CertCenter Developer Hub

Welcome to the new CertCenter developer hub. You'll find comprehensive guides and documentation to help you start working with CertCenter as quickly as possible, as well as support if you get stuck.

Let's jump right in!

Get Started Reference

/Profile

Retrieve information about your profile

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Profile
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
x = api.Profile()
print repr(x)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->Profile() );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, err := certcenter.Profile()
}
curl "https://api.certcenter.com/rest/v1/Profile" -H "Authorization: Bearer #token#"
{
  "AuthType": "OAUTH2",
  "AuthorizationID": 123,
  "Country": "DE",
  "Currency": "EUR",
  "CustomerID": 123456,
  "Locale": "de_DE",
  "OAuth2_Token": "#token#",
  "Scope": "UI",
  "Timezone": "Europe/Berlin"
}
 

Retrieve information regarding the current profile.

Response Attributes

  • Currency - Current currency
  • AuthType - Type of the applied authentication (currently only "OAUTH2" possible)
  • OAuth2_Token - OAuth2 Bearer Token used for the Authentication
  • Country - Country set in your user profile (ISO code, e.g. DE, US, GB, ..)
  • Timezone - Time zone related to your user profile (e.g. "Europe/Berlin")
  • Locale - Local settings (e.g. "de_DE")
  • Scope - API = Pure API-User, UI = Token authorized via CertCenter Extranet
  • AuthorizationID - OAuth2 Bearer Token authorized with specified user with ID
  • CustomerID - User’s Customer ID

/Limit

Retrieve information about your individual limits

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Limit
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
x = api.Limit()
print repr(x)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->Limit() );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	res, err := certcenter.Limit()
}
curl "https://api.certcenter.com/rest/v1/Limit" -H "Authorization: Bearer #token#"
{
  "LimitInfo": {
    "Limit": 10000,
    "Used": 4508.35
  },
  "success": true
}
 

Retrieve current information about the individual limit.
Here you can find more general information about your limits.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • LimitInfo.Limit - Credit limit
  • LimitInfo.Used - Currently used

CURRENCIES

Amounts are always in the currency of your account.

/Products

Retrieve valid ProductCodes

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Products
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.Products()
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->Products() );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	res, err := certcenter.Products()
}
curl "https://api.certcenter.com/rest/v1/Products" -H "Authorization: Bearer #token#"
{
  "Products": [
    "Symantec.SecureSite",
    "Symantec.SecureSitePro",
    "Symantec.SecureSiteEV",
    "Symantec.SecureSiteProEV",
    "Symantec.SecureSiteWildcard",
    {..}
  ],
  "success": true
}
 

This method let you retrieve all valid product codes and corresponding options and properties.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Products - Array of valid ProductCodes (eg. Symantec.SecureSiteEV)

/ProductDetails

Retrieve details on a proper product

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/ProductDetails
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.ProductDetails(req={"ProductCode":"GlobalSign.ExtendedSSL"})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->ProductDetails(Array("ProductCode"=>"GlobalSign.ExtendedSSL")) );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	res, err := certcenter.ProductDetails("GeoTrust.QuickSSLPremium")
}
curl "https://api.certcenter.com/rest/v1/ProductDetails?ProductCode=GlobalSign.ExtendedSSL" -H "Authorization: Bearer #token#"
{
  "ProductDetails": {
    "CA": "GlobalSign",
    "Currency": "EUR",
    "Features": [
      "EV",
      "SAN",
      "ECC"
    ],
    "Licenses": 0,
    "MaxValidityPeriod": 24,
    "Price": 123.45,
    "ProductCode": "GlobalSign.ExtendedSSL",
    "ProductName": "GlobalSign ExtendedSSL",
    "ProductType": "SSL",
    "RefundPeriod": 30,
    "RenewPeriod": 90,
    "SANFeatures": [
      "externalDomains",
      "HostOnlyIncluded"
    ],
    "SANHostPrice": 123,
    "SANMaxHosts": 100,
    "SANPackagePrice": 0,
    "SANPackageSize": 0
  },
  "success": true
}

Query Params

ProductCode
string

Valid ProductCode's are available through /Products

 

This method let you retrieve details about the specified ProductCode, like

  • Product Features
  • Maximum period of validity
  • Base price
  • Included server licenses
  • Product Description
  • Certification Authority (CA)

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • ProductDetails.Features - Multiple values are possible. Possible values:
Value
Description

DV

Support for Domain Validation

OV

Support for Organization Validation

EV

Support for Extended Validation

SAN

Support for Subject Alternative Names

WC

Wildcard option (*.example.com)

ECC

Elliptic Curve Cryptography

DSA

Digital Signature Algorithm

DMS

Daily Malware Scan

TS

Trust Seal

WVS

Vulnerability Assessment

RI

Ready Issuance (Pre-Validation)

  • ProductDetails.MaxValidityPeriod - Period of validity in months (at least 12)
  • ProductDetails.RenewPeriod - Remaining time before the expiration of old certificates may be applied to the period of validity of a new certificate
  • ProductDetails.RefundPeriod - Days allotted after the issuance of the certificate where revocation of the certificate can be made free of charge.
  • ProductDetails.Price - Price for the certificate
  • ProductDetails.Currency - Currency
  • ProductDetails.Licenses Number of included licenses (0 = unlimited)
  • ProductDetails.DVAuthMethods - Multiple values are possible. Possible values:
Value
Description

FILE

File-based validation is available

DNS

DNS based validation is available

META

META-Tag validation is available (only GlobalSign products)

EMAIL

EMAIL based validation is available

  • ProductDetails.ProductType - Possible Values:
Value
Description

SSL

SSL/TLS Certificates

CODESIGN

Code Signing Certificates

SMIME

S/MIME Certificates / Digital IDs

TRUSTSEAL

Dynamic Trust Seals without SSL/TLS Certificate

Additional Response Attributes (if the certificate allows SANs):

  • ProductDetails.SANFeatures - Multiple values possible. Possible values:
Value
Description

externalDomains

Additional hostnames possible where the domain can be different to those in the CommonName

equalDomains

Additional hostnames possible, equal to the CommonName

HostOnlyIncluded

APEX-Domain (e.g. "example.com") included in the order if the common name is "www.example.com."

dailyMalwareScan

Daily malware scan, also included for SAN-Hosts

SANPackagePrice

Package price for the initial minimum of SAN-Hosts (currently only for GeoTrust True BusinessID Certificates)

SANPackageSize

SAN package size (included hosts)

SANMaxHosts

Max amount of SANs

SANHostPrice

Price for one additional SAN (For GeoTrust True BusinessID Certificates every SAN after the SAN Package)

CURRENCIES

Amounts are always in the currency of your account.

/Quote

Create a quotation

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Quote
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.Quote(req={
	"ProductCode": "GlobalSign.ExtendedSSL",
	"SubjectAltNameCount": 2,
	"ValidityPeriod": 12,
	"ServerCount": 1
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
	"ProductCode"=>"GlobalSign.ExtendedSSL",
	"SubjectAltNameCount"=>2,
	"ValidityPeriod"=>12,
	"ServerCount"=>1
);
print_r( $api->Quote($request) );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	res, err := certcenter.Quote(&certcenter.QuoteRequest{
		ProductCode: "Symantec.SecureSiteEV",
		SubjectAltNameCount: 0,
		ValidityPeriod: 24,
		ServerCount: 1,
	})
}
curl "https://api.certcenter.com/rest/v1/Quote?ProductCode=GlobalSign.ExtendedSSL&ValidityPeriod=12&ServerCount=1&SubjectAltNameCount=2" -H "Authorization: Bearer #token#"
{
  "Currency": "EUR",
  "OrderParameters": {
    "ProductCode": "GlobalSign.ExtendedSSL",
    "ServerCount": 0,
    "SubjectAltNameCount": 2,
    "ValidityPeriod": 12
  },
  "Price": 123.45,
  "success": true
}

Query Params

ProductCode
string
required

Valid ProductCode

ValidityPeriod
int32
required

Unit is "number of months" on regular ProductCodes (12 or 24) and "number of days" on AlwaysOnSSL products (min: 180, max: 365).

ServerCount
int32
required

Number of server licenses

SubjectAltNameCount
int32
required

Number of (NON-wildcard) SAN hosts

 

This method may be used to determine an exact price before purchase.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Currency - Current currency
  • Price - Total amount for the required product
  • OrderParameters.ProductCode - Requested Product Code
  • OrderParameters.ServerCount - Requested amount of licenses
  • OrderParameters.SubjectAltNameCount - Requested amount of additional SANs
  • OrderParameters.ValidityPeriod - Requested validity period in months

CURRENCIES

Amounts are always in the currency of your account.

/ValidateCSR

Parse and validate a PEM-encoded Certificate Signing Request (PKCS#10)

 

OAuth2 Auth

 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/ValidateCSR
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.ValidateCSR(req={
	"CSR": "#CSR#"
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->ValidateCSR(Array("CSR"=>"#CSR#")) );
?>
package main

import (
  "io/ioutil"
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	csr, _ := ioutil.ReadFile("csr.pem")
	res, err := certcenter.ValidateCSR(&certcenter.ValidateCSRRequest{
		CSR: string(csr),
	})

}
curl -X POST 'https://api.certcenter.com/rest/v1/ValidateCSR' \
  -H 'Content-Type: application/json' \
  -d '{ "CSR": "#CSR#" }'
{
  "ParsedCSR": {
    "CommonName": "www.certcenter.de",
    "Country": "DE",
    "Email": "corporate-contact@certcenter.com",
    "KeyEncryptionAlgorithm": "ECC",
    "KeyLength": 256,
    "Locality": "Giessen",
    "Organization": "CertCenter AG",
    "OrganizationUnit": "",
    "SignaturAlgorithm": "ecdsa-with-SHA256",
    "State": "Hessen"
  },
  "success": true
}

Body Params

CSR
string
required

PEM encoded PKCS#10 Certificate Signing Request generated with a RSA (recommended), ECC or DSA key.

 

Use this method to validate and parse the Certificate Signing Requests (CSR) you received from your client.

