",
}
res = api.Revoke(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
	"CertCenterOrderID"=> 1234567890,
	"RevokeReason"=> "Key compromised",
	"Certificate"=> "#CRT#",
);
print_r( $api->Revoke($request) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Revoke a certificate
  //
	res, _ := certcenter.Revoke(&certcenter.RevokeRequest{
		CertCenterOrderID: 123456789,
		// Optional parameters
		RevokeReason: "Key compromised",
		Certificate: "#PEM-encoded-X.509-Certificate#",
	})
	fmt.Println(res)
	return
}
curl -X DELETE 'https://api.certcenter.com/rest/v1/Revoke/123456789' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer #token#' \
  -d '{ "RevokeReason": "Key compromised", "Certificate": "#CRT#" }'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "Message": "Revocation has been requested!",
  "success": true
}

Path Params

CertCenterOrderID
int32
required

Query Params

RevokeReason
string
required

Reason for the revocation (if possible in English). e.g. "Key compromised"

Certificate
string
required

Certificate in PEM-encoded format

 

A certificate should be revoked if a private key has been compromised or if the reissue was successful and the new certificate has been issued.

WARNING

A revocation request will add the specified certificate to a restriction list (OCSP and CRL) so that browsers and other clients won’t see it as a valid certificate. Please make sure that you already deployed a replacement certificate before revoking the old certificate.

/ValidateCSR

Parse and validate a PEM-encoded Certificate Signing Request (PKCS#10)

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/ValidateCSR
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.ValidateCSR(req={
	"CSR": "#CSR#"
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->ValidateCSR(Array("CSR"=>"#CSR#")) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Validate a CSR
  //
	csr, _ := ioutil.ReadFile("csr")
	res, _ := certcenter.ValidateCSR(&certcenter.ValidateCSRRequest{
		CSR: string(csr),
	})
	fmt.Println(res)
	return
}
curl -X POST 'https://api.certcenter.com/rest/v1/ValidateCSR' \
  -H 'Content-Type: application/json' \
  -d '{ "CSR": "#CSR#" }'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "ParsedCSR": {
    "CommonName": "www.certcenter.de",
    "Country": "DE",
    "Email": "corporate-contact@certcenter.com",
    "KeyEncryptionAlgorithm": "RSA",
    "KeyLength": 2048,
    "Locality": "Giessen",
    "Organization": "CertCenter AG",
    "OrganizationUnit": "",
    "SignaturAlgorithm": "sha256WithRSAEncryption",
    "State": "Hessen",
    "HashMD5": "BFA79077625AE5F73E673A83AF6CA3E8",
    "HashSHA256": "B442C0286FE2D8DA085DED2F31FED51F0B45FEA3721C2282A41F8BF36DF782B9",
    "UniqueValue": "516C4B86A67AFD1A266F"
  },
  "success": true
}

Body Params

CSR
string
required

PEM encoded PKCS#10 Certificate Signing Request generated with a RSA (recommended), ECC or DSA key.

 

Use this method to validate and parse the Certificate Signing Requests (CSR) you received from your client.

Response Attributes

  • success - Indicator of success. Possible value: true/false (boolean)
  • ParsedCSR.CommonName - Common name
  • ParsedCSR.Organization - Organization / Company
  • ParsedCSR.OrganizationUnit - Organization unit
  • ParsedCSR.Locality - City
  • ParsedCSR.State - State
  • ParsedCSR.Country - Country
  • ParsedCSR.Email - E-mail address
  • ParsedCSR.SignaturAlgorithm - Applied Signature Hashing Algorithm
  • ParsedCSR.KeyEncryptionAlgorithm - Applied Encryption Algorithm. Possible values: RSA, ECC
  • ParsedCSR.KeyLength - Key length in bits
  • ParsedCSR.HashMD5 - MD5 hash of the CSR's DER-representation
  • ParsedCSR.HashSHA256 - SHA256 hash of the CSR's DER-representation
  • ParsedCSR.UniqueValue - The unique value you need to pre-set Comodo DCV information (more)

/ValidateName

Check a CommonName against the black list (AlwaysOnSSL only!)

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/ValidateName
import CertCenter
api = CertCenter.CertAPI()
api.setBearer("#token#")
res = api.ValidateName(req={"CommonName":"www.example.com"})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$res = $api->ValidateName(Array("CommonName"=>"dvtest.alwaysonssl.com"));
print_r($res);
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Check a CommonName against the black list (AlwaysOnSSL only!)
	// plus lets you generate a private key and PEM-encoded CSR
	//
	res, _ := certcenter.ValidateName(&certcenter.ValidateNameRequest{
		CommonName: "www.example.com",
		GeneratePrivateKey: true,
	})
	fmt.Println(res)
	return
}
curl -X POST 'https://api.certcenter.com/rest/v1/ValidateName' -H 'Content-Type: application/json' -H 'Authorization: Bearer #token#' -d '{ "CommonName": "www.example.com" }'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "success": true,
  "IsQualified": true
}

Body Params

CommonName
string
required

The full host name (FQDN) you want to protect

GeneratePrivateKey
boolean

Whether to generate the private key and CSR. We recommend to NOT use this key-generation feature in productive environments. Please generate private keys in a secure and private environment.

 

Check if an AlwaysOnSSL certificate can be issued for the given hostname.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • IsQualified - Indicates whether the CommonName is qualified to apply for an AlwaysOnSSL certificate.
  • CSR - If GeneratePrivateKey was set to true, this attribute becomes available and contains a new CSR.
  • PrivateKey - If GeneratePrivateKey was set to true, this Attribute becomes available and contains the new private key. We do not recommend to have CertCenter to create your private key.

