Overview
HTTP verbs
RESTful notes tries to adhere as closely as possible to standard HTTP and REST conventions in its use of HTTP verbs.
| Verb | Usage |
|---|---|
|
Used to retrieve a resource |
|
Used to create a new resource |
|
Used to update an existing resource, including partial updates |
|
Used to delete an existing resource |
HTTP status codes
RESTful notes tries to adhere as closely as possible to standard HTTP and REST conventions in its use of HTTP status codes.
| Status code | Usage |
|---|---|
|
The request completed successfully |
|
A new resource has been created successfully. The resource’s URI is available from the response’s
|
|
An update to an existing resource has been applied successfully |
|
The request was malformed. The response body will include an error providing further information |
|
The requested resource did not exist |
Authorization
All API methods require HTTP headers for authentication. In addition, some API methods require certificate authentication as well. There are three authentication styles used by the API methods.
User Login via Password
Most API methods use this authentication style.
The required HTTP headers are:
| Header name | Description |
|---|---|
|
User login name |
|
User password |
|
Customer URI part |
User Login via Certificate
This can be used for all API methods except the APIs requiring Developer Login and is required by some APIs. In addition to the HTTP headers described below, the requests must have 'private' suffix in the URL, i.e. https://cert-manager.com/private/api/ssl/v1/types.
The required HTTP headers are:
| Header name | Description |
|---|---|
|
User login name |
|
Customer URI part |
Developer Login
Some APIs require this authentication style since a developer doesn’t need a user account. The required HTTP headers are:
| Header name | Description |
|---|---|
|
Developer email address |
|
Developer password |
|
Customer URI part |
Errors
Whenever an error response (status code >= 400) is returned, the body will contain a JSON object that describes the problem. The error object has the following structure:
| Path | Type | Description |
|---|---|---|
|
|
Error code |
|
|
Error message |
For example, a request that attempts to access resource with bad credentials will produce a
401 Unauthorized response:
HTTP/1.1 401 Unauthorized
Content-Type: application/json
Content-Length: 41
{"code":-16,"description":"Unknown user"}Possible values for JSON object fields include:
| Error code | Error message |
|---|---|
-1 |
Unknown error. |
-2 |
Internal error. Please contact Support for details. |
-3 |
You are not authorized to perform {0}. |
-7 |
{0} is required but missing. |
-9 |
Unknown notification type: {0} |
-9 |
The CSR is not valid Base-64 data! |
-10 |
Error while decoding CSR. |
-11 |
The CSR uses an unsupported algorithm! |
-13 |
The CSR uses an unsupported key size! |
-14 |
Unknown error. |
-25 |
You are not authorized to execute {0} |
-35 |
The Server type is invalid! |
-36 |
The validity period (term) is invalid for this certificate profile. |
-37 |
Access denied. |
-39 |
{0} |
-39 |
The certificate profile id is invalid! |
-43 |
Internal error while decrypting. |
-44 |
Error while generating key pair with open SSL |
-62 |
Missing mandatory custom field! |
-62 |
Invalid IP address {0} |
-64 |
Optional field 'name' is invalid! |
-65 |
Internal error {0}. Please contact Support for details. |
-76 |
KU/EKU template is not allowed for customer. |
-78 |
The public key is invalid or not supported. |
-102 |
Only issued certificates could be revoked. |
-103 |
Certificate has not been collected yet. |
-105 |
Person not found. |
-105 |
Error was occurred while renewing cert. Status = {0} |
-107 |
Domain Control Validation is either incomplete or expired for {0}. Please complete it before requesting a certificate. |
-109 |
Certificate is not available now, please try again later. |
-110 |
Certificate has been revoked and cannot be downloaded. |
-111 |
No certificate profile found by id {0} |
-123 |
SSL Certificate to renew is invalid (null) |
-124 |
Wrong SSL certificate id. |
-126 |
Unknown SSL certificate file format requested: {0} |
-129 |
Connection error while applying certificate. |
-130 |
SSL state is not ''ISSUED'': {0} |
-131 |
Custom fields limit exceeded for customer. |
-134 |
Custom field has to have unique name. |
-135 |
Custom field cannot be found. |
-138 |
Invalid CSR. |
-140 |
CSR decoding temporarily unavailable. Please try again later. |
-141 |
The public key size in the CSR should be {0} bits minimum. |
-159 |
Your certificate already revoked |
-159 |
Custom fields limit has been exceeded for this customer. Only {0} custom fields or fewer are allowed. |
-160 |
You can''t create fields with the same name - {0}! |
-164 |
Certificate cannot be enrolled for a Local Domain and/or Private IP for a validity period exceeding {0}. |
-166 |
Entered data doesn''t match the certificate or no valid certificate found |
-169 |
Certificate is not available, please contact administrator. |
-170 |
Based on the customer configuration, ECC CSRs are not allowed. |
-172 |
The Client Certificate Profile is invalid! |
-176 |
Updating is not possible. List of your Client Certificate Profile was changed by super admin. |
-180 |
This SSL Certificate Profile doesn''t allow renew |
-181 |
Anchor Certificate details do not match to your request. |
-183 |
Certificate is not collectable. |
-184 |
Object has no available customized Client Certificate Profile. |
-185 |
Customized Client Certificate Profile: {0} has no available terms. |
-188 |
This user have already reached the maximum allowed number of valid certificates: {0} |
-194 |
The CSR uses an unsupported key size. |
-195 |
CA is not available now. Please try again later. |
-196 |
Connection error while retrieving DCV email list. |
-213 |
Old password is incorrect |
-219 |
Cannot change the role of the only {0} user. |
-220 |
Password can''t be the same. |
-221 |
Please select at least one Organization/Department for each selected role |
-222 |
Please select roles for the same level |
-223 |
Please select only one Organization/Department for each selected role |
-226 |
This Admin account does not have privileges required to manage ''{0}'' <org>. |
-233 |
You have no privilege to create this admin user. |
-234 |
You have no privilege to modify the privileges of this admin. |
-237 |
Client Admin''s Email is invalid |
-249 |
You cannot update this client admin which has already been deleted. |
-253 |
You have no privilege to modify the role of this admin. |
-255 |
Privilege "Allow DCV" can''t be added to non SSL admins. |
-256 |
You have no privilege to assign DCV privileges. |
-303 |
The range is too wide. Maximum of {0} public ip-port pairs and {1} private ip-port pairs per scan are allowed. |
-304 |
Incorrect format CIDR. |
-305 |
The range of ip-port pairs is too wide. |
-306 |
Domain name {0} exceeds {1} characters limit. |
-410 |
Customer {0} cannot be found. |
-429 |
Customer {0} does not have a login name for CA. |
-500 |
Person name cannot be empty |
-507 |
You can''t change organization for this person.<br> Key escrow of its level has been enabled for either current organization/department or target organization/department. |
-508 |
New person. Please specify name |
-518 |
Unknown email address |
-524 |
You have no privilege to modify the email of this person. |
-607 |
Available Agent(s) are not configured to scan the specified private range(s). |
-615 |
To scan, you must first enter at least one range parameter. |
-618 |
Discovery is currently running. Please try again later. |
-637 |
Available Agent(s) are not configured to scan the specified public range(s). |
-639 |
Supplied orgid invalid.. |
-700 |
Such domain already exists |
-705 |
This operation cannot be performed as the delegation status is other than ‘‘Requested’’. |
-707 |
This domain delegation request has already been deleted. |
-709 |
Please delegate domain to at least one organization or department. |
-711 |
Domain can''t be delegated to deleted organization. |
-712 |
The domain name should be at least {0} characters in length. |
-713 |
The domain name should be at most {0} characters in length. |
-714 |
The domain name should have at least {0} dots. |
-715 |
The domain ''{0}'' is inactive. |
-723 |
<Something> is not a high-level domain. Only high-level domains can be validated. |
-724 |
The request cannot be processed due to ''{0}'' domain validation status. |
-727 |
The domain does not exist. |
-728 |
One or more delegations have been changed by another administrator. Your changes will be ignored. |
-731 |
You do not have sufficient privileges to modify the name of this domain. |
-732 |
Invalid domain name. |
-737 |
The domain(s): {0} are not validated! Please perform the DCV process for them before proceed. |
-738 |
Access denied. You are not allowed to perform the {0} operation on this domain. |
-740 |
This operation cannot be performed due to SSL certificates enrolled for this domain or its subdomains. |
-741 |
Access denied due to a DRAO’s request that has not been approved for domain {0}. Force domain creation is disabled. |
-834 |
The changes of Client Certificate Profile settings will cause the following departments have <br> no available customized Client Certificate Profile, or customized Client Certificate Profiles have no available term or default term: {0} |
-840 |
The changes of Client Certificate Profile settings will cause the under levels have <br> no available customized Client Certificate Profile, or customized Client Certificate Profiles have no available term or default term. |
-843 |
SSL certificate of this type cannot be requested due to ‘{0}’ validation status of the selected organization. |
-951 |
'At least one of the following fields must be filled in: {0}. |
-970 |
Incorrect login credentials. |
-976 |
New password must be between {0} and 32 characters. |
-977 |
New password length must be 32 characters. |
-982 |
New password must not contain Login. |
-1010 |
Domain ''{0}'' is not allowed. |
-1021 |
This operation cannot be performed for Organization ''{0}''. |
-1023 |
Organization ''{0}'' not found. |
-1104 |
Invalid order number {0} |
-1108 |
No valid client certificates found for {0}. |
-1112 |
Certificate can''t be approved cause it has state = {0} |
-1113 |
{0} certificate is not ready to be applied. Current certificate state is {1}. |
-1117 |
The SSL is null. |
-1137 |
The domain(s) {0} have not been validated under the DCV procedure. |
-1138 |
Error while checking size of public key in CSR. |
-1140 |
Since you are a requester of this certificate you can''t approve it. For EV certificates the requester and the approver must not be the same person. |
-1144 |
SSL certificate id: {0} must be re-discovered due to migration need. We are sorry for inconvenience. |
-1148 |
Replace is forbidden for autoinstalled certificates. |
-1400 |
The request is being processed by Sectigo. |
-1450 |
Unsupported certificate format specified: {0} |