Response Attributes

  • success - Indicator of success. Possible value: true/false (boolean)
  • ParsedCSR.CommonName - Common name
  • ParsedCSR.Organization - Organization / Company
  • ParsedCSR.OrganizationUnit - Organization unit
  • ParsedCSR.Locality - City
  • ParsedCSR.State - State
  • ParsedCSR.Country - Country
  • ParsedCSR.Email - E-mail address
  • ParsedCSR.SignaturAlgorithm - Applied Signature Hashing Algorithm
  • ParsedCSR.KeyEncryptionAlgorithm - Applied Encryption Algorithm. Possible values: RSA, ECC, DSA
  • ParsedCSR.KeyLength - Key length in bits

/UserAgreement

Get the CAs Subscriber Agreement for the product specified

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/UserAgreement
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.UserAgreement(req={'ProductCode':'GeoTrust.QuickSSLPremium'})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->UserAgreement(Array("ProductCode"=>"GeoTrust.QuickSSLPremium")) );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	res, err := certcenter.UserAgreement("GeoTrust.QuickSSLPremium")
}
curl 'https://api.certcenter.com/rest/v1/UserAgreement?ProductCode=GeoTrust.QuickSSLPremium' -H 'Authorization: Bearer #token#'
{
  "success": true,
  "ProductCode": "GeoTrust.QuickSSLPremium",
  "UserAgreement": "SSL Certificate Subscriber Agreement
YOU MUST READ THIS SSL CERTIFICATE SUBSCRIBER AGREEMENT {..}"
}

Query Params

ProductCode
string
required

Valid ProductCode

 

We encourage to display the Certificate Authorities' Subscriber Agreement in your order routine - right ahead of the order button.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • ProductCode - Requested Product Code
  • UserAgreement - Terms of Use for the related Product Code

/ApproverList

Request allowed email addresses for domain validation via EMAIL

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/ApproverList
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.ApproverList(req={
 "CommonName": "www.certcenter.com",
 "ProductCode": "GeoTrust.QuickSSLPremium"
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
	"CommonName"=> "www.certcenter.com",
	"ProductCode"=> "GeoTrust.QuickSSL"
);
print_r( $api->ApproverList($request) );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	res, err := certcenter.ApproverList(&certcenter.ApproverListRequest{
		CommonName: "www.example.com",
		ProductCode: "GeoTrust.QuickSSLPremium",
	})
}
curl 'https://api.certcenter.com/rest/v1/ApproverList?CommonName=www.certcenter.de&ProductCode=GlobalSign.DomainSSL' -H 'Authorization: Bearer #token#'
{
  "ApproverList": [
    {
      "ApproverEmail": "domains@certcenter.com",
      "ApproverType": "Domain"
    },
    {
      "ApproverEmail": "admin@certcenter.de",
      "ApproverType": "Generic"
    },
    {
      "ApproverEmail": "administrator@certcenter.de",
      "ApproverType": "Generic"
    },
    {..},
  ],
  "success": true
}

Query Params

CommonName
string
required
ProductCode
string
required
 

To issue domain validated certificates, you need to validate domains ownership either by sending out an email to an address specified by the CA or by checking a special file on a proper web server address. To do email validations, it is necessary to look up qualified email addresses. This method is suitable for exactly this purpose.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • ApproverList[] - Array with possible e-mail addresses
  • ApproverList[].ApproverEmail - E-mail
  • ApproverList[].ApproverType - Possible values: Generic, Manual

ApproverType "Generic"

This approver type refers to the common e-mail address which you can use for your DV order. The customer will receive an e-mail to confirm and release the order.

ApproverType "Manual"

This particular approver type indicates an alternative e-mail address from the CA. The CA will contact the client to validate the e-mail address.

/Order

Submitting an Order

 

OAuth2 Auth

 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/Order
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
 "OrganizationInfo": {
  "OrganizationName": "Super Mall, Inc.",
  "OrganizationAddress": {
   "AddressLine1": "5550 E Woodmen Rd",
   "PostalCode": "80920",
   "City": "Colorado Springs",
   "Region": "CO",
   "Country": "US",
   "Phone": "string",
   "Fax": "string",
   "Phone": "+1 719-111-111",
   "Fax": "+1 719-111-112"
  }
 },
 "OrderParameters": {
  "ProductCode": "GlobalSign.OrganizationSSL",
  "IsCompetitiveUpgrade": False,
  "SubjectAltNames": [
   "www.super-mall-inc.net",
   "www.super-mall-inc.de"
  ],
  "PartnerOrderID": "WhatEverYouWant-ItsYourOrderIdentifier",
  "IsRenewal": False,
  "ServerCount": 1,
  "SignatureHashAlgorithm": "SHA256-ECC-HYBRID",
  "CSR": "#CSR#",
  "Email": "domains@super-mall.com",
  "ValidityPeriod": 12
 },
 "AdminContact": {
  "Title": "CIO",
  "FirstName": "John",
  "LastName": "Doe",
  "OrganizationName": "Super Mall, Inc.",
  "OrganizationAddress": {
    "AddressLine1": "5550 E Woodmen Rd",
    "PostalCode": "80920",
    "City": "Colorado Springs",
    "Region": "CO",
    "Country": "US"
  },
  "Phone": "+1 719-111-111",
  "Fax": "+1 719-111-112",
  "Email": "admin@super-mall.com"
 },
}
request['TechContact'] = request['AdminContact']
res = api.Order(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "OrganizationInfo"=>Array(
 "OrganizationName"=>"Super Mall, Inc.",
 "OrganizationAddress"=>Array(
		"AddressLine1"=>"5550 E Woodmen Rd",
		"PostalCode"=>"80920",
		"City"=>"Colorado Springs",
		"Region"=>"CO",
		"Country"=>"US",
		"Phone"=>"string",
		"Fax"=>"string",
		"Phone"=>"+1 719-111-111",
		"Fax"=>"+1 719-111-112"
	)
  ),
  "OrderParameters"=>Array(
    "ProductCode"=>"GlobalSign.OrganizationSSL",
    "IsCompetitiveUpgrade"=>false,
    "SubjectAltNames"=>Array(
      "www.super-mall-inc.net",
      "www.super-mall-inc.de"
    ),
    "PartnerOrderID"=>"WhatEverYouWant-ItsYourOrderIdentifier",
    "IsRenewal"=>false,
    "ServerCount"=>1,
    "SignatureHashAlgorithm"=>"SHA256-ECC-HYBRID",
    "CSR"=>"-----BEGIN CERTIFICATE REQUEST-----
MIIBVTCB/QIBADCBmjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNPMRkwFwYDVQQH
ExBDb2xvcmFkbyBTcHJpbmdzMRkwFwYDVQQKExBTdXBlciBNYWxsLCBJbmMuMR8w
HQYDVQQDExZ3d3cuc3VwZXItbWFsbC1pbmMuY29tMScwJQYJKoZIhvcNAQkBFhhh
ZG1pbkBzdXBlci1tYWxsLWluYy5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC
AAT4E1K5QOPD55LbB7x8ydEJhVa69SpScj5at6R1f8HdBckhuXvxJX+XvaLQvA0d
M6aZFEfcPlzoLgmTbtcnUEWloAAwCQYHKoZIzj0EAQNIADBFAiAB0XTEhsle2SNb
A2462JcRYBSAWf4gSRUHpCxCRHm6OQIhAK6rn6B40kh4EdAvuL9BaCQjeU0HHIG9
lj1JDQDKSbBZ
-----END CERTIFICATE REQUEST-----
",
    "Email"=>"domains@super-mall.com",
    "ValidityPeriod"=>12
  ),
  "AdminContact"=>Array(
    "Title"=>"CIO",
    "FirstName"=>"John",
    "LastName"=>"Doe",
    "OrganizationName"=>"Super Mall, Inc.",
    "OrganizationAddress"=>Array(
      "AddressLine1"=>"5550 E Woodmen Rd",
      "PostalCode"=>"80920",
      "City"=>"Colorado Springs",
      "Region"=>"CO",
      "Country"=>"US"
    ),
    "Phone"=>"+1 719-111-111",
    "Fax"=>"+1 719-111-112",
    "Email"=>"admin@super-mall.com"
  ),
);
$request['TechContact'] = $request['AdminContact'];
print_r( $api->Order($request) );
?>
curl -X POST 'https://api.certcenter.com/rest/v1/Order' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer #token#' \
  -d '{
  "OrderParameters": {
    "ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
    "CSR": "#CSR#",
    "ValidityPeriod": 180
  }
}'
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.Order(req={
	'OrderParameters': {
		"ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
		"CSR": "#CSR#",
		"ValidityPeriod": 180,
		"DVAuthMethod": "DNS"
	}
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
print_r( $api->Order(Array(
	'OrderParameters' => Array(
		"ProductCode" => "AlwaysOnSSL.AlwaysOnSSL",
		"CSR" => $CSR,
		"ValidityPeriod" => 180,
		"DVAuthMethod" => "DNS"
	)
)) );
?>
package main

import (
	"io/ioutil"
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	csr, _ := ioutil.ReadFile("csr")
	res, err := certcenter.Order(&certcenter.OrderRequest{
			OrderParameters: certcenter.OrderParameters{
				ProductCode: "RapidSSL.RapidSSL",
				CSR: string(csr),
				ValidityPeriod: 24,
				ApproverEmail:"domains@certcenter.com",
			},
			AdminContact: certcenter.Contact{
				FirstName: "John",
				LastName: "Doe",
				Phone: "+1 212 999 999",
				Email: "john.doe@example.com",
			},
			TechContact: certcenter.Contact{
				FirstName: "John",
				LastName: "Doe",
				Phone: "+1 212 999 999",
				Email: "john.doe@example.com",
			},
		},
	)
}
curl -X POST 'https://api.certcenter.com/rest/v1/Order' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer #token#' \
  -d '{
  "OrderParameters": {
    "PartnerOrderID": "UniqueId",
    "ProductCode": "GlobalSign.ExtendedSSL",
    "ValidityPeriod": 12,
    "CSR": "#CSR#",
    "ServerCount": 1,
    "SubjectAltNames": [
      "www.example-bank.net",
      "www.example-bank.com"
    ],
    "IsCompetitiveUpgrade": false,
    "IsRenewal": false
  },
  "OrganizationInfo": {
    "OrganizationName": "Muster Bank AG",
    "OrganizationAddress": {
      "AddressLine1": "Friedrich-Ebert-Anlage 49",
      "City": "Frankfurt am Main",
      "PostalCode": "60308",
      "Region": "Hessen",
      "Country": "DE",
      "Fax": "+49 69 1234567891",
      "Phone": "+49 69 1234567890"
    }
  },
  "AdminContact": {
    "Title": "CIO",
    "FirstName": "Max",
    "LastName": "Mustermann",
    "Phone": "+49 69 1234567890",
    "Fax": "+49 69 1234567891",
    "Email": "it@example-bank.de",
    "OrganizationName": "Muster Bank AG",
    "OrganizationAddress": {
      "AddressLine1": "Friedrich-Ebert-Anlage 49",
      "City": "Frankfurt am Main",
      "PostalCode": "60308",
      "Region": "Hessen",
      "Country": "DE"
    }
  },
  "TechContact": {
    "Title": "CIO",
    "FirstName": "Max",
    "LastName": "Mustermann",
    "Phone": "+49 69 1234567890",
    "Fax": "+49 69 1234567891",
    "Email": "it@muster-bank.de",
    "OrganizationName": "Muster Bank AG",
    "OrganizationAddress": {
      "AddressLine1": "Friedrich-Ebert-Anlage 49",
      "City": "Frankfurt am Main",
      "PostalCode": "60308",
      "Region": "Hessen",
      "Country": "DE"
    }
  }
}'
{
  "success": true,
  "Timestamp": "2015-12-31T23:59:59Z",
  "CertCenterOrderID": 1234567890,
  "OrderParameters": {
    "CSR": "#CSR#",
    "IsCompetitiveUpgrade": false,
    "IsRenewal": false,
    "PartnerOrderID": "UniqueId",
    "ProductCode": "GlobalSign.ExtendedSSL",
    "ServerCount": 0,
    "SignatureHashAlgorithm": "SHA256-ECC-HYBRID",
    "SubjectAltNameCount": 2,
    "SubjectAltNames": [
      "www.example-bank.net",
      "www.example-bank.com"
    ],
    "ValidityPeriod": 12
  }
}
{
  "success": true
  "Timestamp": "2016-02-23T12:45:31Z",
  "CertCenterOrderID": 1234567890,
  "Fulfillment": {
    "Certificate": "-----BEGIN CERTIFICATE-----
{..}
-----END CERTIFICATE-----",
    "Certificate_PKCS7": "-----BEGIN PKCS #7 SIGNED DATA-----
{..}
-----END PKCS #7 SIGNED DATA-----",
    "Intermediate": "-----BEGIN CERTIFICATE-----
{..}
-----END CERTIFICATE-----"
  },
  "OrderParameters": {
    "CSR": "-----BEGIN CERTIFICATE REQUEST-----
{...}
-----END CERTIFICATE REQUEST-----",
    "DVAuthMethod": "DNS",
    "PartnerOrderID": "APIR-XYZ123-EXAMPLE",
    "ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
    "SignatureHashAlgorithm": "SHA256-FULL-CHAIN",
    "ValidityPeriod": 180
  }
}