NOT YET ELIGIBLE?

Please contact your CertCenter Partner Manager to provide free AlwaysOnSSL (DigiCert Encryption Everywhere) certificates.

/DNSData

Retrieve appropriate data for DNS-based validation

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/DNSData
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
 "ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
 "CSR": "#CSR#"
}
res = api.DNSData(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "ProductCode"=>"AlwaysOnSSL.AlwaysOnSSL",
 "CSR"=>"#CSR#");
print_r( $api->DNSData($request) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Retrieve appropriate data for DNS-based validation (AlwaysOnSSL only!)
	//
	csr, _ := ioutil.ReadFile("csr")
	res, _ := certcenter.DNSData(&certcenter.DNSDataRequest{
		CSR: string(csr),
		ProductCode: "AlwaysOnSSL.AlwaysOnSSL",
	})
	fmt.Println(res)
	return
}
curl -X POST 'https://api.certcenter.com/rest/v1/DNSData' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer #token#' \
  -d '{
  "ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
  "CSR": "#CSR#"
}'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "success": true,
  "DNSAuthDetails": {
    "PointerType": "TXT",
    "DNSEntry": "", // You may need to add multiple entries to the DNS zone
    							  // - one entry for each name in FQDNs[]. If DNSEntry
    								// is empty or equal to FQDNs[0], you may use the hostname
    								// (from FQDNs[]), otherwise, use the hash provided in DNSEntry
    								// for each name in FQDNs[].
    "DNSValue": "201703152007575dwj94tlmu7robzzmv2pw2b9siflyux8t88qzg",
    "Example": "example.com. 5 IN TXT \"201703152007575dwj94tlmu7robzzmv2pw2b9siflyux8t88qzg\"",
    "FQDNs": ["example.com"],
  }
}

Body Params

CSR
string
required

Certificate Signing Request (PEM encoded PKCS#10), generated with a 2048-bit RSA key

ProductCode
string
required

Valid ProductCode: AlwaysOnSSL.AlwaysOnSSL, Comodo.*

 

This method is used to retrieve the data for the record, which is required for AlwaysOnSSL and Comodo Certificates with DNS/FILE Domain Control Validation. The DNS entry must exist before placing an order.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • DNSAuthDetails
  • DNSAuthDetails.PointerType - TXT (DigiCert and GlobalSign brands) or CNAME (Comodo)
  • DNSAuthDetails.DNSEntry - DNS entry to be created (e.g. example.com)
  • DNSAuthDetails.DNSValue - Value for the DNS entry (e.g. robzzmv2pw2b9siflyux8t88qzg)
  • DNSAuthDetails.Example - Example record
  • DNSAuthDetails.FQDNs[] - List of hostnames for which you need to create a DNS entry

Which entries do I need to add?

You may need to add multiple entries to the DNS zone - one entry for each name in DNSAuthDetails.FQDNs. If DNSEntry is empty or equal to FQDNs[0], you may use the hostname (from FQDNs[]), otherwise, use the hash provided in DNSEntry for each name in FQDNs[].

CONFLICTING CNAME?

If you cannot add the required TXT record (for instance because of a conflicting CNAME record), you can add the TXT record for _dnsauth.sub.example.com instead. (DigiCert brands only!)

/DNSData usage examples

Please not that there is a tutorial available for the DNS-based domain validation process.
You may also find our latest /DNSData usage example at GitHub:
https://github.com/CertCenter/goCertCenter/tree/master/examples

/FileData

Retrieve appropriate data for FILE-based validation

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/FileData
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
 "ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
 "CSR": "#CSR#"
}
res = api.FileData(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "ProductCode"=>"AlwaysOnSSL.AlwaysOnSSL",
 "CSR"=>"#CSR#");
print_r( $api->FileData($request) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// Retrieve appropriate data for FILE-based validation (AlwaysOnSSL only!)
	//
	csr, _ := ioutil.ReadFile("csr")
	res, _ := certcenter.FileData(&certcenter.FileDataRequest{
		CSR: string(csr),
		ProductCode: "AlwaysOnSSL.AlwaysOnSSL",
	})
	fmt.Println(res)
	return
}
curl -X POST 'https://api.certcenter.com/rest/v1/FileData' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer #token#' \
  -d '{
  "ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
  "CSR": "#CSR#"
}'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "success": true,
  "FileAuthDetails": {
    "FileName": "fileauth.txt",
    "FilePath": "/.well-known/pki-validation",
    "FileContents": "k4yx5p50su4z2u8atievmbgk3r7gppp",
    "FQDNs": ["example.com","www1.another.domain.org"],
  }
}

Body Params

CSR
string
required

Certificate Signing Request (PEM encoded PKCS#10), generated with a 2048-bit RSA key

ProductCode
string
required

Valid ProductCode: AlwaysOnSSL.AlwaysOnSSL and Comodo.*

 

This method allows you to retrieve required information about the desired file name and its content. If the specified file does not exist in the order or even the hash is incorrect, your order request could not be processed.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • FileAuthDetails - Structure with information about filename and content (if DVAuthMethod is FILE)
  • FileAuthDetails.FileContents - Hash which you shall use in the desired file.
  • FileAuthDetails.FileName - Name of the desired file.
  • FileAuthDetails.FilePath - Local, relative path of the desired file.
  • FileAuthDetails.FQDNs[] - List of hostnames the file needs to be placed on

Which files do I need to create?