-1601 |
Field ''{0}'' has invalid value. |
-1603 |
Error while validating the domain {0} |
-1608 |
DCV is not enabled for this customer. |
-3114 |
This {0} was modified or deleted by another user. |
-3115 |
This {0} was modified or deleted by another user. Please refresh data. |
-3301 |
Invalid scan range: {0} |
-5001 |
You don' t have access to Organization assigned to the Rule |
-5002 |
Assignment rules cannot be empty. |
-5003 |
Cannot delete. An assignment rule has been assigned to the Net Discovery Tasks {0} |
-5101 |
Certificate not found. {0} |
-5109 |
Device Certificate Profile not found. |
Resources
SSL certificates
SSL resource is used to perform operation on SSL Certificates
Get SSL certificate
Get SSL certificate details.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Certificate common name |
|
|
An ID using which this certificate can be renewed or revoked through Enrollment form. Deprecated. Use 'id' instead |
|
|
An ID using which this certificate can be renewed or revoked through Enrollment form |
|
|
An organization which this certificate is associated with |
|
|
The status of this certificate |
|
|
The obsolete parameter for the order identifier under which the certificate request has been processed. backendCertId should be used instead |
|
|
Certificate ID in enrolling backend |
|
|
The name of the issuing CA |
|
|
Information about Certificate Profile this certificate was enrolled from |
|
|
Certificate Profile ID |
|
|
Use secondary organization name |
|
|
Certificate Profile name |
|
|
Certificate Profile description |
|
|
Terms (in days) available for the Certificate Profile |
|
|
Key types available for the Certificate Profile |
|
|
SSL Subtype, available only for managed certificates |
|
|
Term (days) |
|
|
The approver of the request for this certificate |
|
|
The approver ID of the request for this certificate |
|
|
Requester |
|
|
The Requester ID, when available |
|
|
Requested Via |
|
|
External Requester, when available |
|
|
Comments |
|
|
Requested date |
|
|
Approved date |
|
|
Issued date |
|
|
Declined date |
|
|
Expiration date |
|
|
Replaced date |
|
|
Revocation date |
|
|
Revocation reason code provided on revoke to CRL (Mozilla Root Store Policy 2.8 section 6.1.1) Reason code (unspecified (0), keyCompromise (1), affiliationChanged (3), superseded (4), cessationOfOperation (5)) |
|
|
Certificate renewal indicator |
|
|
SSL Serial Number |
|
|
Signature Algorithm |
|
|
Key algorithm (deprecated, see "keyType") |
|
|
Key size (deprecated, see "keyType") |
|
|
Key type. For example: RSA - 2048, EC - P-256. |
|
|
Key Usages |
|
|
Extended Key Usages |
|
|
Subject alternative names |
|
|
Custom fields |
|
|
Custom field name |
|
|
Custom field value |
|
|
Certificate details |
|
|
The subject of the issuing CA certificate |
|
|
The subject of CA certificate |
|
|
The subject alternative names of the issuing CA certificate |
|
|
The MD5 fingerprint of CA certificate |
|
|
The SHA1 fingerprint of CA certificate |
|
|
Auto-Installation Information |
|
|
Auto-Installation state |
|
|
Auto-Installation nodes (planned or already installed to) |
|
|
Node name |
|
|
Node port |
|
|
Auto-Renewal Information |
|
|
Auto-Renewal state |
|
|
Days before expiration to start auto-renewal |
|
|
Suspend Notifications for the certificate |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/67' -i -X GET \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16060' \
-H 'password: Password123' \
-H 'customerUri: cst16060'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 903
{"commonName":"ccmqa.com","sslId":67,"id":67,"orgId":1282,"status":"Issued","orderNumber":7344326,"backendCertId":"7344326","vendor":"Vendor","certType":{"id":1825,"name":"SSL SASP -1407682434","description":"SSL SASP 642461344","terms":[365],"keyTypes":{"RSA":["2048"]},"useSecondaryOrgName":false},"subType":"OV","term":365,"owner":"client-admin-16065 client-admin-16065","ownerId":1339,"requester":"16063_nobody@nobody.comodo.od.ua","requestedVia":"Enrollment Form","comments":"comments","requested":"03/07/2023","expires":"03/06/2024","renewed":false,"serialNumber":"00:0::11::2:2::33","keyAlgorithm":"RSA","keySize":2048,"keyType":"RSA - 2048","subjectAlternativeNames":["ccmqa.com"],"customFields":[{"name":"name1","value":"value1"}],"certificateDetails":{"issuer":"issuer"},"autoInstallDetails":{"state":"Not configured"},"autoRenewDetails":{"state":"Not scheduled"},"suspendNotifications":false}Update SSL certificate
Update SSL certificate.
| You can update only external requesters, comments, custom fields, auto-renewal and suspend notifications. |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
sslId |
Number |
Certificate ID |
[Must be at least 1, Must not be null] |
term |
Number |
Term (days) |
[Must be at least 1] |
certTypeId |
Number |
Certificate Profile ID |
[Must be at least 1] |
orgId |
Number |
Organization ID |
[Must be at least 1] |
commonName |
String |
Certificate common name |
[] |
csr |
String |
Certificate signing request |
[Must match the regular expression: |
externalRequester |
String |
External requester emails, comma-separated |
[] |
comments |
String |
Comments |
[Size must be between 0 and 1024 inclusive] |
subjectAlternativeNames |
Array |
Subject alternative names |
[] |
customFields |
Array |
Custom fields |
[] |
customFields.[].name |
String |
Example of custom field name |
[Must not be null, Size must be between 1 and 256 inclusive] |
customFields.[].value |
String |
Example of custom field value |
[Must not be null, Size must be between 0 and 256 inclusive] |
autoRenewDetails |
Object |
Auto-Renewal Information |
[] |
autoRenewDetails.state |
String |
Auto-Renewal state |
[Allowed values 'Not scheduled' and 'Scheduled'], defaults to 'Not scheduled' |
autoRenewDetails.daysBeforeExpiration |
Number |
Days before expiration to start auto-renewal |
[Must be at least 1], defaults to 30 days. Auto-renewal state must be 'Scheduled' for days to update |
suspendNotifications |
Boolean |
Suspend Notifications for the certificate |
[] |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16347' \
-H 'password: Password123' \
-H 'customerUri: cst16347' \
-H 'Accept: application/json' \
-d '{"sslId":145,"term":365,"certTypeId":1863,"orgId":1399,"commonName":"ccmqa.com","csr":"MIIC1zCCAb8CAQAwgZExCzAJBgNVBAYTAlVBMRIwEAYDVQQIDAljY21xYS5jb20x\nEjAQBgNVBAcMCWNjbXFhLmNvbTESMBAGA1UECgwJY2NtcWEuY29tMRIwEAYDVQQL\nDAljY21xYS5jb20xEjAQBgNVBAMMCWNjbXFhLmNvbTEeMBwGCSqGSIb3DQEJARYP\nYWRtaW5AY2NtcWEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\nsdkqSb/r4zpbi2GCnCRvYo+CbnQg/wRbsObr0m9OXEP1jSTuj8CqJZvTnGjE15fy\npdTGadc40saepghV4gIUOnFpYQRZacSN3VPLxF9rjnLEDBn7mTqbtbvxjhOaiPYz\nZgEa6kOOf851rujvl0WClMuWTIoXM7OmaHZA1NorGc3lag+D+4Tx8j1ry22EphXE\nd+Pm+4Tf/Fshd9Cm1r1JLcnlq0YdkV6ynzeKbUJX1cdYyMrxWTnBy/Tp0dM8FDGY\nMQ3ArQBIaDPGOnq1Gfd/yLrbaQD/j0ntZ4WKIWTlJLAkDu0AySz9Tc+DBCTrGvor\n9tjfWaeQo7CU+pENRyYzEwIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAIBptH2V\nU66GWFt5nHiMZnPRD8r4/JfqDvtPbV+qbXz2G/S+nuw0dhzGb4zCp6INH7UgO21o\nGHqIO2we9o31CmfbfJBptQdcJ0h+b/1Awp/DJulwoNXHgUqq+PbKe2j+QdOTH8EG\nszGnRo3Li9WA+V3LkYi0GkBFKsP5SyKFA/am2A0TRyy9FJ6MaMPkwV397tKJJ+Hu\n0/YfJkwTaK6JGujEQOUBtTU6QmpWjfih5CafxaDFrFkzdPo8by+W8W13T1dvqBcs\nAZtdcEIcajHZ6sF/xEm9Dfui17R8a4kAHx8QD046mEt0/OxAacEURKkJeRQlRgN9\nTSfJ16hdPk69U4M=","externalRequester":"","comments":"comments","customFields":[{"name":"name1","value":"value1"}],"subjectAlternativeNames":["ccmqa.com"]}'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Certificate common name |
|
|
An ID using which this certificate can be renewed or revoked through Enrollment form. Deprecated. Use 'id' instead |
|
|
An ID using which this certificate can be renewed or revoked through Enrollment form |
|
|
An organization which this certificate is associated with |
|
|
The status of this certificate |
|
|
The obsolete parameter for the order identifier under which the certificate request has been processed. backendCertId should be used instead |
|
|
Certificate ID in enrolling backend |
|
|
The name of the issuing CA |
|
|
Information about Certificate Profile this certificate was enrolled from |
|
|
Certificate Profile ID |
|
|
Use secondary organization name |
|
|
Certificate Profile name |
|
|
Certificate Profile description |
|
|
Terms (in days) available for the Certificate Profile |
|
|
Key types available for the Certificate Profile |
|
|
SSL Subtype, available only for managed certificates |
|
|
Term (days) |
|
|
The approver of the request for this certificate |
|
|
The approver ID of the request for this certificate |
|
|
Requester |
|
|
The Requester ID, when available |
|
|
Requested Via |
|
|
External Requester, when available |
|
|
Comments |
|
|
Requested date |
|
|
Approved date |
|
|
Issued date |
|
|
Declined date |
|
|
Expiration date |
|
|
Replaced date |
|
|
Revocation date |
|
|
Revocation reason code provided on revoke to CRL (Mozilla Root Store Policy 2.8 section 6.1.1) Reason code (unspecified (0), keyCompromise (1), affiliationChanged (3), superseded (4), cessationOfOperation (5)) |
|
|
Certificate renewal indicator |
|
|
Signature Algorithm |
|
|
Key algorithm (deprecated, see "keyType") |
|
|
Key size (deprecated, see "keyType") |
|
|
Key type. For example: RSA - 2048, EC - P-256. |
|
|
Key Usages |
|
|
Extended Key Usages |
|
|
Subject alternative names |
|
|
Custom fields |
|
|
Custom field name |
|
|
Custom field value |
|
|
Certificate details |
|
|
The subject of the issuing CA certificate |
|
|
The subject of CA certificate |
|
|
The subject alternative names of the issuing CA certificate |
|
|
The MD5 fingerprint of CA certificate |
|
|
The SHA1 fingerprint of CA certificate |
|
|
Auto-Installation Information |
|
|
Auto-Installation state |
|
|
Auto-Installation nodes (planned or already installed to) |
|
|
Node name |
|
|
Node port |
|
|
Auto-Renewal Information |
|
|
Auto-Renewal state |
|
|
Days before expiration to start auto-renewal |
|
|
Suspend Notifications for the certificate |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 873
{"commonName":"ccmqa.com","sslId":145,"id":145,"orgId":1399,"status":"Requested","orderNumber":7344326,"backendCertId":"7344326","vendor":"Vendor","certType":{"id":1863,"name":"SSL SASP -103115958","description":"SSL SASP 1979121055","terms":[365],"keyTypes":{"RSA":["2048"]},"useSecondaryOrgName":false},"subType":"Multi Domain","term":365,"owner":"client-admin-16352 client-admin-16352","ownerId":1388,"requester":"16350_nobody@nobody.comodo.od.ua","requestedVia":"Enrollment Form","comments":"comments","requested":"03/07/2023","expires":"03/06/2024","renewed":false,"keyAlgorithm":"RSA","keySize":0,"keyType":"RSA","subjectAlternativeNames":["ccmqa.com"],"customFields":[{"name":"name1","value":"value1"}],"certificateDetails":{"issuer":"issuer"},"autoInstallDetails":{"state":"Not configured"},"autoRenewDetails":{"state":"Not scheduled"},"suspendNotifications":false}Listing SSL certificates
List of SSL certificates.