Body Params

OrderParameters
object
required
 
AdminContact
object
required
 
TechContact
object
required
 
OrganizationInfo
object

Required for OV/EV order only

 
PartnerOrderID
string

Optional: Partners unique order number

ApproverEmail
string

Required for DV order only. Valid email address of the domain owner. Information is required for Domain Validation via e-mail. Get valid addresses via /ApproverList

IsCompetitiveUpgrade
boolean

Upgrade from a product of a competitor (= free month, no discount)

IsRenewal
boolean

Renewal of a current existing product (= remaining time will be added to the period of validity of the new certificate)

IsUpsell
boolean

Applicable for AlwaysOnSSL certificates only

SignatureHashAlgorithm
string

In relation to the Key Encryption Algorithm (RSA, ECC, DSA) with the related private key, you can choose the desired Signature Hashing Algorithm for your certificate. (valid algorithms are described below)

 

Required Parameters for Certificates with Domain Validation

  • OrderParameters.ProductCode - Valid ProductCode for DV certificates (e.g. GlobalSign.DomainSSL)
  • OrderParameters.ValidityPeriod - Unit is "number of months" on regular ProductCodes (12 or 24) and "number of days" on AlwaysOnSSL products (min: 180, max: 365).
  • OrderParameters.CSR - Valid Certificate Signing Request (CSR) (PEM-encoded PKCS#10). Generated with a RSA-/ECC-/DSA-Key (min. 2048 bit)
  • AdminContact.FirstName - First name of contact person
  • AdminContact.LastName - Last name of contact person
  • AdminContact.Phone - Phone number of contact person
  • AdminContact.Email - E-mail address of contact person
  • TechContact.FirstName - First name of contact person
  • TechContact.LastName - Last name of contact person
  • TechContact.Phone - Phone number of contact person
  • TechContact.Email - E-mail address of contact person

Additional required parameters for Organization-Validated certificates

  • OrderParameters.ServerCount - For certificates from Symantec
  • AdminContact.OrganizationName - For certificates from Symantec
  • AdminContact.OrganizationAddress - For certificates from Symantec
  • AdminContact.OrganizationAddress.AddressLine1 - Address
  • AdminContact.OrganizationAddress.PostalCode - Area Code
  • AdminContact.OrganizationAddress.City - City
  • AdminContact.OrganizationAddress.Region - State
  • AdminContact.OrganizationAddress.Country - ISO country code
  • AdminContact.Title - Title of contact person (z.B. CIO)
  • AdminContact.Fax - Fax number of contact person
  • TechContact.OrganizationName - For certificates from Symantec
  • TechContact.OrganizationAddress - For certificates from Symantec
  • TechContact.OrganizationAddress.AddressLine1 - Address
  • TechContact.OrganizationAddress.PostalCode - Area Code
  • TechContact.OrganizationAddress.City - City
  • TechContact.OrganizationAddress.Region - State
  • TechContact.OrganizationAddress.Country - ISO country code
  • TechContact.Title - Title of contact person (z.B. CIO)
  • TechContact.Fax - Fax number of contact person
  • OrganizationInfo.OrganizationName - Name of Organization/Company
  • OrganizationInfo.OrganizationAddress
  • OrganizationInfo.OrganizationAddress.AddressLine1 - Address
  • OrganizationInfo.OrganizationAddress.PostalCode - Area Code
  • OrganizationInfo.OrganizationAddress.City - City
  • OrganizationInfo.OrganizationAddress.Region - State
  • OrganizationInfo.OrganizationAddress.Country - ISO country code
  • OrganizationInfo.OrganizationAddress.Phone - Phone number

Optional Parameters

  • PartnerOrderID - Partner Order number
  • OrderParameters.DVAuthMethod - Possible values: EMAIL, DNS, FILE (default: EMAIL)
Value
Description

EMAIL

Domain Validation will be carried out via E-Mail (Standard)

DNS

Domain Validation will be carried out via DNS-Entry

FILE

Domain Validation will be carried out via File-Auth

  • OrderParameters.SubjectAltNames - Additional Hostnames, comma seperated (Subject Alternative Names)
  • ApproverEmail - Valid e-mail of the domain owner. Information is required for Domain Validation via e-mail.
  • IsCompetitiveUpgrade - Upgrade from a product of a competitor (= free month, no discount)
  • IsRenewal - Renewal of a current existing product (= remaining time will be accounted to the period of validity of the new certificate)
  • IsUpsell - ONLY for the upgrade from AlwaysOnSSL Certificates to other products. (Attention: the correct submission of the order and the related values might be part of your active hosting partner contract).
  • SignatureHashAlgorithm - In relation to the Key Encryption Algorithm (RSA, ECC, DSA) with the related private key, you can choose the desired Signature Hashing Algorithm for your certificate:
Value
Description

SHA256-FULL-CHAIN

Standard & recommended for RSA: SHA256-bit RSA Server Certificate with RSA SHA256-bit Intermediate and SHA256-bit RSA root

SHA256-ECC-HYBRID

Standard & recommended for ECC: SHA256-bit ECC Server Certificate with ECC SHA256-bit Intermediate and SHA256-bit RSA root (=highest compatibility to the devices without affecting the security)

SHA2-256

Only Symantec, Thawte, GeoTrust, RapidSSL: SHA256-bit RSA Server-Certificate with RSA SHA256-bit Intermediate and SHA-1 RSA root

SHA256-ECC-FULL

Only Symantec: SHA256-bit ECC Server Certificate with full ECC chain and ECC root

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Errors - Should this situation arise - Error structure (see handling Errors)
  • Timestamp - Timestamp in UTC
  • CertCenterOrderID - >0 (integer), if successful, otherwise 0
  • OrderParameters
  • OrderParameters.CSR - CSR from the order
  • OrderParameters.IsCompetitiveUpgrade - Is the order a competitive upgrade? Possible values: true/false (boolean)
  • OrderParameters.IsRenewal - Is it a renewal? Possible values: true/false (boolean)
  • OrderParameters.IsUpsell - Upgrade from AlwaysOnSSL to another Product? Possible values: true/false (boolean)
  • OrderParameters.PartnerOrderID - Partner- OrderID. If not transmitted, it will be generated automatically
  • OrderParameters.ProductCode - Transmitted Product Code
  • OrderParameters.ServerCount - Amount of server licenses
  • OrderParameters.SignatureHashAlgorithm - Signature Hash Algorithmus
  • OrderParameters.SubjectAltNameCount - Amount of SANs
  • OrderParameters.SubjectAltNames - Transmitted SANs
  • OrderParameters.ValidityPeriod - Validity period
  • OrderParameters.DNSAuthDetails - Information for the validation via DNS (DVAuthMethod DNS)
  • OrderParameters.DNSAuthDetails.PointerType - Possible value: TXT
  • OrderParameters.DNSAuthDetails.DNSEntry - DNS-Entry to be created (e.g. example.com.)
  • OrderParameters.DNSAuthDetails.DNSValue - Value for DNS-Entry "DNS-Entry" (e.g. "20160218214448")
  • OrderParameters.FileAuthDetails - Information for the validation via file auth (DVAuthMethod FILE)
  • OrderParameters.FileAuthDetails.FileName - File name
  • OrderParameters.FileAuthDetails.FilePath - File path
  • OrderParameters.FileAuthDetails.FileContents - Content of the File

/ApproverEmail/:CertCenterOrderID

Changing a approvers email address

 

OAuth2 Auth

 Authentication is required for this endpoint.
puthttps://api.certcenter.com/rest/v1/ApproverEmail/CertCenterOrderID
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.UpdateApproverEmail(req={
 'CertCenterOrderID': 1234567890,
 'ApproverEmail': 'admin@exmaple.com'
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "CertCenterOrderID" => 1234567890,
 "ApproverEmail" => "admin@exmaple.com"
);
print_r( $api->UpdateApproverEmail($request) );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	res, _ := certcenter.PutApproverEmail(&certcenter.PutApproverEmailRequest{
		CertCenterOrderID: 123456789,
		ApproverEmail: "valid-approver@example.com",
	})
	fmt.Println(res)
}
curl -X PUT "https://api.certcenter.com/rest/v1/ApproverEmail/123456789?ApproverEmail=neue@adresse.com" -H "Authorization: Bearer #token#"
{
  "Message": "ApproverEmail successfully changed",
  "success": true
}

Path Params

CertCenterOrderID
int32
required

Query Params

ApproverEmail
string
required

Valid email addresses for approvers can be inquired by using /ApproverList

 

You can use the PUT ApproverEmail Method to change the approver e-mail in an order with Domain Validation if the order is not yet completed.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Message - Message (in case of success & or error)
  • ErrorId - If success=false, an ErrorID can be included

/ApproverEmail/:CertCenterOrderID

Resend verification email to approvers email address

 

OAuth2 Auth

 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/ApproverEmail/CertCenterOrderID
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.ResendApproverEmail(req={
 'CertCenterOrderID': 123456789,
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array( "CertCenterOrderID" => 123456789 );
print_r( $api->ResendApproverEmail($request) );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	res, _ := certcenter.ResendApproverEmail(&certcenter.ResendApproverEmailRequest{
		CertCenterOrderID: 123456789,
	})
	fmt.Println(res)
}
curl -X POST "https://api.certcenter.com/rest/v1/ApproverEmail/123456789" -H "Authorization: Bearer #token#"
{
  "Message": "Validation email resent successfully",
  "success": true
}

Path Params

CertCenterOrderID
int32
required
 

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Message - Message (in case of success & or error)
  • ErrorId - If success=false, an ErrorID can be included