You need to create a file (FileAuthDetails.FilePath) in the webservers sub-directory (FileAuthDetails.FilePath) with the content provided in (FileAuthDetails.FileContents) for each host provided (FileAuthDetails.FQDNs[]). This behavior may change from one to another CAs.

Get rid of the files required to get domains verified

Use CertCenter's free and open source Apache Module mod_fauth to get rid of the validation files on customers webspace. This particular Apache Module automatically determines the required hashes and submits those to the requesting vetting agent. Learn more

/FileData usage examples

Please not that there is a tutorial available for the FILE-based domain validation process.
You may also find our latest /FileData usage example at GitHub:
https://github.com/CertCenter/goCertCenter/tree/master/examples

/BaseDomain/:FQDN

Allows you to fetch the base domain from the FQDN

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/BaseDomain/FQDN
curl -X GET 'https://api.certcenter.com/rest/v1/BaseDomain/www.example.co.uk' \
  -H 'Authorization: Bearer #token#' -H 'Content-type: application/json'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
   "fqdn" : "www.example.com",
   "domain" : "example.com"
}

Path Params

FQDN
string
required

Fully Qualified Domain Name to get the registered domain from

 

/VulnerabilityAssessment

Configure the Vulnerability Assessment (Symantec certificates, only!)

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/VulnerabilityAssessment
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
 'CertCenterOrderID': 123456789,
 'ServiceStatus': 'Active',
 'EmailNotificationLevel': "CRITICAL",
}
res = api.VulnerabilityAssessment(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "CertCenterOrderID" => 1234567890,
 "ServiceStatus" => "Active",
 "EmailNotificationLevel" => "CRITICAL",
);
print_r( $api->VulnerabilityAssessment($request) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// VulnerabilityAssessment allows you to change an orders initial assessment settings.
	// https://developers.certcenter.com/v1/reference#vulnerabilityassessment
	//
	res, _ := certcenter.VulnerabilityAssessment(&certcenter.VulnerabilityAssessmentRequest{
		CertCenterOrderID: 123456789,
		ServiceStatus: "Active",
		EmailNotificationLevel: "CRITICAL",
	})
	fmt.Println(res)
	return
}
curl -X POST "https://api.certcenter.com/rest/v1/VulnerabilityAssessment" \
  -H "Authorization: Bearer #token#"
  -d '{
  	"CertCenterOrderID": 123456789,
  	"ServiceStatus": "Active",
  	"EmailNotificationLevel": "CRITICAL"
  }'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "Message": "Properties has been successfully modified.",
  "success": true
}

Body Params

CertCenterOrderID
int32
required

Unique order ID of certificate.

ServiceStatus
string
required

Desired status. Possible values: Active (enabled) / Inactive (disabled)

EmailNotificationLevel
string
required

Notification preferences. Possible values: NONE (no notifications), NEW_REPORT (notification for each report), CRITICAL (notify only if there are critical vulnerabilities)

 

Vulnerability Assessment is included in Symantec Secure Site w/ EV, Symantec Secure Site Wildcard, Symantec Secure Site Pro, Symantec Secure Site Pro w/ EV, Symantec Secure Site Pro Wildcard Certificates. Once a week, Symantec tries to find vulnerabilities on the website. You can configure if you want to enable or disable this scan as well as the notification preferences.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Message - Message (in case of success & or error)
  • ErrorId - If success=false, an ErrorID can be included

/VulnerabilityAssessmentRescan/:CertCenterOrderID

Request an On-Demand Rescan (Symantec certificates, only!)

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/VulnerabilityAssessmentRescan/CertCenterOrderID
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array("CertCenterOrderID" => 123456789);
print_r( $api->VulnerabilityAssessmentRescan($request) );
?>
package main

import (
	"fmt"
	_ "io/ioutil"
	_ "time"
	certcenter "certcenter.com/go"
)

// Set your valid OAuth2 Bearer
// (see https://developers.certcenter.com/docs/authentication)

func init() {
	certcenter.Bearer = "AValidToken.oauth2.certcenter.com"
}

func main() {
	// VulnerabilityAssessmentRescan allows you to initiate a immediate re-assessment
	// https://developers.certcenter.com/v1/reference#vulnerabilityassessmentrescan
	//
	res, _ := certcenter.VulnerabilityAssessmentRescan(&certcenter.VulnerabilityAssessmentRescanRequest{
		CertCenterOrderID: 123456789,
	})
	fmt.Println(res)
	return
}
curl -X GET "https://api.certcenter.com/rest/v1/VulnerabilityAssessmentRescan/123456789" -H "Authorization: Bearer #token#"
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "Message": "Re-scan has been triggered.",
  "success": true
}

Path Params

CertCenterOrderID
int32
required
 

This method allows you request an on demand vulnerability assessment scan (available at Symantec Secure Site w/ EV, Symantec Secure Site Wildcard, Symantec Secure Site Pro, Symantec Secure Site Pro w/ EV, Symantec Secure Site Pro Wildcard certificates).