Request parameters
| Parameter | Description |
|---|---|
|
Count of returned entries |
|
Position shift |
|
Common Name filter |
|
Subject Alternative Name filter |
|
Status filter. Possible values: ', 'Invalid', 'Requested', 'Approved', 'Declined', 'Applied', 'Issued', 'Revoked', 'Expired', 'Replaced', 'Rejected', 'Unmanaged' - deprecated, result will be empty, 'SAApproved', 'Init'' |
|
Certificate Profile ID |
|
Discovery status filter. Possible values: 'NotDeployed', 'Deployed' (deprecated, see "requestedVia"). |
|
Vendor filter |
|
Organization ID filter |
|
Install status filter. Possible values: 'NOT_SCHEDULED', 'SCHEDULED', 'STARTED', 'SUCCESSFUL', 'FAILED' |
|
Renewal status filter. Possible values: 'NOT_SCHEDULED', 'SCHEDULED', 'STARTED', 'SUCCESSFUL', 'FAILED' |
|
Issuer filter |
|
Serial Number filter |
|
Requester filter |
|
External Requester filter |
|
Signature Algorithm filter |
|
Key Algorithm filter |
|
Key Size filter (deprecated, see "keyParam") |
|
Key Size / Curve Name filter |
|
SHA1 Hash filter |
|
MD5 Hash filter |
|
Key Usage filter |
|
Extended Key Usage filter |
|
Requested Via filter. Possible values: 'WEB_FORM', 'CLIENT_ADMIN', 'API', 'DISCOVERY', 'IMPORTED', 'SCEP', 'CD_AGENT', 'MS_AGENT', 'MS_CA', 'BULK_REQUEST', 'ACME', 'EST', 'REST' |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1' -i -X GET \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16113' \
-H 'password: Password123' \
-H 'customerUri: cst16113'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of requested ssls |
|
|
SSL ID |
|
|
SSL Common Name |
|
|
SSL Subject Alternative Names |
|
|
SSL Serial Number |
Response headers
| Name | Description |
|---|---|
|
Contains total number of SSL certificates available according to the filtering applied |
Example response
HTTP/1.1 200 OK
X-Total-Count: 1
Content-Type: application/json
Content-Length: 39
[{"sslId":71,"commonName":"ccmqa.com"}]Count SSL certificates
Count SSL certificates available according to the filter applied.
Request parameters
| Parameter | Description |
|---|---|
|
Common Name filter |
|
Subject Alternative Name filter |
|
Status filter. Possible values: ', 'Invalid', 'Requested', 'Approved', 'Declined', 'Applied', 'Issued', 'Revoked', 'Expired', 'Replaced', 'Rejected', 'Unmanaged' - deprecated, result will be empty, 'SAApproved', 'Init'' |
|
Certificate Profile ID |
|
Discovery status filter. Possible values: 'NotDeployed', 'Deployed' (deprecated, see "requestedVia"). |
|
Vendor filter |
|
Organization ID filter |
|
Install status filter. Possible values: 'NOT_SCHEDULED', 'SCHEDULED', 'STARTED', 'SUCCESSFUL', 'FAILED' |
|
Renewal status filter. Possible values: 'NOT_SCHEDULED', 'SCHEDULED', 'STARTED', 'SUCCESSFUL', 'FAILED' |
|
Issuer filter |
|
Serial Number filter |
|
Requester filter |
|
External Requester filter |
|
Signature Algorithm filter |
|
Key Algorithm filter |
|
Key Size filter (deprecated, see "keyParam") |
|
Key Size / Curve Name filter |
|
SHA1 Hash filter |
|
MD5 Hash filter |
|
Key Usage filter |
|
Extended Key Usage filter |
|
Requested Via filter. Possible values: 'WEB_FORM', 'CLIENT_ADMIN', 'API', 'DISCOVERY', 'IMPORTED', 'SCEP', 'CD_AGENT', 'MS_AGENT', 'MS_CA', 'BULK_REQUEST', 'ACME', 'EST', 'REST' |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1' -i -X HEAD \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16234' \
-H 'password: Password123' \
-H 'customerUri: cst16234'Response headers
| Name | Description |
|---|---|
|
Contains total number of SSL certificates available according to the filtering applied |
Example response
HTTP/1.1 200 OK
X-Total-Count: 42Listing SSL Certificate Profiles
List all of SSL Certificate Profiles. Previously known as a certificate type.
Request parameters
| Parameter | Description |
|---|---|
|
Filter by Organization ID (optional) |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/types?organizationId=1296' -i -X GET \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16104' \
-H 'password: Password123' \
-H 'customerUri: cst16104'Response fields
| Path | Type | Description |
|---|---|---|
|
|
An array of available SSL Certificate Profiles |
|
|
Certificate Profile ID |
|
|
Certificate Profile name |
|
|
Use secondary Organization name |
|
|
Certificate Profile description |
|
|
Terms (in days) available for the Certificate Profile |
|
|
Key types available for the Certificate Profile |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 150
[{"id":1834,"name":"SSL SASP -1991211008","description":"SSL SASP -1415106161","terms":[365],"keyTypes":{"RSA":["2048"]},"useSecondaryOrgName":false}]Listing of custom fields for SSL
List all of custom fields defined for SSL certificates.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
An array of custom fields |
|
|
Custom field ID |
|
|
Custom field name |
|
|
Is field mandatory |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/customFields' -i -X GET \
-H 'login: admin_customer16107' \
-H 'password: Password123' \
-H 'customerUri: cst16107' \
-H 'Accept: application/json'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 46
[{"id":86,"name":"testName","mandatory":true}]Enroll SSL certificate
Creation and submission of a request for a new SSL certificate.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
orgId |
Number |
Organization ID |
|
csr |
String |
Certificate signing request |
'Must match the regular expression: |
subjAltNames |
String |
Subject alternative names (comma separated) |
|
certType |
Number |
Certificate Profile ID |
|
term |
Number |
Certificate validity period in days |
'Must be at least 1' |
comments |
String |
Comments for enroll request |
'Size must be between 0 and 1024 inclusive' |
customFields[] |
Array |
Custom fields to be applied to requested certificate. Must contain mandatory custom fields. |
|
customFields[].name |
String |
Name of an enabled custom field. |
[] |
customFields[].value |
String |
Value of the custom field. |
[] |
externalRequester |
String |
External Requester. Acceptable format: 'email@domain.com' or 'email1@domain.com, email2@domain.com' |
'Size must be between 0 and 512 inclusive' |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/enroll' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16070' \
-H 'password: Password123' \
-H 'customerUri: cst16070' \
-d '{"orgId":1284,"subjAltNames":"ccmqa.com","certType":1829,"term":365,"comments":"test","externalRequester":"","customFields":[{"name":"custom field","value":"custom field value"}],"csr":"-----BEGIN CERTIFICATE REQUEST-----\nMIIC4jCCAcoCAQAwdDELMAkGA1UEBhMCVUExDTALBgNVBAgTBHRlc3QxDTALBgNV\nBAcTBHRlc3QxDTALBgNVBAoTBHRlc3QxDTALBgNVBAsTBHRlc3QxEjAQBgNVBAMT\nCWNjbXFhLmNvbTEVMBMGCSqGSIb3DQEJARYGdGVzdEB0MIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAul8SGkicOnrMjJDvgG8P2j1Ee5hY6ww+qSoe0oI2\ntvRcLBknPHMMAkxTjW9fy80wD8hyrnc+IGlQcq2R/tEMIJHRsJD603M+2FjAwlP9\n8xtiqv0hMyHO4fEt+HMyy8Q367aTBmnZCuAxJZJapfFW9wH5jGZxuX8mnrXVsBTD\n4ZBO4UFd9P4u8P0nJx80CiuDt4COSDl6Br4pNLciPVqfwj7LQ5/skwPkNCggk3/G\nxoQX/3FV7O4fC6WCxVP1uYjJVQjlD1Tf06hPNfonVfThVuP20OL3QAlnIF3lZiyY\nJ5etdFtu+BKcPNMdQDJOS/O4Zz0YJn6K2HdAXSc1YxYniwIDAQABoCkwJwYJKoZI\nhvcNAQkOMRowGDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQsF\nAAOCAQEAVJVTTELGHWoRh8JZt+kx/zO0VnibBq/D6uB405L+Ir80X48Ei9hTLB11\nAqhSBE+AbEgBhRnEIDBjiXEDcWvC532Omex721kc17ZTzowuD8lOjfQkTHbAmjIi\nnCQNFAPf0D/zpi6Eync5pi2P//Uj/Yn7oDYYli1t61EZwuQyEu4mbQ1efUnU/SOl\nAAQtDPhNwATZPmfefjM8+YuzhG70dQvmFAClcFayKM92Zx9khDd/VnLT85YzDULJ\n8iiHW8dZNblaTsUjKrc73iX2hONZIxw6B3tGCFs8mH9lZlExV7Y2er3t/lO1pdxe\nSUohEELWcttIxyWnYgxvwaWX4lfx9A==\n-----END CERTIFICATE REQUEST-----"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 45
{"sslId":68,"renewId":"BqB-noHqclQfO4AqVDaU"}Enroll SSL certificate with Key Generation
Creation and submission of a request for a new SSL certificate with generated keypair. Private key will be stored inside 'Private Keys Store'.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
orgId |
Number |
Organization ID |
|
commonName |
String |
Certificate common name |
'Must not be null,Size must be between 1 and 64 inclusive' |
subjAltNames |
String |
Subject alternative names (comma separated) |
|
certType |
Number |
Certificate Profile ID |
|
term |
Number |
Certificate validity period in days |
'Must be at least 1' |
comments |
String |
Comments for enroll request |
'Size must be between 0 and 1024 inclusive' |
algorithm |
String |
Keypair algorithm |
Possible values: RSA, EC |
keySize |
Number |
Keypair key size (deprecated, see "keyParam") |
Applied only in case keypair algorithm is specified. |
keyParam |
String |
Keypair key size (for RSA) or curve name (for EC) |
Applied only in case keypair algorithm is specified. |
passPhrase |
String |
Password to protect PKCS#12 certificate. |
'Size must be between 8 and 32 inclusive' |
customFields[] |
Array |
Custom fields to be applied to requested certificate. Must contain mandatory custom fields. |
|
customFields[].name |
String |
Name of an enabled custom field. |
[] |
customFields[].value |
String |
Value of the custom field. |
[] |
externalRequester |
String |
External Requester. Acceptable format: 'email@domain.com' or 'email1@domain.com, email2@domain.com' |
'Size must be between 0 and 512 inclusive' |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/enroll-keygen' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16073' \
-H 'password: Password123' \
-H 'customerUri: cst16073' \
-d '{"orgId":1285,"subjAltNames":"ccmqa.com","certType":1832,"term":365,"comments":"test","externalRequester":"","customFields":[{"name":"custom field","value":"custom field value"}],"commonName":"ccmqa.com","passPhrase":"password","keySize":2048,"keyParam":"2048","algorithm":"RSA"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 45
{"sslId":69,"renewId":"CVEr2UTuHu37gs5--mE0"}Link to download private key or whole certificate
Generation of a link to download private key or entire certificate from Private Key Controller. You will need to have enabled authentication certificate to have access to the Private Key Store in order to download SSL certificate and the private key.