/Orders

Query orders

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Orders
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.Orders(req={
 'Status': 'COMPLETE',
 'ProductType': 'SSL',
 'CommonName': '*.%',
 'Page': 1,
 'ItemsPerPage': 1000,
 'OrderBy': 'ID',
 'OrderDir': 'DESC',
 'includeFulfillment': False,
 'includeOrderParameters': False,
 'includeBillingDetails': False,
 'includeContacts': False,
 'includeOrganizationInfos': False
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
	"Status"=> "COMPLETE",
	"ProductType"=> "SSL",
	"CommonName"=> "*.%",
	"Page"=> 1,
	"ItemsPerPage"=> 1000,
	"OrderBy"=> "ID",
	"OrderDir"=> "DESC",
	"includeFulfillment"=> false,
	"includeOrderParameters"=> false,
	"includeBillingDetails"=> false,
	"includeContacts"=> false,
	"includeOrganizationInfos"=> false
);
print_r( $api->Orders($request) );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.GetOrders(&certcenter.GetOrdersRequest{
    Status: "COMPLETE", // COMPLETE, PENDING, CANCELLED, REVOKED
    ProductType: "SSL", // SSL, CODESIGN, SMIME, TRUSTSEAL
    CommonName: "%",
    IncludeFulfillment: true,
    IncludeOrderParameters: true,
    IncludeBillingDetails: true,
    IncludeContacts: true,
    IncludeOrganizationInfos: true,
  })
  fmt.Println(res)
}
curl "https://api.certcenter.com/rest/v1/Orders?Status=COMPLETE&\
ProductType=SSL&\
CommonName=www.certcenter.com&\
includeFulfillment=true&\
includeOrderParameters=true&\
includeBillingDetails=true&\
includeContacts=true&\
includeOrganizationInfos=true" \
  -H "Authorization: Bearer #token#"
{
  "OrderInfos": [
    {
      "BillingInfo": {
        "Currency": "EUR",
        "Price": 1234.56,
        "Status": "uncleared"
      },
      "CertCenterOrderID": 1234567890,
      "CommonName": "www.certcenter.com",
      "ConfigurationAssessment": {
        "CriteriaVersion": "2009k",
        "Effective": "2015-11-22T16:40:57Z",
        "Engine": "ssllabs/1.20.28",
        "Ranking": "A+"
      },
      "ContactInfo": {
        "AdminContact": {
          "Email": "vorname.nachname@certcenter.com",
          "FirstName": "Vorname",
          "LastName": "Nachname",
          "OrganizationAddress": {
            "AddressLine1": "Bleichstrasse 8",
            "City": "Giessen",
            "Country": "DE",
            "PostalCode": "35390",
            "Region": "Hessen"
          },
          "OrganizationName": "CertCenter AG",
          "Phone": "0641 80899520",
          "Title": "CIO"
        },
        "TechContact": {
          "Email": "vorname.nachname@certcenter.com",
          "FirstName": "Vorname",
          "LastName": "Nachname",
          "OrganizationAddress": {
            "AddressLine1": "Bleichstrasse 8",
            "City": "Giessen",
            "Country": "DE",
            "PostalCode": "35390",
            "Region": "Hessen"
          },
          "OrganizationName": "CertCenter AG",
          "Phone": "0641 80899520",
          "Title": "CIO"
        }
      },
      "Fulfillment": {
        "CSR": "< CSR >",
        "Certificate": "< Certificate >",
        "DownloadLinks": {
          "Certificate": "https://cert.sh/< Hash >/cert",
          "Intermediate": "https://cert.sh/< Hash >/chain",
          "PKCS7": "https://cert.sh/< Hash >/pkcs7"
        },
        "EndDate": "2016-05-10T22:59:59Z",
        "Intermediate": "< Intermediate >",
        "StartDate": "2015-03-12T00:00:00Z"
      },
      "OrderParameters": {
        "PartnerOrderID": "UI-b4156a48aa7480cab6e4ca0xxxxxxxxx",
        "ProductCode": "Symantec.SecureSite",
        "ServerCount": 1,
        "SubjectAltNames": [
          "certcenter.com"
        ],
        "ValidityPeriod": 12
      },
      "OrderStatus": {
        "OrderDate": "2015-03-11T13:20:14Z",
        "UpdateDate": "2015-11-19T18:25:03Z"
        "MajorStatus": "COMPLETE",
        "MinorStatus": "COMPLETED",
        "Progress": 100,
        "StartDate": "2015-03-12T00:00:00Z",
        "EndDate": "2016-05-10T22:59:59Z",
      },
      "OrganizationInfo": {
        "OrganizationAddress": {
          "AddressLine1": "Bleichstrasse 8",
          "City": "Giessen",
          "Country": "DE",
          "Fax": "0641 80899521",
          "Phone": "0641 80899520",
          "PostalCode": "35390",
          "Region": "Hessen"
        },
        "OrganizationName": "CertCenter AG"
      }
    },
  ],
  "_meta": {
    "CommonName": "www.certcenter.com",
    "ItemsAvailable": 1,
    "ItemsPerPage": 10,
    "OrderBy": "ID",
    "OrderDir": "DESC",
    "Page": 1,
    "ProductType": [
      "SSL"
    ],
    "Status": [
      "COMPLETE"
    ]
  },
  "success": true
}

Query Params

Status
string

Filter with the current status. Possible values: COMPLETE, PENDING. Also possible in combination with the status e.g. &Status=COMPLETE, PENDING

ProductType
string

Product Type filter. Possible values: SSL, SMIME, CODESIGN, TRUSTSEAL. Also possible in combination with e.g. &ProductType=SSL, SMIME

CommonName
string

Filter set for the common name. Wildcard values are possible (e.g. "%.certcenter.%") ItemsPerPage - Maximum amount of orders on each page. Standard: 10

Page
int32

Current page. Standard: 1

ItemsPerPage
int32
OrderBy
string

Sorted and listed by these possible columns (comma sparated): ID (CertCenterOrderID), PRODUCT_CODE (ProductCode), TS_VALIDITY_START (period of validity start), TS_VALIDITY_ENDE (end of the validity period)

OrderDir
string

Sort sequence by listing (ASC=Ascending, DESC=descending)

includeFulfillment
boolean

Output should (if applicable) contain Server and Intermediate Certificate.

includeOrderParameters
boolean

Output should include original order details

includeBillingDetails
boolean

Output should include billing details

includeContacts
boolean

Output should include contacts from the certificate

includeOrganizationInfos
boolean

Output should include (if available) the data from the organization

 

Filters are optional. If no Filter is set, no preselection will be made.

Additional Attributes (if includeFulfillment is true)

  • OrderInfos[].Fulfillment - The Fulfillment Structure contains information about the product delivery
  • OrderInfos[].Fulfillment.CSR - Original Certificate Signing Request (CSR), which was used to create the certificate
  • OrderInfos[].Fulfillment.Intermediate - The correct Intermediate for your Certificate to complete the certificate chain
  • OrderInfos[].Fulfillment.Certificate - Includes the server certificate (End-Leaf-Certificate)
  • OrderInfos[].Fulfillment.IconScript - Site seal (if available)
  • OrderInfos[].Fulfillment.StartDate - Certificate is not valid until
  • OrderInfos[].Fulfillment.EndDate - Certificate is not valid after
  • OrderInfos[].Fulfillment.DownloadLinks - Contains an anonym link to download the fulfillment Data
  • OrderInfos[].Fulfillment.DownloadLinks.Certificate - Download link for server certificate (PEM)
  • OrderInfos[].Fulfillment.DownloadLinks.Intermediate - Download link for intermediate (PEM)
  • OrderInfos[].Fulfillment.DownloadLinks.PKCS7 - Download link for server certificate and intermediate as PKCS7-Bundle
  • OrderInfos[].Fulfillment.DownloadLinks.IconScript - Download-Link for Site-Seal (if available)

The OrderInfos[].Fulfillment-Data is only available on completed orders and dependent to the product type.

Additional Attributes (If includeOrderParameters is true)

  • OrderInfos[].OrderParameters - Contains basic information of the order
  • OrderInfos[].OrderParameters.PartnerOrderID - Unique Partner OrderID (or automatically generated)
  • OrderInfos[].OrderParameters.ProductCode - Product Code
  • OrderInfos[].OrderParameters.ServerCount - Amount of licenses, 0 for unlimited
  • OrderInfos[].OrderParameters.ValidityPeriod - Period of validity in months
  • OrderInfos[].OrderParameters.SubjectAltNames[] - Subject Alternative Names (Array), if included
  • OrderInfos[].OrderParameters.DVAuthMethod - Only for DV certificates. Possible values: EMAIL, DNS,** - META (deprecated), FILE
  • OrderInfos[].OrderParameters.DNSAuthDetails - Only for DV certificates with DNS validation
  • OrderInfos[].OrderParameters.DNSAuthDetails.DNSEntry - Hostname of the TXT entry
  • OrderInfos[].OrderParameters.DNSAuthDetails.DNSValue - Target-Hostname of the TXT entry
  • OrderInfos[].OrderParameters.FileAuthDetails - Only for DV certificates with File validation
  • OrderInfos[].OrderParameters.FileAuthDetails.FileName - Name of the file, which need to create
  • OrderInfos[].OrderParameters.FileAuthDetails.FilePath - Relative path
  • OrderInfos[].OrderParameters.FileAuthDetails.FileContents - Content of the File
  • OrderInfos[].OrderParameters.FileAuthDetails.PollStatus - current status of the last check
  • OrderInfos[].OrderParameters.FileAuthDetails.LastPollDate - last check for the existence of the file
  • OrderInfos[].OrderParameters.EmailAuthDetails - Only for DV certificates with validation via EMAIL
  • OrderInfos[].OrderParameters.EmailAuthDetails.ApproverMail - E-mail address of the contact person for the validation
  • OrderInfos[].OrderParameters.MetaAuthDetails.* (deprecated) - Only for DV certificates with META-TAG validation
  • OrderInfos[].OrderParameters.MetaAuthDetails.MetaTag - Meta-Tag, which needs to be included in your start page

Additional Attributes (If includeBillingDetails is true)

  • OrderInfos[].BillingInfo - Billing information
  • OrderInfos[].BillingInfo.Price - Price Information
  • OrderInfos[].BillingInfo.Currency - Currency
  • OrderInfos[].BillingInfo.Status - Current billing status. Possible values: cleared, uncleared
  • OrderInfos[].BillingInfo.InvoiceRef - If the "Status" is cleared you will find the related document number.

Additional Attributes (If includeContacts is true)

  • OrderInfos[].ContactInfo - Contact person for the certificate, if available
  • OrderInfos[].ContactInfo.AdminContact - Administrative contact
  • OrderInfos[].ContactInfo.AdminContact.Title - Title, e.g. CIO
  • OrderInfos[].ContactInfo.AdminContact.FirstName - First name
  • OrderInfos[].ContactInfo.AdminContact.LastName - Last Name
  • OrderInfos[].ContactInfo.AdminContact.Phone - Phone number of contact person
  • OrderInfos[].ContactInfo.AdminContact.OrganizationName - Name of the organization (for OV/EV-- Certificates)
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress - Address of the organization (for OV/EV-Certificates)
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress.AddressLine1 - 1. Address Line
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress.AddressLine2 - 2. Address Line
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress.PostalCode - Postal code
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress.City - City
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress.Region - State
  • OrderInfos[].ContactInfo.AdminContact.OrganizationAddress.Country - Country (ISO code)
  • OrderInfos[].ContactInfo.TechContact - Details similar to the Administrative contact
  • OrderInfos[].ContactInfo.TechContact.Title - Title, e.g. CIO
  • OrderInfos[].ContactInfo.TechContact.FirstName - First name
  • OrderInfos[].ContactInfo.TechContact.LastName - Last Name
  • OrderInfos[].ContactInfo.TechContact.Phone - Phone number of contact person
  • OrderInfos[].ContactInfo.TechContact.OrganizationName - Name of the organization (for OV/EV-Certificates)
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress - Address of the organization (for OV/EV-Certificates)
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress.AddressLine1 - 1. Address Line
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress.AddressLine2 - 2. Address Line
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress.PostalCode - Postal code
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress.City - City
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress.Region - State
  • OrderInfos[].ContactInfo.TechContact.OrganizationAddress.Country - Country (ISO code)

Additional Attributes (If includeOrganizationInfos is true)

  • OrderInfos[].OrganizationInfo - If required by the product type (EV/OV), organization information
  • OrderInfos[].OrganizationInfo.OrganizationName - Name of the Organization
  • OrderInfos[].OrganizationInfo.OrganizationAddress - Address details of the Organization
  • OrderInfos[].OrganizationInfo.OrganizationAddress.AddressLine1 - 1. Address Line
  • OrderInfos[].OrganizationInfo.OrganizationAddress.AddressLine2 - 2. Address Line
  • OrderInfos[].OrganizationInfo.OrganizationAddress.PostalCode - Postal code
  • OrderInfos[].OrganizationInfo.OrganizationAddress.City - City
  • OrderInfos[].OrganizationInfo.OrganizationAddress.Region - State
  • OrderInfos[].OrganizationInfo.OrganizationAddress.Country - Country (ISO code)
  • OrderInfos[].OrganizationInfo.OrganizationAddress.Phone - Phone number of the organization
  • OrderInfos[].OrganizationInfo.OrganizationAddress.Fax - Fax number for the organization