/User

Create a new user and assign the desired rights

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/User
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
  "Username": "userjohndoe",
  "Email": "john@example.com",
  "FullName": "John Doe",
  "Password": "password",
  "Roles": ["PROCUREMENT"],
  "Locale": "US/Pacific",
}
res = api.AddUser(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
  "Username" => "userjohndoe",
  "Email" => "john@example.com",
  "FullName" => "John Doe",
  "Password" => "password",
  "Roles" => Array("PROCUREMENT"),
  "Locale" => "US/Pacific",
);
print_r( $api->AddUser($request) );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.CreateUser(&certcenter.CreateUserRequest{
    certcenter.UserData{
      FullName: "John Doe",
      Email: "john@example.org",
      Username: "johndoes",
      Password: "cOmpL3xx/",
      Roles: []string{"PROCUREMENT"},
      Locale: "en_US",
      Timezone: "US/Pacific",
    },
  })
  fmt.Println(res)
}
curl -X POST 'https://api.certcenter.com/rest/v1/User' \
 -H 'Authorization: Bearer #token#' \
 -d '{
  "Username": "userjohndoe",
  "Email": "john@example.com",
  "FullName": "John Doe",
  "Password": "password",
  "Locale": "US/Pacific",
  "Roles": [
    "PROCUREMENT"
  ]
}'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "success": true,
  "Id": 292932145,
  "FullName": "John Doe",
  "Username": "userjohndoe",
  "Roles": [
    "PROCUREMENT"
  ]
}

Body Params

FullName
string
required

Complete name or description

Email
string
required

Email address linked to the user

Username
string
required

Username

Password
string
required

Password (has to be compliant to the rules of your organization)

Roles
array of strings
required

Assigned roles

Mobile
string

Cellphone number of the user

Timezone
string

Time zone (e.g. "US/Pacific")

Locale
string

Locale for the user (e.g. "de_DE" oder "en_US")

 

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)

/User/:UsernameOrId

Update a particular user

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/User/UsernameOrId
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
  "UserNameOrUserId": "1234567",
  "Username": "userjohndoe",
  "Email": "john@example.com",
  "FullName": "John Doe",
  "Password": "password",
  "Roles": ["PROCUREMENT"],
}
res = api.UpdateUser(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
  "UserNameOrUserId" => "1234567",
  "Username" => "userjohndoe",
  "Email" => "john@example.com",
  "FullName" => "John Doe",
  "Password" => "password",
  "Roles": Array("PROCUREMENT")
);
print_r( $api->UpdateUser($request) );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.UpdateUser(&certcenter.UpdateUserRequest{certcenter.UserData{
    UsernameOrUserId: "1234567",
    FullName: "John Doe",
    Email: "john@example.org",
  }})
  fmt.Println(res)
}
curl -X POST 'https://api.certcenter.com/rest/v1/User/1234567' \
 -H 'Authorization: Bearer #token#' \
 -d '{
  "Username": "userjohndoe",
  "Email": "john@example.com",
  "FullName": "John Doe",
  "Password": "password",
  "Roles": [
    "PROCUREMENT"
  ]
}'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "success": true,
  "Id": 1234567
}

Path Params

UsernameOrId
string
required

Use the username or the unique id of the user

Body Params

FullName
string

Complete name or description

Email
string

Email address linked to the user

Username
string

Username

Password
string

Password (has to be compliant to the rules of your organization)

Roles
array of strings

Assigned roles

Mobile
string

Cellphone number of the user

Timezone
string

Time zone (e.g. "US/Pacific")

Language
string

Language/local for the user (e.g. "de_DE" oder "en_US")

 

To update the user information, you need to HTTP UPDATE the path /User/username with the required rights and submit it via POST just like when you are creating a new user. However, the parameters are optional and not like creating a new user. Please only submit the information that you wish to change. Be aware that the Username cannot be amended.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)

/User/:UsernameOderUserId

Inquire information about a particular user or even all your users

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/User/UsernameOrId
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.GetUser(req={ "UserNameOrUserId": "1234567" })
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array( "UserNameOrUserId" => "1234567" );
print_r( $api->GetUser($request) );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.GetUser(&certcenter.GetUserRequest{
    certcenter.UserData{
      UsernameOrUserId: "1234567",
    }})
  fmt.Println(res)
}
curl 'https://api.certcenter.com/rest/v1/User/1234567' \
 -H 'Authorization: Bearer #token#'
A binary file was returned

Your OAuth2 token is incorrect or has expired

// Multiple User (= UserInfos)
{
 "success" : true,
 "UserInfos" : [{
   "Timezone" : "Europe/Berlin",
   "SpecialProductAvailability" : false,
   "Scope" : "UI",
   "Id" : 1234567,
   "Active" : true,
   "InsertDate" : 1436814528,
   "Email" : "test@example.com",
   "Language" : "en_US",
   "Roles" : [ "ADMINISTRATOR" ],
   "TwoFactorEnabled" : true,
   "FullName" : "Doe, John",
   "Username" : "johndoe",
   "LastUpdateDate" : 1461537556,
   "LastPasswordChangeDate" : 1461503235
  },
  {..},
  {..}
 ]
}
{
   "UserInfo" : {
      "Timezone" : "Europe/Berlin",
      "SpecialProductAvailability" : false,
      "Scope" : "UI",
      "Id" : 4338928,
      "Active" : true,
      "InsertDate" : 1436814528,
      "Email" : "test@example.com",
      "Language" : "en_US",
      "Roles" : [ "ADMINISTRATOR" ],
      "TwoFactorEnabled" : true,
	  "FullName" : "Doe, John",
	  "Username" : "johndoe",
      "LastUpdateDate" : 1461537556,
      "LastPasswordChangeDate" : 1461503235
   },
   "success" : true
}

Path Params

UsernameOrId
string
required

Optional user indication - Leave blank to get information about all you users.

 

To list all of your users you need to perform a simple GET-Request from the resource. Please use /User to list all users of your organization and /User/johndoe to list a specific user of your organization (please see the sample below).