This API method requires the User Login via Certificate authentication style.
Example request
$ curl 'https://cert-manager.com/private/api/ssl/v1/keystore/64/p12' -i -X GET \
-H 'Accept: application/json' \
-H 'login: admin_customer101' \
-H 'password: Password123' \
-H 'customerUri: cst101' \
--cert-type P12 --cert /home/user/path_to_cert.p12:P@ssWordPath parameters
| Parameter | Description |
|---|---|
|
SSL ID for which the link will be generated. |
|
Parameter to specify download format: key only or entire certificate. Possible values: 'key' - for Private Key, Base64 encoded, 'p12' - for PKCS#12, Base64 encoded |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 104
{"link":"https://{private_key_agent_host_name}/download?token=9STOEPH57C84UOME35RFR165QI&keyformat=P12"}Collect SSL certificate
Delivering the newly issued SSL certificate from CA to the administrator for download.
Path parameters
| Parameter | Description |
|---|---|
|
Certificate ID. |
Request parameters
| Parameter | Description |
|---|---|
|
Format type for certificate. Allowed values: 'x509' - for Certificate (w/ chain), PEM encoded, 'x509CO' - for Certificate only, PEM encoded, 'base64' - for PKCS#7, PEM encoded, 'bin' - for PKCS#7, 'x509IO' - for Root/Intermediate(s) only, PEM encoded, 'x509IOR' - for Intermediate(s)/Root only, PEM encoded, 'pem' - for Certificate (w/ chain), PEM encoded, 'pemco' - for Certificate only, PEM encoded, 'pemia' - for Certificate (w/ issuer after), PEM encoded, 'x509R' - for Certificate (w/ chain), PEM encoded, 'pkcs12' - for Certificate and Private key, PKCS#12. base64 is default. |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/collect/64?format=base64' -i -X GET \
-H 'login: admin_customer16045' \
-H 'password: Password123' \
-H 'customerUri: cst16045'Example response
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 7411
Content-Disposition: attachment; filename="test.cert"
-----BEGIN CERTIFICATE-----
MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux
FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt
H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIQE+oocFv07O0MNmMJgGFDNjANBgkqhkiG9w0BAQwFADBv
MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF
eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow
gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAgBJlFzYOw9sIs9CsVw127c0n00yt
UINh4qogTQktZAnczomfzD2p7PbPwdzx07HWezcoEStH2jnGvDoZtF+mvX2do2NC
tnbyqTsrkfjib9DsFiCQCT7i6HTJGLSR1GJk23+jBvGIGGqQIjy8/hPwhxR79uQf
jtTkUcYRZ0YIUcuGFFQ/vDP+fmyc/xadGL1RjjWmp2bIcmfbIWax1Jt4A8BQOujM
8Ny8nkz+rwWWNR9XWrf/zvk9tyy29lTdyOcSOk2uTIq3XJq0tyA9yn8iNK5+O2hm
AUTnAU5GU5szYPeUvlM3kHND8zLDU+/bqv50TmnHa4xgk97Exwzf4TKuzJM7UXiV
Z4vuPVb+DNBpDxsP8yUmazNt925H+nND5X4OpWaxKXwyhGNVicQNwZNUMBkTrNN9
N6frXTpsNVzbQdcS2qlJC9/YgIoJk2KOtWbPJYjNhLixP6Q5D9kCnusSTJV882sF
qV4Wg8y4Z+LoE53MW4LTTLPtW//e5XOsIzstAL81VXQJSdhJWBp/kjbmUZIO8yZ9
HE0XvMnsQybQv0FfQKlERPSZ51eHnlAfV1SoPv10Yy+xUGUJ5lhCLkMaTLTwJUdZ
+gQek9QmRkpQgbLevni3/GcV4clXhB4PY9bpYrrWX1Uu6lzGKAgEJTm4Diup8kyX
HAc/DVL17e8vgg8CAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTv
A73gJMtUGjAdBgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/
BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1Ud
HwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4
dGVybmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0
dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAJNl9jeD
lQ9ew4IcH9Z35zyKwKoJ8OkLJvHgwmp1ocd5yblSYMgpEg7wrQPWCcR23+WmgZWn
RtqCV6mVksW2jwMibDN3wXsyF24HzloUQToFJBv2FAY7qCUkDrvMKnXduXBBP3zQ
YzYhBx9G/2CkkeFnvN4ffhkUyWNnkepnB2u0j4vAbkN9w6GAbLIevFOFfdyQoaS8
Le9Gclc1Bb+7RrtubTeZtv8jkpHGbkD4jylW6l/VXxRTrPBPYer3IsynVgviuDQf
Jtl7GQVoP7o81DgGotPmjw7jtHFtQELFhLRAlSv0ZaBIefYdgWOWnU914Ph85I6p
0fKtirOMxyHNwu8=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIF9TCCA92gAwIBAgIQHaJIMG+bJhjQguCWfTPTajANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx
MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjB8MQswCQYDVQQGEwJHQjEbMBkGA1UE
CBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQK
Ew9TZWN0aWdvIExpbWl0ZWQxJDAiBgNVBAMTG1NlY3RpZ28gUlNBIENvZGUgU2ln
bmluZyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIYijTKFehif
SfCWL2MIHi3cfJ8Uz+MmtiVmKUCGVEZ0MWLFEO2yhyemmcuVMMBW9aR1xqkOUGKl
UZEQauBLYq798PgYrKf/7i4zIPoMGYmobHutAMNhodxpZW0fbieW15dRhqb0J+V8
aouVHltg1X7XFpKcAC9o95ftanK+ODtj3o+/bkxBXRIgCFnoOc2P0tbPBrRXBbZO
oT5Xax+YvMRi1hsLjcdmG0qfnYHEckC14l/vC0X/o84Xpi1VsLewvFRqnbyNVlPG
8Lp5UEks9wO5/i9lNfIi6iwHr0bZ+UYc3Ix8cSjz/qfGFN1VkW6KEQ3fBiSVfQ+n
oXw62oY1YdMCAwEAAaOCAWQwggFgMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvA
nfKyA2bLMB0GA1UdDgQWBBQO4TqoUzox1Yq+wbutZxoDha00DjAOBgNVHQ8BAf8E
BAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAwYI
KwYBBQUHAwgwEQYDVR0gBAowCDAGBgRVHSAAMFAGA1UdHwRJMEcwRaBDoEGGP2h0
dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9u
QXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6
Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAl
BggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0B
AQwFAAOCAgEATWNQ7Uc0SmGk295qKoyb8QAAHh1iezrXMsL2s+Bjs/thAIiaG20Q
BwRPvrjqiXgi6w9G7PNGXkBGiRL0C3danCpBOvzW9Ovn9xWVM8Ohgyi33i/klPeF
M4MtSkBIv5rCT0qxjyT0s4E307dksKYjalloUkJf/wTr4XRleQj1qZPea3FAmZa6
ePG5yOLDCBaxq2NayBWAbXReSnV+pbjDbLXP30p5h1zHQE1jNfYw08+1Cg4LBH+g
S667o6XQhACTPlNdNKUANWlsvp8gJRANGftQkGG+OY96jk32nw4e/gdREmaDJhlI
lc5KycF/8zoFm/lv34h/wCOe0h5DekUxwZxNqfBZslkZ6GqNKQQCd3xLS81wvjqy
VVp4Pry7bwMQJXcVNIr5NsxDkuS6T/FikyglVyn7URnHoSVAaoRXxrKdsbwcCtp8
Z359LukoTBh+xHsxQXGaSynsCz1XUNLK3f2eBVHlRHjdAd6xdZgNVCT98E7j4viD
vXK6yz067vBeF5Jobchh+abxKgoLpbn0nu6YMgWFnuv5gynTxix9vTp3Los3QqBq
gu07SqqUEKThDfgXxbZaeTMYkuO1dfih6Y4KJR7kHvGfWocj/5+kUZ77OYARzdu1
xKeogG/lU9Tg46LC0lsa+jImLWpXcBw8pFguo/NbSwfcMlnzh6cabVg=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIRAKicluNCIKrVY1IbC+37vhUwDQYJKoZIhvcNAQELBQAw
fDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMSQwIgYDVQQD
ExtTZWN0aWdvIFJTQSBDb2RlIFNpZ25pbmcgQ0EwHhcNMTkwNjEzMDAwMDAwWhcN
MjEwNjEyMjM1OTU5WjB7MQswCQYDVQQGEwJDQTEOMAwGA1UEEQwFNTU1MjYxDjAM
BgNVBAgMBUlkYWhvMQ8wDQYDVQQHDAZLYW5hdGExEzARBgNVBAkMCjE5ODggbWFy
Y2gxEjAQBgNVBAoMCXRlc3QgY3JvcDESMBAGA1UEAwwJdGVzdCBjcm9wMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6A5w8ndXAWk8+6Zx+84FRiIX+B6t
xiKp1MHk7YA90mUdoU6nX/nqZErAtLMCr3C8x1nDlKZRvpMQIZhAT30orTm2TQXE
jOD5zIpxgG0YtQEyGRcpdehviwl+IkdWltgZe4adghJKUWEKfCvnWJrnK81ppcuA
xla4A1uLXYV7PoZIDi527xZK12SC9hxKYOHlcJ/od+NsUv114KFUTGe/EGuV9TQj
/VBOeObbfeAoOJvDNSso5EXKOu/WtEdiDZ5+2oUFz4lyzQyTtUA4cikClOfd2xBD
DvmfuoPhPj+1UsdqSDbE5xS3O8eIU9rnzVAbWe7YKe7+UBq8Sg2HUqJm2QIDAQAB
o4IBhjCCAYIwHwYDVR0jBBgwFoAUDuE6qFM6MdWKvsG7rWcaA4WtNA4wHQYDVR0O
BBYEFNpOBbcvZE5tFiSfOs1nwjjWXWtIMA4GA1UdDwEB/wQEAwIHgDAMBgNVHRMB
Af8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMDMBEGCWCGSAGG+EIBAQQEAwIEEDBA
BgNVHSAEOTA3MDUGDCsGAQQBsjEBAgEDAjAlMCMGCCsGAQUFBwIBFhdodHRwczov
L3NlY3RpZ28uY29tL0NQUzBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLnNl
Y3RpZ28uY29tL1NlY3RpZ29SU0FDb2RlU2lnbmluZ0NBLmNybDBzBggrBgEFBQcB
AQRnMGUwPgYIKwYBBQUHMAKGMmh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGln
b1JTQUNvZGVTaWduaW5nQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5z
ZWN0aWdvLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAAAECAwQFBgcICQoLDA0ODxAR
EhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+P0BB
QkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3Bx
cnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6Ch
oqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR
0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/w==
-----END CERTIFICATE-----Revoke SSL certificate by Id
Sending a request to CA to add the particular SSL certificate in certificate revocation list.