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • OrderInfos[]._meta (deprecated) - Meta-Data of the search and search results
  • OrderInfos[]._meta.CommonName - Search for this CommonName
  • OrderInfos[]._meta.ItemsAvailable - Total of search results
  • OrderInfos[]._meta.ItemsPerPage - Desired results each page
  • OrderInfos[]._meta.Page - Chosen page
  • OrderInfos[]._meta.OrderBy - Desired sorting
  • OrderInfos[]._meta.OrderDir - Desired order sequence
  • OrderInfos[]._meta.ProductType[] - Filter for product type (Array)
  • OrderInfos[]._meta.Status[] - Filter for status (Array)
  • OrderInfos[] - Array with search results
  • OrderInfos[].CertCenterOrderID - Unique CertCenter Order ID
  • OrderInfos[].CommonName - Common name of the certificate
  • OrderInfos[].OrderStatus.OrderDate - Date of the order
  • OrderInfos[].OrderStatus.UpdateDate - Last order update
  • OrderInfos[].OrderStatus.MajorStatus - Primary order status
  • OrderInfos[].OrderStatus.MinorStatus - Secondary order status
  • OrderInfos[].OrderStatus.Progress - Status in percent
  • OrderInfos[].OrderStatus.StartDate - Certificate is not valid until (Status COMPLETE)
  • OrderInfos[].OrderStatus.EndDate - Certificate is not valid after (Status COMPLETE)
  • OrderInfos[].ConfigurationAssessment - Information to the SSL labs scan
  • OrderInfos[].ConfigurationAssessment.CriteriaVersion - Version of the SSL labs criteria
  • OrderInfos[].ConfigurationAssessment.Effective - Time of the scan
  • OrderInfos[].ConfigurationAssessment.Engine - Current SSL labs Version
  • OrderInfos[].ConfigurationAssessment.Ranking - Current Ranking

The OrderInfos[].ConfigurationAssessment - Data available 4-5 days after the certificate was issued.

/ModifiedOrders

Get modified orders based on a time span

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/ModifiedOrders
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.ModifiedOrders(req={
 'FromDate': '2017-02-01T00:00:00Z',
 'ToDate': '2017-02-02T00:00:00Z',
 'includeFulfillment': False,
 'includeOrderParameters': False,
 'includeBillingDetails': False,
 'includeContacts': False,
 'includeOrganizationInfos': False
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "FromDate"=>"2017-02-01T00:00:00Z",
 "ToDate"=>"2017-02-2T00:00:00Z",
 "includeFulfillment"=> false,
 "includeOrderParameters"=> false,
 "includeBillingDetails"=> false,
 "includeContacts"=> false,
 "includeOrganizationInfos"=> false
);
print_r( $api->ModifiedOrders($request) );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	res, _ := certcenter.GetModifiedOrders(&certcenter.GetModifiedOrdersRequest{
		FromDate: time.Now().Add(-10 * time.Minutes),
		ToDate: time.Now(),
		IncludeFulfillment: true,
		IncludeOrderParameters: true,
		IncludeBillingDetails: true,
		IncludeContacts: true,
		IncludeOrganizationInfos: true,
	})
	fmt.Println(res)
}
curl "https://api.certcenter.com/rest/v1/ModifiedOrders?\
FromDate=2015-11-21T00:00:00Z&ToDate=2015-11-22T00:00:00Z" \
  -H "Authorization: Bearer #token#"
{
  "OrderInfos": [Array of OrderInfos],
  "success": true
}

Query Params

FromDate
date
required

Format: 2015-11-20T00:00:00Z

ToDate
date
required

Format: 2015-11-20T00:00:00Z

includeFulfillment
boolean

Output should include (if available) the server and intermediate certificate

includeOrderParameters
boolean

Output should include the original order data

includeBillingDetails
boolean

Output includes billing details

includeContacts
boolean

Output should include contact person from the certificate

includeOrganizationInfos
boolean

Output should include (if available) the organization data

 

The main part of the certificate administration and the ongoing life-cycle process is to detect certificates status changes in time and to synchronize with your local database. To get this information you can use this particular method. The period FromDate and ToDate should always represent the time between the last query and the current time.

FromDate = Timestamp of last successful query
ToDate = Current timestamp

Response Attributes

The resulting attributes from this inquiry are not going to be documented again due to the matching OrderInfo-Structure in Listing Orders.

/Order/:CertCenterOrderID

Inquire details about a particular order

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Order/CertCenterOrderID
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.GetOrder(req={
 'CertCenterOrderID': 123456789,
 'includeFulfillment': False,
 'includeOrderParameters': False,
 'includeBillingDetails': False,
 'includeContacts': False,
 'includeOrganizationInfos': False
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "CertCenterOrderID"=> 123456789,
 "includeFulfillment"=> true,
 "includeOrderParameters"=> true,
 "includeBillingDetails"=> true,
 "includeContacts"=> true,
 "includeOrganizationInfos"=> true
);
print_r( $api->GetOrder($request) );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	res, _ := certcenter.GetOrder(&certcenter.GetOrderRequest{
		CertCenterOrderID: 123456789,
		IncludeFulfillment: true,
		IncludeOrderParameters: true,
		IncludeBillingDetails: true,
		IncludeContacts: true,
		IncludeOrganizationInfos: true,
	})
	fmt.Println(res)
}
curl "https://api.certcenter.com/rest/v1/Order/123456789?\
includeFulfillment=False&\
includeBillingDetails=False&\
includeContacts=False&\
includeOrderParameters=False&\
includeOrganizationInfos=False" \
  -H "Authorization: Bearer #token#"
{
  "OrderInfo": { <OrderInfo-Structure matching to /Orders> },
  "success": true
}

Path Params

CertCenterOrderID
int32
required

Unique ID of Certificate

Query Params

includeFulfillment
boolean

Listing should include (if available) the server and intermediate certificate

includeOrderParameters
boolean

Listing should include the original order data

includeBillingDetails
boolean

Listing includes billing details

includeContacts
boolean

Listing should include contact person from the certificate

includeOrganizationInfos
boolean

Listing should include (if available) the organization data

 

include*-Filters are optional.
If no filter is set, no selection can be carried out.

Response attributes

The resulting attributes from this inquiry are not going to be documented again due to the matching OrderInfo-Structure in /Orders.

/Order/:CertCenterOrderID

Canceling a particular order

 

OAuth2 Auth

 Authentication is required for this endpoint.
deletehttps://api.certcenter.com/rest/v1/Order/CertCenterOrderID
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.CancelOrder(req={
 'CertCenterOrderID': 1234567890
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "CertCenterOrderID" => 1234567890
);
print_r( $api->CancelOrder($request) );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	res, _ := certcenter.DeleteOrder(&certcenter.DeleteOrderRequest{
		CertCenterOrderID: 123456789,
	})
	fmt.Println(res)
}
curl -X DELETE "https://api.certcenter.com/rest/v1/Order/123456789" -H "Authorization: Bearer #token#"
{
  "Message": "Order has been successfully cancelled",
  "success": true
}

Path Params

CertCenterOrderID
int32
required
 

Certificates may be canceled free of charge before issuance, or up to 30 days afterward. Cancellation of orders older than 30 days will not be refunded and will be charged as normal. Please be aware that there could be a delay in the cancellation of issued certificates due to a rigorous verification process.

/Reissue

Reissue a particular certificate

 

OAuth2 Auth

 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/Reissue
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.Reissue(req={
  'CertCenterOrderID': 123456789,
  'OrderParameters': {
    'SignatureHashAlgorithm': 'SHA256-FULL-CHAIN',
    'DVAuthMethod': 'EMAIL',
    'CSR': "#CSR#"
  },
})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "CertCenterOrderID"=> 123456789,
 "OrderParameters"=> Array(
  "SignatureHashAlgorithm"=> "SHA256-FULL-CHAIN",
  "DVAuthMethod"=> "EMAIL",
  "CSR"=> "#CSR#"
 )
);
print_r( $api->Reissue($request) );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	res, _ := certcenter.Reissue(&certcenter.ReissueRequest{
		CertCenterOrderID: 123456789,
		OrderParameters:certcenter.ReissueOrderParameters{
			CSR: "#CSR#",
			DVAuthMethod: "EMAIL",
			SignatureHashAlgorithm: "SHA256-FULL-CHAIN",
		},
		ReissueEmail: "valid-approver@example.com",
	})
	fmt.Println(res)
}
curl "https://api.certcenter.com/rest/v1/Reissue" \
  -H "Authorization: Bearer #token#"
  -d '{
  "CertCenterOrderID": 1234567890,
  "OrderParameters": {
    "CSR": "#CSR#",
    "DVAuthMethod": "EMAIL",
    "SignatureHashAlgorithm": "SHA256-FULL-CHAIN"
  },
  "ReissueEmail": "administrator@commonna.me"
}'
{
  "Message": "Reissue initiated",
  "success": true
}

Body Params

OrderParameters
object
required
 
ReissueEmail
string
required

If the DVAuthMethod wasn’t set to e-mail while ordering, but you want to change the validation method to e-mail for reissue, you can submit a valid* approver e-mail. If no e-mail was chosen, the e-mail address of the administrative contact will be set automatically.

 

*Valid email addresses for the approver can be inquired by calling /ApproverList.

Detailed Description of OrderParameters used in /Reissue

  • CertCenterOrderID - Unique ID of certificate
  • ReissueEmail - If the DVAuthMethod wasn’t set to e-mail while ordering, but you want to change the validation method to e-mail for reissue, you can submit a valid* approver e-mail. If no e-mail were chosen, the e-mail address of the administrative contact would be set automatically.
  • OrderParameters.CSR - Certificate Signing Request (CSR). Please be aware that apart from a new CSR, a new private key should be generated.
  • OrderParameters.DVAuthMethod - Desired validation method
  • OrderParameters.SignatureHashAlgorithm - Depending on the key and encryption algorithms (RSA, ECC, DSA) that were used to create the private key, you can choose the Signature Hashing Algorithms for the server certificate and the root certificate:
Hashing Algorithm
Description

SHA256-FULL-CHAIN

Standard & recommended for RSA:
SHA256-bit RSA server certificate with RSA SHA256-bit Intermediate and SHA256-bit RSA root

SHA256-ECC-HYBRID

Standard & recommended for ECC:
SHA256-bit ECC Server certificate with ECC SHA256-bit Intermediate and SHA256-bit RSA-root (=highest compatibility with devices and security standards)

SHA2-256

Only Symantec, Thawte, GeoTrust, RapidSSL:
SHA256-bit RSA Server Certificate with RSA SHA256-bit Intermediate and SHA-1 RSA root

SHA256-ECC-FULL

Only Symantec:
SHA256-bit ECC server certificate with ECC-chain und ECC-root (Attention EV certificates: Green Address bar not visible in Firefox !)

Response attributes

The resulting attributes from this inquiry are not going to be documented again due to the matching OrderInfo-Structure in /Orders.

IMPORTANT

Reissuing a certificate does not imply a proper revocation. That means that the reissued certificate stays active afterward. Thus we highly recommend revoking the old certificate after the new one has been deployed successfully.