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • UserInfos - Array of the type UserInfo
  • UserInfo - Structure with the information to the user
  • UserInfo.Id - Specific ID of the user
  • UserInfo.Username - Username
  • UserInfo.FullName - Complete name or description
  • UserInfo.Email - E-mail address
  • UserInfo.Mobile - Cellphone number
  • UserInfo.Scope - Area the user is able to access
  • UserInfo.Active - User active? Possible values: true/false (boolean)
  • UserInfo.Roles - Set roles (Details to the roles)
  • UserInfo.Timezone - Timezone (e.g. "US/Pacific")
  • UserInfo.Locale - Language/local for the user (e.g. "de_DE" or "en_US")
  • UserInfo.SpecialProductAvailability - Products that the user can order (if the correct rights UserInfo.Roles are set for this user)
  • UserInfo.TwoFactorEnabled - Two-factor authentication active? Possible Values: true/false (boolean)
  • UserInfo.InsertDate - Time of creation (Timestamp in UTC)
  • UserInfo.LastUpdateDate - Last Update (Timestamp in UTC)
  • UserInfo.LastPasswordChangeDate - Last Password update (Timestamp in UTC)

/User/:UsernameOrId

Deleting a particular user

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
deletehttps://api.certcenter.com/rest/v1/User/UsernameOrId
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.DeleteUser(req={ "UserNameOrUserId": "userjohndoe" })
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array( "UserNameOrUserId" => "userjohndoe" );
print_r( $api->UpdateUser($request) );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.DeleteUser(&certcenter.DeleteUserRequest{
    UsernameOrUserId: "1234567",
  })
  fmt.Println(res)
}
curl -X DELETE 'https://api.certcenter.com/rest/v1/User/userjohndoe' -H 'Authorization: Bearer #token#'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "success": true,
  "Id": 1234567,
  "UserNameOrUserId": "userjohndoe"
}

Path Params

UsernameOrId
string
required

Use the username or the unique id of the user

 

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Id - Unique ID of the user
  • UserNameOrUserId - Submitted username or unique id

/Customer

Get all sub-customers

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Customer
curl 'https://api.certcenter.com/rest/v1/Customer' \
  -H 'Authorization: Bearer #token#'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
   "results" : 2,
   "CustomerInfos" : [
      {
         "DoingBusinessAs" : "",
         "Phone" : "+49 69 123456789",
         "City" : "Frankfurt",
         "Id" : 19222763,
         "UpdateDate" : "2017-10-20T11:33:20Z",
         "InsertDate" : "2015-12-07T10:29:22Z",
         "DisplayPricing" : true,
         "Website" : "",
         "Country" : "DE",
         "Email" : "reseller@example.com",
         "Address" : "Frankfurter Str. 821",
         "Fax" : "",
         "PrimaryContact" : {
            "LastName" : "Max",
            "FirstName" : "Mustermann"
         },
         "OrganizationName" : "ACME GmbH",
         "Reference" : null,
         "ProductAvailability" : [
            "QuickSSLPremium",
            "RapidSSL",
            "RapidSSLWildcard",
            "TrueBusinessID",
            "TrueBusinessIDWildcard",
            "TrueBusinessIDEV",
            "SecureSite",
            "SecureSitePro",
            "SecureSiteEV",
            "SecureSiteProEV",
            "SSLWebServer",
            "SSL123",
            "SSLWebServerWildcard",
            "SSLWebServerEV",
            "Malwarescan",
            "Malwarebasic",
            "TrustSealOrg",
            "SecureSiteWildcard",
            "VeriSignCSC",
            "ThawteCSC",
            "DomainSSL",
            "DomainSSLWildcard",
            "AlphaSSL",
            "AlphaSSLWildcard",
            "ExtendedSSL",
            "OrganizationSSL",
            "OrganizationSSLWildcard",
            "PersonalSign1",
            "PersonalSign2",
            "PersonalSign2Pro",
            "PersonalSign2Dept",
            "SecureSiteProWildcard",
            "QuickSSLPremiumWildcard",
            "SSL123Wildcard"
         ],
         "Locale" : "de_DE",
         "Zip" : "36049"
      },
      {..}
   ],
   "success" : true
}
 

/Customer/:CustomerID

Get all sub-customers

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Customer/CustomerID
curl 'https://api.certcenter.com/rest/v1/Customer/19222763' \
  -H 'Authorization: Bearer #token#'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
   "results" : 1,
   "CustomerInfo" : 
  {
	 "DoingBusinessAs" : "",
	 "Phone" : "+49 69 123456789",
	 "City" : "Frankfurt",
	 "Id" : 19222763,
	 "UpdateDate" : "2017-10-20T11:33:20Z",
	 "InsertDate" : "2015-12-07T10:29:22Z",
	 "DisplayPricing" : true,
	 "Website" : "",
	 "Country" : "DE",
	 "Email" : "reseller@example.com",
	 "Address" : "Frankfurter Str. 821",
	 "Fax" : "",
	 "PrimaryContact" : {
		"LastName" : "Max",
		"FirstName" : "Mustermann"
	 },
	 "OrganizationName" : "ACME GmbH",
	 "Reference" : null,
	 "ProductAvailability" : [
		"QuickSSLPremium",
		"RapidSSL",
		"RapidSSLWildcard",
		"TrueBusinessID",
		"TrueBusinessIDWildcard",
		"TrueBusinessIDEV",
		"SecureSite",
		"SecureSitePro",
		"SecureSiteEV",
		"SecureSiteProEV",
		"SSLWebServer",
		"SSL123",
		"SSLWebServerWildcard",
		"SSLWebServerEV",
		"Malwarescan",
		"Malwarebasic",
		"TrustSealOrg",
		"SecureSiteWildcard",
		"VeriSignCSC",
		"ThawteCSC",
		"DomainSSL",
		"DomainSSLWildcard",
		"AlphaSSL",
		"AlphaSSLWildcard",
		"ExtendedSSL",
		"OrganizationSSL",
		"OrganizationSSLWildcard",
		"PersonalSign1",
		"PersonalSign2",
		"PersonalSign2Pro",
		"PersonalSign2Dept",
		"SecureSiteProWildcard",
		"QuickSSLPremiumWildcard",
		"SSL123Wildcard"
	 ],
	 "Locale" : "de_DE",
	 "Zip" : "36049"
  },
   "success" : true
}