Path parameters
| Parameter | Description |
|---|---|
|
Certificate ID |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
reasonCode |
Number |
Revocation reason code to be put to CRL (Mozilla Root Store Policy 2.8 section 6.1.1) Reason code (unspecified (0), keyCompromise (1), affiliationChanged (3), superseded (4), cessationOfOperation (5)) |
[Allowed ranges 0,1 and 3-5] |
reason |
String |
Short message with a reason why certificate needs to be revoked |
[Must not be empty, Size must be between 1 and 512 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/revoke/93' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16219' \
-H 'password: Password123' \
-H 'customerUri: cst16219' \
-d '{"reasonCode":4,"reason":"my reason"}'Example response
HTTP/1.1 204 No ContentApprove SSL certificate
Approve a requested SSL certificate by Id.
Path parameters
| Parameter | Description |
|---|---|
|
Certificate ID |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
message |
String |
Short message containing accompanying information for certificate approval action |
[Must not be empty, Size must be between 1 and 512 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/approve/95' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16229' \
-H 'password: Password123' \
-H 'customerUri: cst16229' \
-d '{"message": "test"}'Example response
HTTP/1.1 204 No ContentDecline SSL certificate
Decline a requested SSL certificate by Id.
Path parameters
| Parameter | Description |
|---|---|
|
Certificate ID |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
message |
String |
Short message containing accompanying information for certificate approval action |
[Must not be empty, Size must be between 1 and 512 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/decline/138' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16321' \
-H 'password: Password123' \
-H 'customerUri: cst16321' \
-d '{"message": "test"}'Example response
HTTP/1.1 204 No ContentRevoke SSL certificate by serial number
Sending a request to CA to add the particular SSL certificate in certificate revocation list.
Path parameters
| Parameter | Description |
|---|---|
|
Serial Number of certificate |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
reasonCode |
Number |
Revocation reason code to be put to CRL (Mozilla Root Store Policy 2.8 section 6.1.1) Reason code (unspecified (0), keyCompromise (1), affiliationChanged (3), superseded (4), cessationOfOperation (5)) |
[Allowed ranges 0,1 and 3-5] |
reason |
String |
Short message with a reason why certificate needs to be revoked |
[Must not be empty, Size must be between 1 and 512 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/revoke/serial/A9:3E:C0:61:FB:1E:C0:10:73:05:65:00:8D:72:D8:69' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16214' \
-H 'password: Password123' \
-H 'customerUri: cst16214' \
-d '{"reasonCode":3,"reason":"my reason"}'Example response
HTTP/1.1 204 No ContentRenew SSL certificate by renew Id
Submission of a request for a new SSL certificate using the CSR and parameters of the initial certificate. The initial certificate is the one that is selected by the administrator for renewal in this case.
Path parameters
| Parameter | Description |
|---|---|
|
Renew ID for certificate. |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/renew/10' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16193' \
-H 'password: Password123' \
-H 'customerUri: cst16193' \
-d '{"reason": "test"}'Example response
HTTP/1.1 204 No ContentRenew SSL certificate by Id
Submission of a request for a new SSL certificate using the CSR and parameters of the initial SSL certificate. The initial certificate is defined by its ID in this case.
Path parameters
| Parameter | Description |
|---|---|
|
Certificate ID. |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/renewById/86' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16188' \
-H 'password: Password123' \
-H 'customerUri: cst16188'Response fields
| Path | Type | Description |
|---|---|---|
|
|
New certificate ID |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 12
{"sslId":87}Replace SSL certificate by Id
Submission of a request for the substition of the particular SSL certificate applying its parameters and a new CSR.
Path parameters
| Parameter | Description |
|---|---|
|
Certificate ID. |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
csr |
String |
Certificate signing request |
[Must match the regular expression |
reason |
String |
Short message with a reason why certificate needs to be replaced |
[Must not be empty, Size must be between 1 and 512 inclusive] |
commonName |
String |
Certificate common name |
[Size must be between 1 and 64 inclusive] |
subjectAlternativeNames |
Array |
Array of subject alternative names |
[] |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/replace/91' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16203' \
-H 'password: Password123' \
-H 'customerUri: cst16203' \
-d '{"csr":"-----BEGIN CERTIFICATE REQUEST-----\nMIIC4jCCAcoCAQAwdDELMAkGA1UEBhMCVUExDTALBgNVBAgTBHRlc3QxDTALBgNV\nBAcTBHRlc3QxDTALBgNVBAoTBHRlc3QxDTALBgNVBAsTBHRlc3QxEjAQBgNVBAMT\nCWNjbXFhLmNvbTEVMBMGCSqGSIb3DQEJARYGdGVzdEB0MIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAul8SGkicOnrMjJDvgG8P2j1Ee5hY6ww+qSoe0oI2\ntvRcLBknPHMMAkxTjW9fy80wD8hyrnc+IGlQcq2R/tEMIJHRsJD603M+2FjAwlP9\n8xtiqv0hMyHO4fEt+HMyy8Q367aTBmnZCuAxJZJapfFW9wH5jGZxuX8mnrXVsBTD\n4ZBO4UFd9P4u8P0nJx80CiuDt4COSDl6Br4pNLciPVqfwj7LQ5/skwPkNCggk3/G\nxoQX/3FV7O4fC6WCxVP1uYjJVQjlD1Tf06hPNfonVfThVuP20OL3QAlnIF3lZiyY\nJ5etdFtu+BKcPNMdQDJOS/O4Zz0YJn6K2HdAXSc1YxYniwIDAQABoCkwJwYJKoZI\nhvcNAQkOMRowGDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQsF\nAAOCAQEAVJVTTELGHWoRh8JZt+kx/zO0VnibBq/D6uB405L+Ir80X48Ei9hTLB11\nAqhSBE+AbEgBhRnEIDBjiXEDcWvC532Omex721kc17ZTzowuD8lOjfQkTHbAmjIi\nnCQNFAPf0D/zpi6Eync5pi2P//Uj/Yn7oDYYli1t61EZwuQyEu4mbQ1efUnU/SOl\nAAQtDPhNwATZPmfefjM8+YuzhG70dQvmFAClcFayKM92Zx9khDd/VnLT85YzDULJ\n8iiHW8dZNblaTsUjKrc73iX2hONZIxw6B3tGCFs8mH9lZlExV7Y2er3t/lO1pdxe\nSUohEELWcttIxyWnYgxvwaWX4lfx9A==\n-----END CERTIFICATE REQUEST-----","reason":"test","commonName":"ccmqa.com","subjectAlternativeNames":["mafia.od.ua"]}'Example response
HTTP/1.1 204 No ContentDelete SSL certificate by Id
Submission of a request for deleting SSL certificate for a given SSL Id.
| Only imported or discovered certificates can be deleted. |
Path parameters
| Parameter | Description |
|---|---|
|
Certificate ID. |
Example request
$ curl 'https://cert-manager.com/api/ssl/v1/66' -i -X DELETE \
-H 'Content-Type: application/json' \
-H 'login: admin_customer16055' \
-H 'password: Password123' \
-H 'customerUri: cst16055'Example response
HTTP/1.1 204 No ContentImport certificates to SCM
Import certificates to SCM
HTTPie request
$ http --form POST 'https://cert-manager.com/api/ssl/v1/import?orgId=1390' \
'file'@'certs.zip' \
'login:admin_customer16326' \
'password:Password123' \
'customerUri:cst16326' \
'orgId=1390'Example request
$ curl 'https://cert-manager.com/api/ssl/v1/import?orgId=1390' -i -X POST \
-H 'Content-Type: multipart/form-data;charset=utf-8' \
-H 'login: admin_customer16326' \
-H 'password: Password123' \
-H 'customerUri: cst16326' \
-F 'file=@certs.zip;type=application/zip' \
-F 'orgId=1390'Request parameters
| Parameter | Description |
|---|---|
|
An organization which this certificates import to |
Request parts
| Part | Description |
|---|---|
|
Zip archive with certificates to import |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 409
{"processedCount":8,"errors":["[appov_ccmqa_com_cert.cer] - SSL certificate already exists. Order number: N/A","[ccmqa_com.crt] - SSL certificate already exists. Order number: N/A","admin_ccmqa_com.p12 - Unsupported file extension","appov_ccmqa_com_interm.cer - Failed to parse certificate: Certificate is corrupted or subject basic constraint is not met","auto83_ccmqa_com.p12 - Unsupported file extension"]}Response fields
| Path | Type | Description |
|---|---|---|
|
|
An array of occurred errors |
|
|
Total number of processed certificates |
Client certificates
Client resource is used to perform operation on Client Certificates
Listing Client Certificate Profiles
List all Client Certificate Profiles. Previously known as a certificate type.