/Revoke/:CertCenterOrderID

Revoke a particular certificate

 

OAuth2 Auth

 Authentication is required for this endpoint.
deletehttps://api.certcenter.com/rest/v1/Revoke/CertCenterOrderID
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
 'CertCenterOrderID': 123456789,
 'RevokeReason': 'Key compromised',
 'Certificate': "#CRT#",
}
res = api.Revoke(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
	"CertCenterOrderID"=> 1234567890,
	"RevokeReason"=> "Key compromised",
	"Certificate"=> "#CRT#",
);
print_r( $api->Revoke($request) );
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
	certcenter.Bearer = "#token#"
	res, _ := certcenter.Revoke(&certcenter.RevokeRequest{
		CertCenterOrderID: 123456789,
		RevokeReason: "Key compromised",
		Certificate: "#PEM-encoded-X.509-Certificate#",
	})
	fmt.Println(res)
}
curl -X DELETE 'https://api.certcenter.com/rest/v1/Revoke/123456789' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer #token#' \
  -d '{ "RevokeReason": "Key compromised", "Certificate": "#CRT#" }'
{
  "Message": "Revocation has been requested!",
  "success": true
}

Path Params

CertCenterOrderID
int32
required

Query Params

RevokeReason
string
required

Reason for the revocation (if possible in English). e.g. "Key compromised"

Certificate
string
required

Certificate in PEM-encoded format

 

A certificate should be revoked if a private key has been compromised or if the reissue was successful and the new certificate has been issued.

WARNING

A revocation request will add the specified certificate to a restriction list (OCSP and CRL) so that browsers and other clients won’t see it as a valid certificate. Please make sure that you already deployed a replacement certificate before revoking the old certificate.

/ValidateName

Check a CommonName against the black list (AlwaysOnSSL only!)

 

OAuth2 Auth

 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/ValidateName
import CertCenter
api = CertCenter.CertAPI()
api.setBearer("#token#")
res = api.ValidateName(req={"CommonName":"www.example.com"})
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$res = $api->ValidateName(Array("CommonName"=>"dvtest.alwaysonssl.com"));
print_r($res);
?>
package main

import (
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.ValidateName(&certcenter.ValidateNameRequest{
    CommonName: "www.example.com",
    GeneratePrivateKey: true,
  })
  fmt.Println(res)
}
curl -X POST 'https://api.certcenter.com/rest/v1/ValidateName' -H 'Content-Type: application/json' -H 'Authorization: Bearer #token#' -d '{ "CommonName": "www.example.com" }'
{
  "success": true,
  "IsQualified": true
}

Body Params

CommonName
string
required

The full host name (FQDN) you want to protect

GeneratePrivateKey
boolean

Whether to generate the private key and CSR. We recommend to NOT use this key-generation feature in productive environments. Please generate private keys in a secure and private environment.

 

Check if an AlwaysOnSSL certificate can be issued for the given host name.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • IsQualified - Indicates whether the CommonName is qualified to apply for a AlwaysOnSSL certificate.
  • CSR - If GeneratePrivateKey was set to true, this Attribute becomes available and contains a new CSR.
  • PrivateKey - If GeneratePrivateKey was set to true, this Attribute becomes available and contains the new private key.

PRO TIP

Please do not test this method by using a CommonName with "test" in it as this is already a black-listed phrase. So, you won't be successful with a CommonName like "test.example.com".

NOT YET ELIGIBLE?

Please contact your CertCenter Partner Manager to provide free AlwaysOnSSL (Symantec Encryption Everywhere) certificates.

/DNSData

Retrieve appropriate data for DNS-based validation (AlwaysOnSSL only!)

 

OAuth2 Auth

 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/DNSData
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
 "ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
 "CSR": "#CSR#"
}
res = api.DNSData(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "ProductCode"=>"AlwaysOnSSL.AlwaysOnSSL",
 "CSR"=>"#CSR#");
print_r( $api->DNSData($request) );
?>
package main

import (
  "io/ioutil"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  csr, _ := ioutil.ReadFile("csr")
  res, _ := certcenter.DNSData(&certcenter.DNSDataRequest{
    CSR: string(csr),
    ProductCode: "AlwaysOnSSL.AlwaysOnSSL",
  })
  fmt.Println(res)
}
curl -X POST 'https://api.certcenter.com/rest/v1/DNSData' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer #token#' \
  -d '{
  "ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
  "CSR": "#CSR#"
}'
{
  "success": true,
  "DNSAuthDetails": {
    "PointerType": "TXT",
    "DNSEntry": "example.com",
    "DNSValue": "201703152007575dwj94tlmu7robzzmv2pw2b9siflyux8t88qzg",
    "Example": "example.com. IN TXT 5 \"201703152007575dwj94tlmu7robzzmv2pw2b9siflyux8t88qzg\"",
  }
}

Body Params

CSR
string
required

Certificate Signing Request (PEM encoded PKCS#10), generated with a 2048-bit RSA key

ProductCode
string
required

Valid ProductCode: AlwaysOnSSL.AlwaysOnSSL

 

This method is used to retrieve the data for the record, which is required for AlwaysOnSSL Certificates. The DNS TXT-entry plus an address pointer for the CommonName (or even a wildcard) must exist before placing an order.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • DNSAuthDetails
  • DNSAuthDetails.PointerType - Possible value: TXT
  • DNSAuthDetails.DNSEntry - DNS-Entry to be created ("example.com")
  • DNSAuthDetails.DNSValue - Value for the "DNSEntry" (e.g. 201703152007575dwj94tlmu7robzzmv2pw2b9siflyux8t88qzg)
  • DNSAuthDetails.Example - Example record
# To validate www.example.com (or *.example.com), you'll need to create:
example.com. IN TXT "201703152007575dwj94tlmu7robzzmv2pw2b9siflyux8t88qzg"

# To validate bar.example.com, you'll need to create:
bar.example.com. IN TXT "201703152007575dwj94tlmu7robzzmv2pw2b9siflyux8t88qzg"

# To validate www.bar.example.com, you'll need to create:
bar.example.com. IN TXT "201703152007575dwj94tlmu7robzzmv2pw2b9siflyux8t88qzg"

# To validate foo.bar.example.com, you'll need to create:
foo.bar.example.com. IN TXT "201703152007575dwj94tlmu7robzzmv2pw2b9siflyux8t88qzg"

DNS CONFIGURATION

Please do not forget to create a valid address pointer for your CommonName (or even a wildcard) plus the TXT-record to make sure that the order can be carried out, correctly. Espacially for development purposes, it's highly recommended using a very short TTL (e.g. 5 seconds) for your TXT-record.

/DNSData usage examples

Please not that there is a tutorial available for the DNS-based domain validation process.
You may also find our latest /DNSData usage example at GitHub:
https://github.com/CertCenter/goCertCenter/tree/master/examples

NOT YET ELIGIBLE?

Please contact your CertCenter Partner Manager to provide free AlwaysOnSSL (Symantec Encryption Everywhere) certificates.

/FileData

Retrieve appropriate data for FILE-based validation (AlwaysOnSSL only!)

 

OAuth2 Auth

 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/FileData
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
 "ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
 "CSR": "#CSR#"
}
res = api.FileData(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "ProductCode"=>"AlwaysOnSSL.AlwaysOnSSL",
 "CSR"=>"#CSR#");
print_r( $api->FileData($request) );
?>
package main

import (
  "io/ioutil"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  csr, _ := ioutil.ReadFile("csr")
  res, _ := certcenter.FileData(&certcenter.FileDataRequest{
    CSR: string(csr),
    ProductCode: "AlwaysOnSSL.AlwaysOnSSL",
  })
  fmt.Println(res)
}
curl -X POST 'https://api.certcenter.com/rest/v1/FileData' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer #token#' \
  -d '{
  "ProductCode": "AlwaysOnSSL.AlwaysOnSSL",
  "CSR": "#CSR#"
}'
{
  "success": true,
  "FileAuthDetails": {
    "FileName": "fileauth.txt",
    "FilePath": "/.well-known/pki-validation",
    "FileContents": "20160817082955250uyhevt9xaauim6pvk4yx5p50su4z2u8atievmbgk3r7gppp"
  }
}

Body Params

CSR
string
required

Certificate Signing Request (PEM encoded PKCS#10), generated with a 2048-bit RSA key

ProductCode
string
required

Valid ProductCode: AlwaysOnSSL.AlwaysOnSSL

 

This method allows you to retrieve required information about the desired file name and its content. If the specified file does not exist during the order or even the hash is incorrect, your order request could not be processed.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • FileAuthDetails - Structure with information about filename and content (if DVAuthMethod is FILE)
  • FileAuthDetails.FileContents - Hash which you shall use in the desired file.
  • FileAuthDetails.FileName - Name of the desired file.
  • FileAuthDetails.FilePath - Local, relative path of the desired file.

Get rid of the files required to get domains verified

Use CertCenter's free and open source Apache Module mod_fauth to get rid of the validation files on customers webspace. This particular Apache Module automatically determines the required hashes and submits those to the requesting vetting agent. Learn more

/FileData usage examples

Please not that there is a tutorial available for the FILE-based domain validation process.
You may also find our latest /FileData usage example at GitHub:
https://github.com/CertCenter/goCertCenter/tree/master/examples

NOT YET ELIGIBLE?

Please contact your CertCenter Partner Manager to provide free AlwaysOnSSL (Symantec Encryption Everywhere) certificates.

/VulnerabilityAssessment

Configure the Vulnerability Assessment (Symantec certificates, only!)

 

OAuth2 Auth

 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/VulnerabilityAssessment
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
 'CertCenterOrderID': 123456789,
 'ServiceStatus': 'Active',
 'EmailNotificationLevel': "CRITICAL",
}
res = api.VulnerabilityAssessment(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
 "CertCenterOrderID" => 1234567890,
 "ServiceStatus" => "Active",
 "EmailNotificationLevel" => "CRITICAL",
);
print_r( $api->VulnerabilityAssessment($request) );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.VulnerabilityAssessment(&certcenter.VulnerabilityAssessmentRequest{
    CertCenterOrderID: 123456789,
    ServiceStatus: "Active",
    EmailNotificationLevel: "CRITICAL",
  })
  fmt.Println(res)
}
curl -X POST "https://api.certcenter.com/rest/v1/VulnerabilityAssessment" \
  -H "Authorization: Bearer #token#"
  -d '{
  	"CertCenterOrderID": 123456789,
  	"ServiceStatus": "Active",
  	"EmailNotificationLevel": "CRITICAL"
  }'
{
  "Message": "Properties has been successfully modified.",
  "success": true
}

Body Params

CertCenterOrderID
int32
required

Unique order ID of certificate.