Path Params

CustomerID
int32
required

Id of the customer

 

/Voucher

Order a new voucher

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/Voucher
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.CreateVoucher(&certcenter.CreateVoucherRequest{
    OrderParameters:certcenter.OrderParameters{
      ProductCode: "Thawte.SSL123",
      PartnerOrderID: "My voucher order id (optional)",
      ServerCount: 1,
      SubjectAltNameCount: 0,
      ValidityPeriod: 12,
    },
  })
  fmt.Println(res)
}
curl -X POST 'https://api.certcenter.com/rest/v1/Voucher' \
-H 'Authorization: Bearer #token#' \
-d '{ 
 "OrderParameters": {
  "ProductCode": "Thawte.SSL123",
  "PartnerOrderID": "My voucher order id (optional)",
  "ServerCount": 1,
  "SubjectAltNameCount": 0,
  "ValidityPeriod": 12
 }
}'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "VoucherCode" : "LBTJQTLPSJIQ",
  "OrderParameters" : {
    "Price" : 123,
    "Currency" : "EUR",
    "ValidityPeriod" : 12,
    "ServerCount" : 0,
    "PartnerOrderID" : "My voucher order id (optional)",
    "SubjectAltNameCount" : 0,
    "ProductCode" : "Thawte.SSL123"
  },
  "success" : true
}

Body Params

OrderParameters
object
required
 
OrderParameters.ProductCode
string
required

Valid ProductCode

OrderParameters.PartnerOrderID
string

Optional partner order id

OrderParameters.ServerCount
string
required

Number of server licenses

OrderParameters.SubjectAltNameCount
string
required

Number of (NON-wildcard) SAN hosts (without the common name)

OrderParameters.ValidityPeriod
string
required

Number of months (24 or 12)

 

A VoucherCode can be used to create a certificate order without corresponding product types, validity periods, etc. and without further authentication or payments. Useful, e.g., for the custom build, external modules. Eg. WHMCS with cPanel or Plesk's token method. You can also redeem the VoucherCode directly through the CertCenter REST API.

Response Attributes

  • VoucherCode - The generated code you'll need to redeem the voucher
  • OrderParameters.Price - The amount you're paid for after redemption
  • OrderParameters.Currency
  • OrderParameters.ValidtyPeriod - Certificates period of validty
  • OrderParameters.ServerCount - Number of server licenses
  • OrderParameters.PartnerOrderID - Your individual partner order id
  • OrderParameters.SubjectAltNameCount - Number of SAN hosts
  • OrderParameters.ProductCode - Product code

Charging for vouchers

CertCenter won't charge you for generated voucher codes, but for redeemed certificates. Though, please keep in mind that to create coupons may decrease your limits, respectively.

/Redeem

Redeem a particular VoucherCode

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/Redeem
package main

import (
  "fmt"
  "io/ioutil"
  certcenter "certcenter.com/go"
)

func main() {
  // You don't need to be authenticated to redeem a voucher
  certcenter.Bearer = "#token#"
  csr, _ := ioutil.ReadFile("csr")
  fmt.Println(string(csr))
  res, _ := certcenter.RedeemVoucher(&certcenter.RedeemVoucherRequest{
    VoucherCode: "JDX1UBDC6AA1",
    // You don't need OrganizationInfo on DV orders, except for SSL123.
    OrganizationInfo: &certcenter.OrganizationInfo{
      OrganizationName: "Acme LLC",
      OrganizationAddress: &certcenter.OrganizationAddress{
        AddressLine1: "40 5th Ave",
        Region: "NY",
        PostalCode: "12012",
        Country: "US",
        City: "NY",
        Phone: "+1 121 444444",
      },
    },
    OrderParameters: &certcenter.OrderParameters{
      ProductCode: "Thawte.SSL123",
      CSR: string(csr),
      ValidityPeriod: 12,
      DVAuthMethod: "EMAIL",
      ServerCount: 1,
      // Needs to be a valid approver email address.
      // Inquire valid addresses via /ApproverEmail
      ApproverEmail:"postmaster@example.com",
      SignatureHashAlgorithm: "SHA256-FULL-CHAIN",
    },
    AdminContact: &certcenter.Contact{
      FirstName: "John",
      LastName: "Doe",
      Title: "CEO",
      Phone: "+1 212 999 999",
      Email: "john.doe@example.com",
    },
    TechContact: &certcenter.Contact{
      FirstName: "John",
      LastName: "Doe",
      Title: "CEO",
      Phone: "+1 212 999 999",
      Email: "john.doe@example.com",
    },
  })
  fmt.Println(res)
}
curl -X POST 'https://api.certcenter.com/rest/v1/Redeem' \
 -d '{ 
  "VoucherCode": "KZ61T1JPUK7S",
  "OrderParameters": {
   "ProductCode": "Thawte.SSL123",
   "CSR": "#csr#",
   "ServerCount": 1,
   "ValidityPeriod": 12,
   "ApproverEmail": "domains@certcenter.com",
  },
  "OrganizationInfo": {
  	"OrganizationName": "Acme LLC",
  	"OrganizationAddress": {
  		"AddressLine1": "40 5th Ave",
  		"Region": "NY",
  		"PostalCode": "12012",
  		"Country": "US",
  		"City": "NY",
  		"Phone": "+1 121 444444",
  	},
  },
  "AdminContact": {
  	"FirstName": "John",
  	"LastName": "Doe",
  	"Title": "CEO",
  	"Phone": "+1 212 999 999",
  	"Email": "john.doe@example.com",
  },
  "TechContact": {
  	"FirstName": "John",
  	"LastName": "Doe",
  	"Title": "CEO",
  	"Phone": "+1 212 999 999",
  	"Email": "john.doe@example.com",
  },
 }'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "success": true,
  "Timestamp": "2016-12-31T23:59:59Z",
  "CertCenterOrderID": 1234567890,
  "OrderParameters": {
    "CSR": "#CSR#",
    "ProductCode": "Thawte.SSL123",
    "ServerCount": 0,
    "SignatureHashAlgorithm": "SHA256-FULL-CHAIN",
    "SubjectAltNameCount": 0,
    "ValidityPeriod": 12
  }
}