Request parameters
| Parameter | Description |
|---|---|
|
Filter by Organization ID (optional) |
Example request
$ curl 'https://cert-manager.com/api/smime/v1/types?organizationId=1192' -i -X GET \
-H 'login: admin_customer15822' \
-H 'password: Password123' \
-H 'customerUri: cst15822' \
-H 'Accept: application/json'Response fields
| Path | Type | Description |
|---|---|---|
|
|
An array of available Client Certificate Profiles |
|
|
Certificate Profile ID |
|
|
Certificate Profile name |
|
|
Use secondary organization name |
|
|
Certificate Profile description |
|
|
Terms (in days) available for the Certificate Profile |
|
|
Key types available for the Certificate Profile |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 163
[{"id":1715,"name":"Client cert SASP 338498520","description":"Client cert SASP -542835250","terms":[365],"keyTypes":{"RSA":["2048"]},"useSecondaryOrgName":false}]Custom fields for Client certificate
Special fields that enable the administrator to add their own identification reference(s) on Client certificates requested through SCM.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
An array of custom fields |
|
|
Custom field id |
|
|
Custom field name |
|
|
Is field mandatory |
Example request
$ curl 'https://cert-manager.com/api/smime/v1/customFields' -i -X GET \
-H 'login: admin_customer15798' \
-H 'password: Password123' \
-H 'customerUri: cst15798' \
-H 'Accept: application/json'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 46
[{"id":62,"name":"testName","mandatory":true}]Enroll Client certificate
Creation and submission of a request for a new Client certificate.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
orgId |
Number |
Organization ID |
|
csr |
String |
Certificate signing request |
|
certType |
Number |
Certificate Profile ID |
|
term |
Number |
Certificate validity period in days |
[Must be at least 1] |
String |
Person e-mail |
[Must be a well-formed email address, Must not be empty, Size must be between 0 and 128 inclusive] |
|
phone |
String |
Person telephone |
[Must match the regular expression: |
secondaryEmails |
Array |
Person secondary e-mails |
[] |
firstName |
String |
Person first name |
firstName must not be empty, firstName + ' ' + middleName + ' ' + lastName must be in range of 1 to 64 characters |
middleName |
String |
Person middle name |
firstName + ' ' + middleName + ' ' + lastName must be in range of 1 to 64 characters |
lastName |
String |
Person last name |
lastName must not be empty, firstName + ' ' + middleName + ' ' + lastName must be in range of 1 to 64 characters |
customFields |
Array |
Custom fields to be applied to requested certificate |
[] |
commonName |
String |
Person’s common name, if omitted will be constructed from Person’s full name |
[Size must be between 0 and 64 inclusive] |
eppn |
String |
EPPN |
[Size must be between 0 and 128 inclusive] |
upn |
String |
Principal name |
[Size must be between 0 and 256 inclusive] |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Obsolete parameter for the order identifier under which the certificate request has been processed. BackendCertId should be used instead. |
|
|
Certificate ID in enrolling backend |
Example request
$ curl 'https://cert-manager.com/api/smime/v1/enroll' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer15806' \
-H 'password: Password123' \
-H 'customerUri: cst15806' \
-d '{"orgId":1184,"firstName":"Name","middleName":"","lastName":"LastName","email":"name@test.net","phone":"12345678","secondaryEmails":[],"csr":"-----BEGIN CERTIFICATE REQUEST-----\nMIIC4jCCAcoCAQAwdDELMAkGA1UEBhMCVUExDTALBgNVBAgTBHRlc3QxDTALBgNV\nBAcTBHRlc3QxDTALBgNVBAoTBHRlc3QxDTALBgNVBAsTBHRlc3QxEjAQBgNVBAMT\nCWNjbXFhLmNvbTEVMBMGCSqGSIb3DQEJARYGdGVzdEB0MIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAul8SGkicOnrMjJDvgG8P2j1Ee5hY6ww+qSoe0oI2\ntvRcLBknPHMMAkxTjW9fy80wD8hyrnc+IGlQcq2R/tEMIJHRsJD603M+2FjAwlP9\n8xtiqv0hMyHO4fEt+HMyy8Q367aTBmnZCuAxJZJapfFW9wH5jGZxuX8mnrXVsBTD\n4ZBO4UFd9P4u8P0nJx80CiuDt4COSDl6Br4pNLciPVqfwj7LQ5/skwPkNCggk3/G\nxoQX/3FV7O4fC6WCxVP1uYjJVQjlD1Tf06hPNfonVfThVuP20OL3QAlnIF3lZiyY\nJ5etdFtu+BKcPNMdQDJOS/O4Zz0YJn6K2HdAXSc1YxYniwIDAQABoCkwJwYJKoZI\nhvcNAQkOMRowGDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQsF\nAAOCAQEAVJVTTELGHWoRh8JZt+kx/zO0VnibBq/D6uB405L+Ir80X48Ei9hTLB11\nAqhSBE+AbEgBhRnEIDBjiXEDcWvC532Omex721kc17ZTzowuD8lOjfQkTHbAmjIi\nnCQNFAPf0D/zpi6Eync5pi2P//Uj/Yn7oDYYli1t61EZwuQyEu4mbQ1efUnU/SOl\nAAQtDPhNwATZPmfefjM8+YuzhG70dQvmFAClcFayKM92Zx9khDd/VnLT85YzDULJ\n8iiHW8dZNblaTsUjKrc73iX2hONZIxw6B3tGCFs8mH9lZlExV7Y2er3t/lO1pdxe\nSUohEELWcttIxyWnYgxvwaWX4lfx9A==\n-----END CERTIFICATE REQUEST-----","certType":1705,"term":365,"customFields":[],"commonName":null,"upn":null,"eppn":"firstname@email.com"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 41
{"orderNumber":123,"backendCertId":"123"}Collect Client certificate
Delivering the newly issued Client certificate from CA to the administrator for download.
Path parameters
| Parameter | Description |
|---|---|
|
Order number |
Request parameters
| Parameter | Description |
|---|---|
|
Format type for certificate. Allowed values: 'x509' - for Certificate (w/ chain), PEM encoded, 'x509CO' - for Certificate only, PEM encoded, 'base64' - for PKCS#7, PEM encoded, 'bin' - for PKCS#7, 'x509IO' - for Root/Intermediate(s) only, PEM encoded, 'x509IOR' - for Intermediate(s)/Root only, PEM encoded, 'pem' - for Certificate (w/ chain), PEM encoded, 'pemco' - for Certificate only, PEM encoded, 'pemia' - for Certificate (w/ issuer after), PEM encoded, 'x509R' - for Certificate (w/ chain), PEM encoded, 'pkcs12' - for Certificate and Private key, PKCS#12 |
Example request
$ curl 'https://cert-manager.com/api/smime/v1/collect/12345?format=base64' -i -X GET \
-H 'login: admin_customer15802' \
-H 'password: Password123' \
-H 'customerUri: cst15802'Example response
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Disposition: attachment; filename="test_example_com.p7b"Renew Client certificate by order number
Submission of a request for a new Client certificate using the CSR and parameters of the initial Client certificate. The initial certificate is defined by its order number.
Path parameters
| Parameter | Description |
|---|---|
|
Order number. |
Example request
$ curl 'https://cert-manager.com/api/smime/v2/renew/order/12345' -i -X POST \
-H 'login: admin_customer15858' \
-H 'password: Password123' \
-H 'customerUri: cst15858' \
-H 'Accept: application/json'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 41
{"orderNumber":123,"backendCertId":"123"}Renew Client certificate by serial number
Submission of a request for a new Client certificate using the CSR and parameters of the initial Client certificate. The initial certificate is defined by its serial number.
Path parameters
| Parameter | Description |
|---|---|
|
Serial number. |
Example request
$ curl 'https://cert-manager.com/api/smime/v2/renew/serial/test:serial' -i -X POST \
-H 'login: admin_customer15862' \
-H 'password: Password123' \
-H 'customerUri: cst15862' \
-H 'Accept: application/json'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 41
{"orderNumber":123,"backendCertId":"123"}Replace Client certificate by order number
Submission of a request for a replace of a Client certificate using new CSR and the parameters of the initial Client certificate. The initial certificate is defined by its order number.
Path parameters
| Parameter | Description |
|---|---|
|
Order Number of certificate which you are going to replace. |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
csr |
String |
CSR related to new key pair |
[Must match the regular expression: |
reason |
String |
Short message explaining why certificate needs to be replaced |
[Must not be empty, Size must be between 1 and 512 inclusive] |
revoke |
Boolean |
Previous certificate will be revoked if true |
[Must not be null] |
Example request
$ curl 'https://cert-manager.com/api/smime/v2/replace/order/251' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer15866' \
-H 'password: Password123' \
-H 'customerUri: cst15866' \
-d '{"csr":"-----BEGIN CERTIFICATE REQUEST-----\nMIIC4jCCAcoCAQAwdDELMAkGA1UEBhMCVUExDTALBgNVBAgTBHRlc3QxDTALBgNV\nBAcTBHRlc3QxDTALBgNVBAoTBHRlc3QxDTALBgNVBAsTBHRlc3QxEjAQBgNVBAMT\nCWNjbXFhLmNvbTEVMBMGCSqGSIb3DQEJARYGdGVzdEB0MIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAul8SGkicOnrMjJDvgG8P2j1Ee5hY6ww+qSoe0oI2\ntvRcLBknPHMMAkxTjW9fy80wD8hyrnc+IGlQcq2R/tEMIJHRsJD603M+2FjAwlP9\n8xtiqv0hMyHO4fEt+HMyy8Q367aTBmnZCuAxJZJapfFW9wH5jGZxuX8mnrXVsBTD\n4ZBO4UFd9P4u8P0nJx80CiuDt4COSDl6Br4pNLciPVqfwj7LQ5/skwPkNCggk3/G\nxoQX/3FV7O4fC6WCxVP1uYjJVQjlD1Tf06hPNfonVfThVuP20OL3QAlnIF3lZiyY\nJ5etdFtu+BKcPNMdQDJOS/O4Zz0YJn6K2HdAXSc1YxYniwIDAQABoCkwJwYJKoZI\nhvcNAQkOMRowGDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQsF\nAAOCAQEAVJVTTELGHWoRh8JZt+kx/zO0VnibBq/D6uB405L+Ir80X48Ei9hTLB11\nAqhSBE+AbEgBhRnEIDBjiXEDcWvC532Omex721kc17ZTzowuD8lOjfQkTHbAmjIi\nnCQNFAPf0D/zpi6Eync5pi2P//Uj/Yn7oDYYli1t61EZwuQyEu4mbQ1efUnU/SOl\nAAQtDPhNwATZPmfefjM8+YuzhG70dQvmFAClcFayKM92Zx9khDd/VnLT85YzDULJ\n8iiHW8dZNblaTsUjKrc73iX2hONZIxw6B3tGCFs8mH9lZlExV7Y2er3t/lO1pdxe\nSUohEELWcttIxyWnYgxvwaWX4lfx9A==\n-----END CERTIFICATE REQUEST-----","reason":"Test","revoke":false}'Example response
HTTP/1.1 204 No ContentRevoke Client certificate by order number
Sending a request to CA to add the particular Client certificate in certificate revocation list.
Path parameters
| Parameter | Description |
|---|---|
|
Order number. |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
reasonCode |
Number |
Revocation reason code to be put to CRL (Mozilla Root Store Policy 2.8 section 6.1.1) Reason code (unspecified (0), keyCompromise (1), affiliationChanged (3), superseded (4), cessationOfOperation (5)) |
[Allowed ranges 0,1 and 3-5] |
reason |
String |
Short message explaining why certificate needs to be revoked |
[Size must be between 0 and 512 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/smime/v1/revoke/order/12345' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer15830' \
-H 'password: Password123' \
-H 'customerUri: cst15830' \
-H 'Accept: application/json' \
-d '{"reasonCode":0,"reason":"my reason"}'Example response
HTTP/1.1 204 No ContentRevoke Client certificate by serial number
Sending a request to CA to add the Client certificate under the particular serial number in certificate revocation list.