ServiceStatus
string
required

Desired status. Possible values: Active (enabled) / Inactive (disabled)

EmailNotificationLevel
string
required

Notification preferences. Possible values: NONE (no notifications), NEW_REPORT (notification for each report), CRITICAL (notify only if there are critical vulnerabilities)

 

Vulnerability Assessment is included in Symantec Secure Site w/ EV, Symantec Secure Site Wildcard, Symantec Secure Site Pro, Symantec Secure Site Pro w/ EV, Symantec Secure Site Pro Wildcard Certificates. Once a week, Symantec tries to find vulnerabilities on the website. You can configure if you want to enable or disable this scan as well as the notification preferences.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Message - Message (in case of success & or error)
  • ErrorId - If success=false, an ErrorID can be included

/VulnerabilityAssessmentRescan/:CertCenterOrderID

Request an On-Demand Rescan

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/VulnerabilityAssessmentRescan/CertCenterOrderID
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = { 'CertCenterOrderID': 123456789 }
res = api.VulnerabilityAssessmentRescan(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array("CertCenterOrderID" => 123456789);
print_r( $api->VulnerabilityAssessmentRescan($request) );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.VulnerabilityAssessmentRescan(
    &certcenter.VulnerabilityAssessmentRescanRequest{
      CertCenterOrderID: 123456789,
    })
  fmt.Println(res)
}
curl -X GET "https://api.certcenter.com/rest/v1/VulnerabilityAssessmentRescan/123456789" -H "Authorization: Bearer #token#"
{
  "Message": "Re-scan has been triggered.",
  "success": true
}

Path Params

CertCenterOrderID
int32
required
 

This method allows you request an on demand vulnerability assessment scan (available at Symantec Secure Site w/ EV, Symantec Secure Site Wildcard, Symantec Secure Site Pro, Symantec Secure Site Pro w/ EV, Symantec Secure Site Pro Wildcard certificates).

/User

Create a new user and assign the desired rights

 

OAuth2 Auth

 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/User
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
  "Username": "userjohndoe",
  "Email": "john@example.com",
  "FullName": "John Doe",
  "Password": "password",
  "Roles": ["PROCUREMENT"],
  "Locale": "US/Pacific",
}
res = api.AddUser(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
  "Username" => "userjohndoe",
  "Email" => "john@example.com",
  "FullName" => "John Doe",
  "Password" => "password",
  "Roles" => Array("PROCUREMENT"),
  "Locale" => "US/Pacific",
);
print_r( $api->AddUser($request) );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.CreateUser(&certcenter.CreateUserRequest{
    certcenter.UserData{
      FullName: "John Doe",
      Email: "john@example.org",
      Username: "johndoes",
      Password: "cOmpL3xx/",
      Roles: []string{"PROCUREMENT"},
      Locale: "en_US",
      Timezone: "US/Pacific",
    },
  })
  fmt.Println(res)
}
curl -X POST 'https://api.certcenter.com/rest/v1/User' \
 -H 'Authorization: Bearer #token#' \
 -d '{
  "Username": "userjohndoe",
  "Email": "john@example.com",
  "FullName": "John Doe",
  "Password": "password",
  "Locale": "US/Pacific",
  "Roles": [
    "PROCUREMENT"
  ]
}'
{
  "success": true,
  "Id": 292932145,
  "FullName": "John Doe",
  "Username": "userjohndoe",
  "Roles": [
    "PROCUREMENT"
  ]
}

Body Params

FullName
string
required

Complete name or description

Email
string
required

Email address linked to the user

Username
string
required

Username

Password
string
required

Password (has to be compliant to the rules of your organization)

Roles
array of strings
required

Assigned roles

Mobile
string

Cellphone number of the user

Timezone
string

Time zone (e.g. "US/Pacific")

Locale
string

Locale for the user (e.g. "de_DE" oder "en_US")

 

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)

/User/:UsernameOrId

Update a particular user

 

OAuth2 Auth

 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/User/UsernameOrId
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
request = {
  "UserNameOrUserId": "1234567",
  "Username": "userjohndoe",
  "Email": "john@example.com",
  "FullName": "John Doe",
  "Password": "password",
  "Roles": ["PROCUREMENT"],
}
res = api.UpdateUser(req=request)
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array(
  "UserNameOrUserId" => "1234567",
  "Username" => "userjohndoe",
  "Email" => "john@example.com",
  "FullName" => "John Doe",
  "Password" => "password",
  "Roles": Array("PROCUREMENT")
);
print_r( $api->UpdateUser($request) );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.UpdateUser(&certcenter.UpdateUserRequest{certcenter.UserData{
    UsernameOrUserId: "1234567",
    FullName: "John Doe",
    Email: "john@example.org",
  }})
  fmt.Println(res)
}
curl -X POST 'https://api.certcenter.com/rest/v1/User/1234567' \
 -H 'Authorization: Bearer #token#' \
 -d '{
  "Username": "userjohndoe",
  "Email": "john@example.com",
  "FullName": "John Doe",
  "Password": "password",
  "Roles": [
    "PROCUREMENT"
  ]
}'
{
  "success": true,
  "Id": 1234567
}

Path Params

UsernameOrId
string
required

Use the username or the unique id of the user

Body Params

FullName
string

Complete name or description

Email
string

Email address linked to the user

Username
string

Username

Password
string

Password (has to be compliant to the rules of your organization)

Roles
array of strings

Assigned roles

Mobile
string

Cellphone number of the user

Timezone
string

Time zone (e.g. "US/Pacific")

Language
string

Language/local for the user (e.g. "de_DE" oder "en_US")

 

To update the user information, you need to HTTP UPDATE the path /User/username with the required rights and submit it via POST just like when you are creating a new user. However, the parameters are optional and not like creating a new user. Please only submit the information that you wish to change. Be aware that the Username cannot be amended.

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)

/User/:UsernameOderUserId

Inquire information about a particular user or even all your users

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/User/UsernameOrId
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.GetUser(req={ "UserNameOrUserId": "1234567" })
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array( "UserNameOrUserId" => "1234567" );
print_r( $api->GetUser($request) );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.GetUser(&certcenter.GetUserRequest{
    certcenter.UserData{
      UsernameOrUserId: "1234567",
    }})
  fmt.Println(res)
}
curl 'https://api.certcenter.com/rest/v1/User/1234567' \
 -H 'Authorization: Bearer #token#'
// Multiple User (= UserInfos)
{
 "success" : true,
 "UserInfos" : [{
   "Timezone" : "Europe/Berlin",
   "SpecialProductAvailability" : false,
   "Scope" : "UI",
   "Id" : 1234567,
   "Active" : true,
   "InsertDate" : 1436814528,
   "Email" : "test@example.com",
   "Language" : "en_US",
   "Roles" : [ "ADMINISTRATOR" ],
   "TwoFactorEnabled" : true,
   "FullName" : "Doe, John",
   "Username" : "johndoe",
   "LastUpdateDate" : 1461537556,
   "LastPasswordChangeDate" : 1461503235
  },
  {..},
  {..}
 ]
}
{
   "UserInfo" : {
      "Timezone" : "Europe/Berlin",
      "SpecialProductAvailability" : false,
      "Scope" : "UI",
      "Id" : 4338928,
      "Active" : true,
      "InsertDate" : 1436814528,
      "Email" : "test@example.com",
      "Language" : "en_US",
      "Roles" : [ "ADMINISTRATOR" ],
      "TwoFactorEnabled" : true,
	  "FullName" : "Doe, John",
	  "Username" : "johndoe",
      "LastUpdateDate" : 1461537556,
      "LastPasswordChangeDate" : 1461503235
   },
   "success" : true
}

Path Params

UsernameOrId
string
required

Optional user indication - Leave blank to get information about all you users.

 

To list all of your users you need to perform a simple GET-Request from the resource. Please use /User to list all users of your organization and /User/johndoe to list a specific user of your organization (please see the sample below).

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • UserInfos - Array of the type UserInfo
  • UserInfo - Structure with the information to the user
  • UserInfo.Id - Specific ID of the user
  • UserInfo.Username - Username
  • UserInfo.FullName - Complete name or description
  • UserInfo.Email - E-mail address
  • UserInfo.Mobile - Cellphone number
  • UserInfo.Scope - Area the user is able to access
  • UserInfo.Active - User active? Possible values: true/false (boolean)
  • UserInfo.Roles - Set roles (Details to the roles)
  • UserInfo.Timezone - Timezone (e.g. "US/Pacific")
  • UserInfo.Locale - Language/local for the user (e.g. "de_DE" or "en_US")
  • UserInfo.SpecialProductAvailability - Products that the user can order (if the correct rights UserInfo.Roles are set for this user)
  • UserInfo.TwoFactorEnabled - Two-factor authentication active? Possible Values: true/false (boolean)
  • UserInfo.InsertDate - Time of creation (Timestamp in UTC)
  • UserInfo.LastUpdateDate - Last Update (Timestamp in UTC)
  • UserInfo.LastPasswordChangeDate - Last Password update (Timestamp in UTC)

/User/:UsernameOrId

Deleting a particular user

 

OAuth2 Auth

 Authentication is required for this endpoint.
deletehttps://api.certcenter.com/rest/v1/User/UsernameOrId
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
res = api.DeleteUser(req={ "UserNameOrUserId": "userjohndoe" })
print repr(res)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();
$request = Array( "UserNameOrUserId" => "userjohndoe" );
print_r( $api->UpdateUser($request) );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.DeleteUser(&certcenter.DeleteUserRequest{
    UsernameOrUserId: "1234567",
  })
  fmt.Println(res)
}
curl -X DELETE 'https://api.certcenter.com/rest/v1/User/userjohndoe' -H 'Authorization: Bearer #token#'
{
  "success": true,
  "Id": 1234567,
  "UserNameOrUserId": "userjohndoe"
}

Path Params

UsernameOrId
string
required

Use the username or the unique id of the user

 

Response Attributes

  • success - Indicator of success. Possible values: true/false (boolean)
  • Id - Unique ID of the user
  • UserNameOrUserId - Submitted username or unique id

/Voucher

Order a new voucher

 

OAuth2 Auth

 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/Voucher
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.CreateVoucher(&certcenter.CreateVoucherRequest{
    OrderParameters:certcenter.OrderParameters{
      ProductCode: "Thawte.SSL123",
      PartnerOrderID: "My voucher order id (optional)",
      ServerCount: 1,
      SubjectAltNameCount: 0,
      ValidityPeriod: 12,
    },
  })
  fmt.Println(res)
}
curl -X POST 'https://api.certcenter.com/rest/v1/Voucher' \
-H 'Authorization: Bearer #token#' \
-d '{ 
 "OrderParameters": {
  "ProductCode": "Thawte.SSL123",
  "PartnerOrderID": "My voucher order id (optional)",
  "ServerCount": 1,
  "SubjectAltNameCount": 0,
  "ValidityPeriod": 12
 }
}'
{
  "VoucherCode" : "LBTJQTLPSJIQ",
  "OrderParameters" : {
    "Price" : 123,
    "Currency" : "EUR",
    "ValidityPeriod" : 12,
    "ServerCount" : 0,
    "PartnerOrderID" : "My voucher order id (optional)",
    "SubjectAltNameCount" : 0,
    "ProductCode" : "Thawte.SSL123"
  },
  "success" : true
}

Body Params

OrderParameters
object
required
 
 

A VoucherCode can be used to create a certificate order without corresponding product types, validity periods, etc. and without further authentication or payments. Useful, e.g., for the custom build, external modules. Eg. WHMCS with cPanel or Plesk's token method. You can also redeem the VoucherCode directly through the CertCenter REST API.

Response Attributes

  • VoucherCode - The generated code you'll need to redeem the voucher
  • OrderParameters.Price - The amount you're paid for after redemption
  • OrderParameters.Currency
  • OrderParameters.ValidtyPeriod - Certificates period of validty
  • OrderParameters.ServerCount - Number of server licenses
  • OrderParameters.PartnerOrderID - Your individual partner order id
  • OrderParameters.SubjectAltNameCount - Number of SAN hosts
  • OrderParameters.ProductCode - Product code

Charging for vouchers

CertCenter won't charge you for generated voucher codes, but for redeemed certificates. Though, please keep in mind that to create coupons may decrease your limits, respectively.