Body Params

VoucherCode
string
required

Voucher to redeem

OrganizationInfo
object
 
OrganizationInfo.OrganizationAddress
object
 
OrderParameters
object
required
 
OrderParameters.ProductCode
string
required

Valid Product Code (e.g. GeoTrust.TrueBusinessID)

OrderParameters.PartnerOrderID
string

You may specify a value for your own reference

OrderParameters.ValidityPeriod
integer
required

Unit is "number of months" on regular ProductCodes (12 or 24) and "number of days" on AlwaysOnSSL products (min: 180, max: 365).

OrderParameters.CSR
string
required

PEM encoded Certificate Signing Request (PKCS#10)

OrderParameters.ServerCount
integer

Number of server licenses (default: 1), Mandatory for products with license based pricing (e.g. Symantec Secure Site)

OrderParameters.DVAuthMethod
string

Possible values: EMAIL, DNS, FILE. (default: EMAIL)

OrderParameters.SubjectAltNames
array of strings

Array of SAN hosts (available for products with SAN feature)

OrderParameters.InstallationService
boolean

True if you want CertCenter to configure the (customer's) web server (plus 89€)

OrderParameters.ExpediteIssuance
boolean

True if you want to expedite issuance time for OV/EV orders (plus 29€) [Only available for Comodo products]

OrderParameters.ApproverEmail
string

Email Address which should be used to validate a DV order

OrderParameters.SignatureHashAlgorithm
string

Desired Signature Hash Algorighm

OrderParameters.IsRenewal
boolean

Indicates whether this order is a renewal or a new order

OrderParameters.IsCompetitiveUpgrade
boolean

Indicates whether this order is a competitive updated (from CAs POV) or not

OrderParameters.DomainApprovers
object

Domain Control Validation information (if you want to use email based DCV)

 
AdminContact
object
required
 
AdminContact.FirstName
string
AdminContact.LastName
string
AdminContact.Phone
string
AdminContact.Fax
string
AdminContact.Email
string
AdminContact.OrganizationName
string
AdminContact.OrganizationAddress
string
TechContact
object
required
 
TechContact.FirstName
string
TechContact.LastName
string
TechContact.Phone
string
TechContact.Fax
string
TechContact.Email
string
TechContact.OrganizationName
string
TechContact.OrganizationAddress
string
 

The Redeem-method is very similar to the /Order method, except that you'll need to provide a valid VoucherCode and no authentication. Please note that the ProductCode needs to match the ProductCode which has been used while ordering the VoucherCode through /Voucher.

/Vouchers

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Vouchers
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
x = api.Vouchers()
print repr(x)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();

print_r( $api->Vouchers() );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.GetVouchers()
  fmt.Println(res.Vouchers[0].OrderParameters)
}
curl 'https://api.certcenter.com/rest/v1/Vouchers' -H 'Authorization: Bearer #token#'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "Vouchers": [
    {
      "CreationDate": "2017-01-01T00:00:00Z",
      "OrderParameters": {
        "Currency": "EUR",
        "Price": 123,
        "ProductCode": "RapidSSL",
        "ServerCount": 1,
        "SubjectAltNameCount": 0,
        "ValidityPeriod": 12
      },
      "Redeemed": false,
      "VoucherCode": "0L8AVQ4TTHTN"
    },
  ],
  "success": true
}
 

Retrieve all your VoucherCodes and related information about your Voucher orders. Use /Voucher/:VoucherCode to only retrieve the information for a particular voucher.

Response Attributes

  • Vouchers - An array of objects containing information about your vouchers
  • Vouchers.VoucherCode - The VoucherCode
  • Vouchers.Redeemed - Indicates whether the voucher has already been redeemed. Possible values: true/false (boolean)
  • Vouchers.CreationDate - The creation date of the voucher
  • Vouchers.OrderParameters - An object containing information about the order parameters
  • Vouchers.OrderParameters.Price - Your base price of this order
  • Vouchers.OrderParameters.Currency - The associated currency
  • Vouchers.OrderParameters.ProductCode - ProductCode which can be ordered with /Redeem
  • Vouchers.OrderParameters.ServerCount - Server licenses
  • Vouchers.OrderParameters.SubjectAltNameCount - Number of non-wildcard SANs
  • Vouchers.OrderParameters.ValidityPeriod - Validity period in months (12, 24)