Path parameters
| Parameter | Description |
|---|---|
|
Certificate serial number |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
reasonCode |
Number |
Revocation reason code to be put to CRL (Mozilla Root Store Policy 2.8 section 6.1.1) Reason code (unspecified (0), keyCompromise (1), affiliationChanged (3), superseded (4), cessationOfOperation (5)) |
[Allowed ranges 0,1 and 3-5] |
reason |
String |
Short message explaining why certificate needs to be revoked |
[Size must be between 0 and 512 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/smime/v1/revoke/serial/test:serial' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer15838' \
-H 'password: Password123' \
-H 'customerUri: cst15838' \
-H 'Accept: application/json' \
-d '{"reasonCode":1,"reason":"my reason"}'Example response
HTTP/1.1 204 No ContentRevoke all Client certificates related to email
Sending a request to CA to add all Client certificates issued for the person with the particular email address in certificate revocation list.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
reasonCode |
Number |
Revocation reason code to be put to CRL (Mozilla Root Store Policy 2.8 section 6.1.1) Reason code (unspecified (0), keyCompromise (1), affiliationChanged (3), superseded (4), cessationOfOperation (5)) |
[Allowed ranges 0,1 and 3-5] |
reason |
String |
Short message explaining why certificate needs to be revoked |
[Size must be between 0 and 512 inclusive] |
String |
Person e-mail address |
Example request
$ curl 'https://cert-manager.com/api/smime/v1/revoke' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer15826' \
-H 'password: Password123' \
-H 'customerUri: cst15826' \
-H 'Accept: application/json' \
-d '{"reasonCode":0,"reason":"my reason","email":"test@email"}'Example response
HTTP/1.1 204 No ContentList Client certificates by person ID
A GET request will return list of all Client certificates for a person with given ID.
V2
Path parameters
| Parameter | Description |
|---|---|
|
Person ID. |
Example request
$ curl 'https://cert-manager.com/api/smime/v2/byPersonId/1' -i -X GET \
-H 'login: admin_customer15846' \
-H 'password: Password123' \
-H 'customerUri: cst15846' \
-H 'Accept: application/json'Response body
[{"id":1,"state":"issued","certificateDetails":{"subject":"S/MIME Subject string"},"serialNumber":"C3:DB:6F:88:E7:20:DF:99:71:70:59:FB:D0:2D:29:B0","orderNumber":12345,"backendCertId":"12345","expires":"2345-06-07"}]Response fields
| Path | Type | Description |
|---|---|---|
|
|
An array of Client certificate properties |
|
|
Certificate ID |
|
|
Certificate details |
|
|
The subject of the issuing CA certificate |
|
|
The subject of CA certificate |
|
|
The subject alternative names of the issuing CA certificate |
|
|
The MD5 fingerprint of CA certificate |
|
|
The SHA1 fingerprint of CA certificate |
|
|
Certificate state |
|
|
Certificate order number |
|
|
Certificate serial number |
|
|
Certificate ID in enrolling backend |
|
|
Certificate expiration date |
V1
Path parameters
| Parameter | Description |
|---|---|
|
Person ID |
Example request
$ curl 'https://cert-manager.com/api/smime/v1/byPersonId/1' -i -X GET \
-H 'login: admin_customer15818' \
-H 'password: Password123' \
-H 'customerUri: cst15818' \
-H 'Accept: application/json'Response body
[{"id":1,"state":"issued","certificateDetails":{"subject":"S/MIME Subject string"}}]Response fields
| Path | Type | Description |
|---|---|---|
|
|
An array of Client certificate properties |
|
|
Certificate ID |
|
|
Certificate details |
|
|
The subject of the issuing CA certificate |
|
|
The subject of CA certificate |
|
|
The subject alternative names of the issuing CA certificate |
|
|
The MD5 fingerprint of CA certificate |
|
|
The SHA1 fingerprint of CA certificate |
|
|
Certificate state |
List Client certificates by person email
A GET request will return list of all Client certificates for a person with given email.
V2
Path parameters
| Parameter | Description |
|---|---|
|
Person e-mail. Must be formatted as valid e-mail string. Also might need to be properly encoded as required by URL syntax standard. For example, the '@' character should be replaced with the %40 code, '.' - with %2E and so on. |
Example request
$ curl 'https://cert-manager.com/api/smime/v2/byPersonEmail/mailbox@domain.com' -i -X GET \
-H 'login: admin_customer15842' \
-H 'password: Password123' \
-H 'customerUri: cst15842' \
-H 'Accept: application/json'Response body
[{"id":1,"state":"issued","certificateDetails":{"subject":"S/MIME Subject string"},"serialNumber":"C3:DB:6F:88:E7:20:DF:99:71:70:59:FB:D0:2D:29:B0","orderNumber":12345,"backendCertId":"12345","expires":"2345-06-07"}]Response fields
| Path | Type | Description |
|---|---|---|
|
|
An array of Client certificate properties |
|
|
Certificate ID |
|
|
Certificate details |
|
|
The subject of the issuing CA certificate |
|
|
The subject of CA certificate |
|
|
The subject alternative names of the issuing CA certificate |
|
|
The MD5 fingerprint of CA certificate |
|
|
The SHA1 fingerprint of CA certificate |
|
|
Certificate state |
|
|
Certificate order number |
|
|
Certificate serial number |
|
|
Cert ID in enrolling backend |
|
|
Certificate expiration date |
V1
Path parameters
| Parameter | Description |
|---|---|
|
Person e-mail. Must be formatted as valid e-mail string. Also might need to be properly encoded as required by URL syntax standard. For example, the '@' character should be replaced with the %40 code, '.' - with %2E and so on. |
Example request
$ curl 'https://cert-manager.com/api/smime/v1/byPersonEmail/mailbox@domain.com' -i -X GET \
-H 'login: admin_customer15814' \
-H 'password: Password123' \
-H 'customerUri: cst15814' \
-H 'Accept: application/json'Response body
[{"id":1,"state":"issued","certificateDetails":{"subject":"S/MIME Subject string"}}]Response fields
| Path | Type | Description |
|---|---|---|
|
|
An array of Client certificate properties |
|
|
Certificate ID |
|
|
Certificate details |
|
|
The subject of the issuing CA certificate |
|
|
The subject of CA certificate |
|
|
The subject alternative names of the issuing CA certificate |
|
|
The MD5 fingerprint of CA certificate |
|
|
The SHA1 fingerprint of CA certificate |
|
|
Certificate state |
List Client certificates
A GET request will return list of all Client certificates by filter.
Example request
$ curl 'https://cert-manager.com/api/smime/v2?size=10&position=0&personId=42&keyVault=true&certTypeId=100500&serialNumber=C3DB6F88E720DF99717059FBD02D29B0&backendCertId=12345&email=user%40ccmqa.com' -i -X GET \
-H 'login: admin_customer15854' \
-H 'password: Password123' \
-H 'customerUri: cst15854' \
-H 'Accept: application/json'Request parameters
| Parameter | Description |
|---|---|
|
Count of returned entries |
|
Position shift |
|
Certificate Key Vault flag filter |
|
Certificate person ID filter |
|
Certificate state filter. Possible values: ', 'blank', 'created', 'requested', 'issued', 'downloaded' - deprecated, 'expired', 'revoked', 'rejected', 'pre_revoked'' |
|
Certificate profile ID filter |
|
Certificate serial number filter |
|
Certificate backend ID filter |
|
Certificate signature algorithm filter |
|
Certificate public key algorithm filter |
|
Certificate public key size or curve name filter |
|
Certificate key usage filter |
|
Certificate extended key usage filter |
|
Certificate person email filter |
HTTP request
GET /api/smime/v2?size=10&position=0&personId=42&keyVault=true&certTypeId=100500&serialNumber=C3DB6F88E720DF99717059FBD02D29B0&backendCertId=12345&email=user%40ccmqa.com HTTP/1.1
login: admin_customer15854
password: Password123
customerUri: cst15854
Accept: application/json
Host: cert-manager.comExample response
HTTP/1.1 200 OK
X-Total-Count: 1
Content-Type: application/json
Content-Length: 216
[{"id":1,"state":"issued","certificateDetails":{"subject":"S/MIME Subject string"},"serialNumber":"C3:DB:6F:88:E7:20:DF:99:71:70:59:FB:D0:2D:29:B0","orderNumber":12345,"backendCertId":"12345","expires":"2345-06-07"}]Response body
[{"id":1,"state":"issued","certificateDetails":{"subject":"S/MIME Subject string"},"serialNumber":"C3:DB:6F:88:E7:20:DF:99:71:70:59:FB:D0:2D:29:B0","orderNumber":12345,"backendCertId":"12345","expires":"2345-06-07"}]Response fields
| Path | Type | Description |
|---|---|---|
|
|
An array of Client certificate properties |
|
|
Certificate ID |
|
|
Certificate details |
|
|
The subject of the issuing CA certificate |
|
|
The subject of CA certificate |
|
|
The subject alternative names of the issuing CA certificate |
|
|
The MD5 fingerprint of CA certificate |
|
|
The SHA1 fingerprint of CA certificate |
|
|
Certificate state |
|
|
Certificate order number |
|
|
Certificate serial number |
|
|
Certificate ID in enrolling backend |
|
|
Certificate expiration date |
Response headers
| Name | Description |
|---|---|
|
Contains total number of client certificates available according to the filtering applied |
Count Client certificates
A HEAD request will return count of all device certificates by filter.
Example request
$ curl 'https://cert-manager.com/api/smime/v2?personId=42&keyVault=true&certTypeId=100500&serialNumber=C3DB6F88E720DF99717059FBD02D29B0' -i -X HEAD \
-H 'login: admin_customer15850' \
-H 'password: Password123' \
-H 'customerUri: cst15850' \
-H 'Accept: application/json'Request parameters
| Parameter | Description |
|---|---|
|
Certificate Key Vault flag filter |
|
Certificate person ID filter |
|
Certificate state filter. Possible values: ', 'blank', 'created', 'requested', 'issued', 'downloaded' - deprecated, 'expired', 'revoked', 'rejected', 'pre_revoked'' |
|
Certificate profile ID filter |
|
Certificate serial number filter |
|
Certificate backend ID filter |
|
Certificate signature algorithm filter |
|
Certificate public key algorithm filter |
|
Certificate public key size or curve name filter |
|
Certificate key usage filter |
|
Certificate extended key usage filter |
|
Certificate person email filter |
HTTP request
HEAD /api/smime/v2?personId=42&keyVault=true&certTypeId=100500&serialNumber=C3DB6F88E720DF99717059FBD02D29B0 HTTP/1.1
login: admin_customer15850
password: Password123
customerUri: cst15850
Accept: application/json
Host: cert-manager.comExample response
HTTP/1.1 200 OK
X-Total-Count: 1Response headers
| Name | Description |
|---|---|
|
Contains total number of client certificates available according to the filtering applied |
Device Certificates
Device resource is used to perform operation on certificates that are issued to devices.