/Redeem

Redeem a particular VoucherCode

 

OAuth2 Auth

 Authentication is required for this endpoint.
posthttps://api.certcenter.com/rest/v1/Redeem
package main

import (
  "fmt"
  "io/ioutil"
  certcenter "certcenter.com/go"
)

func main() {
  // You don't need to be authenticated to redeem a voucher
  certcenter.Bearer = "#token#"
  csr, _ := ioutil.ReadFile("csr")
  fmt.Println(string(csr))
  res, _ := certcenter.RedeemVoucher(&certcenter.RedeemVoucherRequest{
    VoucherCode: "JDX1UBDC6AA1",
    // You don't need OrganizationInfo on DV orders, except for SSL123.
    OrganizationInfo: &certcenter.OrganizationInfo{
      OrganizationName: "Acme LLC",
      OrganizationAddress: &certcenter.OrganizationAddress{
        AddressLine1: "40 5th Ave",
        Region: "NY",
        PostalCode: "12012",
        Country: "US",
        City: "NY",
        Phone: "+1 121 444444",
      },
    },
    OrderParameters: &certcenter.OrderParameters{
      ProductCode: "Thawte.SSL123",
      CSR: string(csr),
      ValidityPeriod: 12,
      DVAuthMethod: "EMAIL",
      ServerCount: 1,
      // Needs to be a valid approver email address.
      // Inquire valid addresses via /ApproverEmail
      ApproverEmail:"postmaster@example.com",
      SignatureHashAlgorithm: "SHA256-FULL-CHAIN",
    },
    AdminContact: &certcenter.Contact{
      FirstName: "John",
      LastName: "Doe",
      Title: "CEO",
      Phone: "+1 212 999 999",
      Email: "john.doe@example.com",
    },
    TechContact: &certcenter.Contact{
      FirstName: "John",
      LastName: "Doe",
      Title: "CEO",
      Phone: "+1 212 999 999",
      Email: "john.doe@example.com",
    },
  })
  fmt.Println(res)
}
curl -X POST 'https://api.certcenter.com/rest/v1/Redeem' \
 -d '{ 
  "VoucherCode": "KZ61T1JPUK7S",
  "OrderParameters": {
   "ProductCode": "Thawte.SSL123",
   "CSR": "#csr#",
   "ServerCount": 1,
   "ValidityPeriod": 12,
   "ApproverEmail": "domains@certcenter.com",
  },
  "OrganizationInfo": {
  	"OrganizationName": "Acme LLC",
  	"OrganizationAddress": {
  		"AddressLine1": "40 5th Ave",
  		"Region": "NY",
  		"PostalCode": "12012",
  		"Country": "US",
  		"City": "NY",
  		"Phone": "+1 121 444444",
  	},
  },
  "AdminContact": {
  	"FirstName": "John",
  	"LastName": "Doe",
  	"Title": "CEO",
  	"Phone": "+1 212 999 999",
  	"Email": "john.doe@example.com",
  },
  "TechContact": {
  	"FirstName": "John",
  	"LastName": "Doe",
  	"Title": "CEO",
  	"Phone": "+1 212 999 999",
  	"Email": "john.doe@example.com",
  },
 }'
{
  "success": true,
  "Timestamp": "2016-12-31T23:59:59Z",
  "CertCenterOrderID": 1234567890,
  "OrderParameters": {
    "CSR": "#CSR#",
    "ProductCode": "Thawte.SSL123",
    "ServerCount": 0,
    "SignatureHashAlgorithm": "SHA256-FULL-CHAIN",
    "SubjectAltNameCount": 0,
    "ValidityPeriod": 12
  }
}

Body Params

VoucherCode
string
required

Voucher to redeem

OrganizationInfo
object
 
OrderParameters
object
required
 
AdminContact
object
required
 
TechContact
object
required
 
 

The Redeem-method is very similar to the /Order method, except that you'll need to provide a valid VoucherCode and no authentication. Please note that the ProductCode needs to match the ProductCode which has been used while ordering the VoucherCode through /Voucher.

/Vouchers

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Vouchers
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
x = api.Vouchers()
print repr(x)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();

print_r( $api->Vouchers() );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.GetVouchers()
  fmt.Println(res.Vouchers[0].OrderParameters)
}
curl 'https://api.certcenter.com/rest/v1/Vouchers' -H 'Authorization: Bearer #token#'
{
  "Vouchers": [
    {
      "CreationDate": "2017-01-01T00:00:00Z",
      "OrderParameters": {
        "Currency": "EUR",
        "Price": 123,
        "ProductCode": "RapidSSL",
        "ServerCount": 1,
        "SubjectAltNameCount": 0,
        "ValidityPeriod": 12
      },
      "Redeemed": false,
      "VoucherCode": "0L8AVQ4TTHTN"
    },
  ],
  "success": true
}
 

Retrieve all your VoucherCodes and related information about your Voucher orders. Use /Voucher/:VoucherCode to only retrieve the information for a particular voucher.

Response Attributes

  • Vouchers - An array of objects containing information about your vouchers
  • Vouchers.VoucherCode - The VoucherCode
  • Vouchers.Redeemed - Indicates whether the voucher has already been redeemed. Possible values: true/false (boolean)
  • Vouchers.CreationDate - The creation date of the voucher
  • Vouchers.OrderParameters - An object containing information about the order parameters
  • Vouchers.OrderParameters.Price - Your base price of this order
  • Vouchers.OrderParameters.Currency - The associated currency
  • Vouchers.OrderParameters.ProductCode - ProductCode which can be ordered with /Redeem
  • Vouchers.OrderParameters.ServerCount - Server licenses
  • Vouchers.OrderParameters.SubjectAltNameCount - Number of non-wildcard SANs
  • Vouchers.OrderParameters.ValidityPeriod - Validity period in months (12, 24)

/Voucher/:VoucherCode

Fetch information for a VoucherCode

 

OAuth2 Auth

 Authentication is required for this endpoint.
gethttps://api.certcenter.com/rest/v1/Voucher/VoucherCode
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
x = api.GetVoucher("0L8AVQ5TTHTN")
print repr(x)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();

print_r( $api->GetVoucher("0L8AVQ5TTHTN") );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.GetVoucher("0L8AVQ5TTHTN")
  fmt.Println(res.Vouchers[0].OrderParameters)
}
curl 'https://api.certcenter.com/rest/v1/Voucher/0L8AVQ5TTHTN' \
-H 'Authorization: Bearer #token#'
{
  "Vouchers": [
    {
      "CreationDate": "2017-01-01T00:00:00Z",
      "OrderParameters": {
        "Currency": "EUR",
        "Price": 123,
        "ProductCode": "RapidSSL",
        "ServerCount": 1,
        "SubjectAltNameCount": 0,
        "ValidityPeriod": 12
      },
      "Redeemed": false,
      "VoucherCode": "0L8AVQ5TTHTN"
    },
  ],
  "success": true
}

Path Params

VoucherCode
string
required

A VoucherCode which you want to inquire information about

 

Retrieve a particular VoucherCode and related information about your order.

Response Attributes

  • Vouchers - An array of objects containing information about your vouchers
  • Vouchers.VoucherCode - The VoucherCode
  • Vouchers.Redeemed - Indicates whether the voucher has already been redeemed. Possible values: true/false (boolean)
  • Vouchers.CreationDate - The creation date of the voucher
  • Vouchers.OrderParameters - An object containing information about the order parameters
  • Vouchers.OrderParameters.Price - Your base price of this order
  • Vouchers.OrderParameters.Currency - The associated currency
  • Vouchers.OrderParameters.ProductCode - ProductCode which can be ordered with /Redeem
  • Vouchers.OrderParameters.ServerCount - Server licenses
  • Vouchers.OrderParameters.SubjectAltNameCount - Number of non-wildcard SANs
  • Vouchers.OrderParameters.ValidityPeriod - Validity period in months (12, 24)

/Voucher/:VoucherCode

Invalidate a particular VoucherCode

 

OAuth2 Auth

 Authentication is required for this endpoint.
deletehttps://api.certcenter.com/rest/v1/Voucher/VoucherCode
import CertCenter
api = CertCenter.CertAPI()
api.setBearer('#token#')
x = api.DeleteVoucher("JDX1UBDC6AA1")
print repr(x)
<?php
require_once 'CertCenter.inc.php';
use CertCenter\RESTful as ccAPI;
$api = new ccAPI();

print_r( $api->DeleteVoucher("JDX1UBDC6AA1") );
?>
package main

import (
  "fmt"
  certcenter "certcenter.com/go"
)

func main() {
  certcenter.Bearer = "#token#"
  res, _ := certcenter.DeleteVoucher("JDX1UBDC6AA1")
  fmt.Println(res)
}
curl -X DELETE 'https://api.certcenter.com/rest/v1/Voucher/JDX1UBDC6AA1' \
-H 'Authorization: Bearer #token#'
{
  "Message" : "Voucher JDX1UBDC6AA1 has been voided!",
  "success" : true
}
{
  "Message": "VoucherCode does not exist or has already been redeemed",
  "ErrorId": 403,
  "success": false
}

Path Params

VoucherCode
string
required

The VoucherCode you want to delete

 

Allows you to invalidate a particular voucher.

/Voucher/*/:VoucherCode

Allows a 3rd party to get information about a particular VoucherCode w/o authentication

 
gethttps://api.certcenter.com/rest/v1/Voucher/*/VoucherCode
curl 'https://api.certcenter.com/rest/v1/Voucher/*/0L8AVQ5TTHTN'
{
  "Vouchers": [
    {
      "OrderParameters": {
        "ProductCode": "RapidSSL",
        "ServerCount": 1,
        "SubjectAltNameCount": 0,
        "ValidityPeriod": 12
      },
    },
  ],
  "success": true
}
// Occures if a voucher does not exists,
// has been voided or already redeemed.
{
  "Message": "VoucherToken invalid",
  "ErrorId": -2011,
  "success": false
}

Path Params

VoucherCode
string
required

A VoucherCode which you want to inquire information about

 

Retrieve a particular VoucherCode and related information about your order. This method is very similar to /Voucher/:VoucherCode, except that it allows anonymous access and the result contains less information (e.g., no price, currency, status).

Response Attributes

  • Vouchers - An array of objects containing information about your vouchers
  • Vouchers.VoucherCode - The VoucherCode
  • Vouchers.OrderParameters - An object containing information about the order parameters
  • Vouchers.OrderParameters.ProductCode - ProductCode which can be ordered with /Redeem
  • Vouchers.OrderParameters.ServerCount - Server licenses
  • Vouchers.OrderParameters.SubjectAltNameCount - Number of non-wildcard SANs
  • Vouchers.OrderParameters.ValidityPeriod - Validity period in months (12, 24)

/Order/*/:VoucherCode

Allows a 3rd party to get information about a particular Order (based on a Voucher) w/o authentication

 
gethttps://api.certcenter.com/rest/v1/Order/*/VoucherCode
curl 'https://api.certcenter.com/rest/v1/Order/*/0L8AVQ5TTHTN'
Try the API to see results

Path Params

VoucherCode
string
required

A VoucherCode which you want to inquire information about

 

This method allows you to get information about a particular Order, initiated by /Redeem. You don't need to be authenticated to call this method because the most 3rd-party apps (like cPanel, Plesk) need order statuses for their voucher-based Orders and they don't have proper authentication information as the authentication and VoucherOrder took place on a different spot (e.g., at WHMCS).

Response Attributes

Please see /Order/:CertCenterOrderID as it behaves the same.