/Voucher/:VoucherCode

Fetch information for a VoucherCode

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Voucher/VoucherCode
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
x = api.GetVoucher("0L8AVQ5TTHTN")
print repr(x)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();

print_r( $api->GetVoucher("0L8AVQ5TTHTN") );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.GetVoucher("0L8AVQ5TTHTN")
  fmt.Println(res.Vouchers[0].OrderParameters)
}
curl 'https://api.certcenter.com/rest/v1/Voucher/0L8AVQ5TTHTN' \
-H 'Authorization: Bearer #token#'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "Vouchers": [
    {
      "CreationDate": "2017-01-01T00:00:00Z",
      "OrderParameters": {
        "Currency": "EUR",
        "Price": 123,
        "ProductCode": "RapidSSL",
        "ServerCount": 1,
        "SubjectAltNameCount": 0,
        "ValidityPeriod": 12
      },
      "Redeemed": false,
      "VoucherCode": "0L8AVQ5TTHTN"
    },
  ],
  "success": true
}

Path Params

VoucherCode
string
required

A VoucherCode which you want to inquire information about

 

Retrieve a particular VoucherCode and related information about your order.

Response Attributes

  • Vouchers - An array of objects containing information about your vouchers
  • Vouchers.VoucherCode - The VoucherCode
  • Vouchers.Redeemed - Indicates whether the voucher has already been redeemed. Possible values: true/false (boolean)
  • Vouchers.CreationDate - The creation date of the voucher
  • Vouchers.OrderParameters - An object containing information about the order parameters
  • Vouchers.OrderParameters.Price - Your base price of this order
  • Vouchers.OrderParameters.Currency - The associated currency
  • Vouchers.OrderParameters.ProductCode - ProductCode which can be ordered with /Redeem
  • Vouchers.OrderParameters.ServerCount - Server licenses
  • Vouchers.OrderParameters.SubjectAltNameCount - Number of non-wildcard SANs
  • Vouchers.OrderParameters.ValidityPeriod - Validity period in months (12, 24)

/Voucher/:VoucherCode

Invalidate a particular VoucherCode

 

OAuth2 Auth

Bearer
 Authentication is required for this endpoint.
deletehttps://api.certcenter.com/rest/v1/Voucher/VoucherCode
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
x = api.DeleteVoucher("JDX1UBDC6AA1")
print repr(x)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();

print_r( $api->DeleteVoucher("JDX1UBDC6AA1") );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.DeleteVoucher("JDX1UBDC6AA1")
  fmt.Println(res)
}
curl -X DELETE 'https://api.certcenter.com/rest/v1/Voucher/JDX1UBDC6AA1' \
-H 'Authorization: Bearer #token#'
A binary file was returned

Your OAuth2 token is incorrect or has expired

{
  "Message" : "Voucher JDX1UBDC6AA1 has been voided!",
  "success" : true
}
{
  "Message": "VoucherCode does not exist or has already been redeemed",
  "ErrorId": 403,
  "success": false
}

Path Params

VoucherCode
string
required

The VoucherCode you want to delete

 

Allows you to invalidate a particular voucher.

/Voucher/*/:VoucherCode

Allows a 3rd party to get information about a particular VoucherCode w/o authentication

 
gethttps://api.certcenter.com/rest/v1/Voucher/*/VoucherCode
curl 'https://api.certcenter.com/rest/v1/Voucher/*/0L8AVQ5TTHTN'
A binary file was returned

You couldn't be authenticated

{
  "Vouchers": [
    {
      "OrderParameters": {
        "ProductCode": "RapidSSL",
        "ServerCount": 1,
        "SubjectAltNameCount": 0,
        "ValidityPeriod": 12
      },
    },
  ],
  "success": true
}
// Occures if a voucher does not exists,
// has been voided or already redeemed.
{
  "Message": "VoucherToken invalid",
  "ErrorId": -2011,
  "success": false
}

Path Params

VoucherCode
string
required

A VoucherCode which you want to inquire information about

 

Retrieve a particular VoucherCode and related information about your order. This method is very similar to /Voucher/:VoucherCode, except that it allows anonymous access and the result contains less information (e.g., no price, currency, status).

Response Attributes

  • Vouchers - An array of objects containing information about your vouchers
  • Vouchers.VoucherCode - The VoucherCode
  • Vouchers.OrderParameters - An object containing information about the order parameters
  • Vouchers.OrderParameters.ProductCode - ProductCode which can be ordered with /Redeem
  • Vouchers.OrderParameters.ServerCount - Server licenses
  • Vouchers.OrderParameters.SubjectAltNameCount - Number of non-wildcard SANs
  • Vouchers.OrderParameters.ValidityPeriod - Validity period in months (12, 24)

/Order/*/:VoucherCode

Allows a 3rd party to get information about a particular Order (based on a Voucher) w/o authentication

 
gethttps://api.certcenter.com/rest/v1/Order/*/VoucherCode
curl 'https://api.certcenter.com/rest/v1/Order/*/0L8AVE5TTHTN'
A binary file was returned

You couldn't be authenticated

Try the API to see results

Path Params

VoucherCode
string
required

A VoucherCode which you want to inquire information about

 

This method allows you to get information about a particular Order, initiated by /Redeem. You don't need to be authenticated to call this method because the most 3rd-party apps (like cPanel, Plesk) need order statuses for their voucher-based Orders and they don't have proper authentication information as the authentication and VoucherOrder took place on a different spot (e.g., at WHMCS).

Response Attributes

Please see /Order/:CertCenterOrderID as it behaves the same.