Device Certificate Profiles
List all Device Certificate Profiles. Previously known as a certificate type.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
An array of available certificate profiles |
|
|
Certificate Profile ID |
|
|
Certificate Profile name |
|
|
Certificate Profile description |
|
|
First available term (in days) for the Certificate Profile |
|
|
Use secondary organization name |
|
|
Terms (in days) available for the Certificate Profile |
|
|
Key types available for the Certificate Profile |
|
|
Key Usages available for the Certificate Profile |
|
|
Extended Key Usages available for the Certificate Profile |
Example request
$ curl 'https://cert-manager.com/api/device/v1/types?organizationId=379' -i -X GET \
-H 'login: admin_customer13662' \
-H 'password: Password123' \
-H 'customerUri: cst13662' \
-H 'Accept: application/json'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 247
[{"id":1034,"name":"Device cert SASP 859265331","description":"Device cert SASP 1304544562","terms":[365],"keyTypes":{"RSA":["2048"]},"useSecondaryOrgName":false,"term":365,"ku":["Digital Signature","Non repudiation"],"eku":["1.3.6.1.5.5.7.3.2"]}]Custom fields for Device certificate
Special fields that enable the administrator to add their own identification reference(s) on the Device certificates requested through SCM.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
An array of custom fields |
|
|
Custom field ID |
|
|
Custom field name |
|
|
Is field mandatory |
Example request
$ curl 'https://cert-manager.com/api/device/v1/customFields' -i -X GET \
-H 'login: admin_customer13667' \
-H 'password: Password123' \
-H 'customerUri: cst13667' \
-H 'Accept: application/json'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 46
[{"id":56,"name":"testName","mandatory":true}]Enroll Device certificate
Creation and submission of a request for a new Device certificate.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
orgId |
Number |
Organization ID |
'Must be at least 1,Must not be null' |
csr |
String |
Certificate signing request |
'Must match the regular expression: |
certType |
Number |
Certificate Profile ID |
'Must be at least 1,Must not be null' |
term |
Number |
Certificate validity period in days |
'Must be at least 1' |
customFields[] |
Array |
Custom fields to be applied to requested certificate. Must contain mandatory custom fields. |
|
customFields[].name |
String |
Name of an enabled custom field. |
[] |
customFields[].value |
String |
Value of the custom field. |
[] |
optionalFields[] |
Array |
Optional fields to be applied to requested certificate |
[] |
optionalFields[].name |
String |
Name of supported optional field. |
Must be one of the following values: [commonName, surname, countryName, localityName, stateOrProvinceName, streetAddress, organizationName, organizationalUnitName, title, description, postalCode, postOfficeBox, telephoneNumber, givenName, initials, emailAddress, DocumentoNacionaldeIdentidad, serialNumber, SIRENE, collectionEmailAddress, rfc822Name, subjectUniqueIdentifier, uniqueIdentifier, PermIdAscentMediaNetSecDept, PermIdAscentMediaEngHomeNet, sAMAccountName, userId, userPrincipalName, unstructuredName, domainComponent, dnsName, servicePrincipalName] |
optionalFields[].value |
String |
Value of the optional field. |
[] |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Obsolete parameter for the order identifier under which the certificate request has been processed. BackendCertId should be used instead. |
|
|
Cert ID in enrolling backend |
Example request
$ curl 'https://cert-manager.com/api/device/v1/enroll' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13652' \
-H 'password: Password123' \
-H 'customerUri: cst13652' \
-d '{"orgId":373,"term":1031,"csr":"-----BEGIN CERTIFICATE REQUEST-----\nMIIC4jCCAcoCAQAwdDELMAkGA1UEBhMCVUExDTALBgNVBAgTBHRlc3QxDTALBgNV\nBAcTBHRlc3QxDTALBgNVBAoTBHRlc3QxDTALBgNVBAsTBHRlc3QxEjAQBgNVBAMT\nCWNjbXFhLmNvbTEVMBMGCSqGSIb3DQEJARYGdGVzdEB0MIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAul8SGkicOnrMjJDvgG8P2j1Ee5hY6ww+qSoe0oI2\ntvRcLBknPHMMAkxTjW9fy80wD8hyrnc+IGlQcq2R/tEMIJHRsJD603M+2FjAwlP9\n8xtiqv0hMyHO4fEt+HMyy8Q367aTBmnZCuAxJZJapfFW9wH5jGZxuX8mnrXVsBTD\n4ZBO4UFd9P4u8P0nJx80CiuDt4COSDl6Br4pNLciPVqfwj7LQ5/skwPkNCggk3/G\nxoQX/3FV7O4fC6WCxVP1uYjJVQjlD1Tf06hPNfonVfThVuP20OL3QAlnIF3lZiyY\nJ5etdFtu+BKcPNMdQDJOS/O4Zz0YJn6K2HdAXSc1YxYniwIDAQABoCkwJwYJKoZI\nhvcNAQkOMRowGDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQsF\nAAOCAQEAVJVTTELGHWoRh8JZt+kx/zO0VnibBq/D6uB405L+Ir80X48Ei9hTLB11\nAqhSBE+AbEgBhRnEIDBjiXEDcWvC532Omex721kc17ZTzowuD8lOjfQkTHbAmjIi\nnCQNFAPf0D/zpi6Eync5pi2P//Uj/Yn7oDYYli1t61EZwuQyEu4mbQ1efUnU/SOl\nAAQtDPhNwATZPmfefjM8+YuzhG70dQvmFAClcFayKM92Zx9khDd/VnLT85YzDULJ\n8iiHW8dZNblaTsUjKrc73iX2hONZIxw6B3tGCFs8mH9lZlExV7Y2er3t/lO1pdxe\nSUohEELWcttIxyWnYgxvwaWX4lfx9A==\n-----END CERTIFICATE REQUEST-----","certType":1031,"customFields":[{"name":"custom field","value":"custom field value"}],"optionalFields":[{"name":"commonName","value":"test.example.com"}]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 45
{"orderNumber":13656,"backendCertId":"13656"}Collect Device certificate
Delivering the newly issued Device certificate from CA to the administrator for download.
Path parameters
| Parameter | Description |
|---|---|
|
Certificate ID |
Request parameters
| Parameter | Description |
|---|---|
|
Format type name for certificate. If not specified, PKCS#7 Base64 encoded is default. Allowed values: 'x509' - for Certificate (w/ chain), PEM encoded, 'x509CO' - for Certificate only, PEM encoded, 'base64' - for PKCS#7, PEM encoded, 'bin' - for PKCS#7, 'x509IO' - for Root/Intermediate(s) only, PEM encoded, 'x509IOR' - for Intermediate(s)/Root only, PEM encoded, 'pem' - for Certificate (w/ chain), PEM encoded, 'pemco' - for Certificate only, PEM encoded, 'pemia' - for Certificate (w/ issuer after), PEM encoded, 'x509R' - for Certificate (w/ chain), PEM encoded, 'pkcs12' - for Certificate and Private key, PKCS#12 |
Example request
$ curl 'https://cert-manager.com/api/device/v1/collect/132132?format=base64' -i -X GET \
-H 'login: admin_customer13632' \
-H 'password: Password123' \
-H 'customerUri: cst13632'Example response
HTTP/1.1 200 OK
Content-Length: 3218
Content-Type: application/octet-stream
Content-Disposition: attachment; filename="test.cert"
-----BEGIN PKCS7-----
MIIJJQYJKoZIhvcNAQcCoIIJFjCCCRICAQExADALBgkqhkiG9w0BBwGgggj6MIIF
HjCCBAagAwIBAgIQBXQwB2XNLnzRqXF67yXetTANBgkqhkiG9w0BAQsFADCBgzEL
MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKTAnBgNVBAMT
IFRlc3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE3MTEyNzAwMDAw
MFoXDTE4MTEyNzIzNTk1OVowaTELMAkGA1UECxMCSVQxFzAVBgNVBAoTDk15Q29t
cGFueSBMdGQuMQ4wDAYDVQQIEwVZb3JrczENMAsGA1UEBxMEWW9yazELMAkGA1UE
BhMCR0IxFTATBgNVBAMTDHR0LmNjbXFhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjaijCapexR3eiRTcRrJNF3jqF9msby8qRvDHK5MNJ3WMQU
HgtcxSVRItBBV9M0GM2agG/+zOCvez71n2IfMoqqouZRfBsw7DMqnVMGQVYhBfVE
Mr2fsP0BGk1SdGaoZYgACKUkjc7MbdESyJhmEvEYIBpdVHzqDU2dJ2Op1t2G7Kpb
rzpRupMqmuQybGqJlidnicFf9irDcqd22Koih9TjfKM/4ZYMCBs3fv0bZVyM9Alh
lOEMFj1ytmcGLHa5ojnX1lLT4xjZNFaJJv9ZwNYAA+YkE29q7uJZINPcTf+CfqUe
UEWdq5cBiAPoPMrtsHimfLEvf3UmRxKhzNYEv6kCAwEAAaOCAaUwggGhMB8GA1Ud
IwQYMBaAFIaGHcsGJX0nAVdr5Wo40OREr5MyMB0GA1UdDgQWBBTXOsPzzx5rZ2/g
MmTvN+0y0Ys3XTAOBgNVHQ8BAf8EBAMCA/gwDAYDVR0TAQH/BAIwADAdBgNVHSUE
FjAUBggrBgEFBQcDBAYIKwYBBQUHAwIwEQYJYIZIAYb4QgEBBAQDAgWgMEYGA1Ud
IAQ/MD0wOwYMKwYBBAGyMQECAQMFMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2Vj
dXJlLmNvbW9kby5uZXQvQ1BTMEoGA1UdHwRDMEEwP6A9oDuGOWh0dHA6Ly9jcmwu
Y29tb2RvY2EuY29tL1Rlc3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB7
BggrBgEFBQcBAQRvMG0wRQYIKwYBBQUHMAKGOWh0dHA6Ly9jcnQuY29tb2RvY2Eu
Y29tL1Rlc3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNydDAkBggrBgEFBQcw
AYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAA
AQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAhIiMkJSYnKCkqKywtLi8w
MTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9g
YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXp7fH1+f4CBgoOEhYaHiImKi4yNjo+Q
kZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/A
wcLDxMXGx8jJysvMzc7P0NHS09TV1tfY2drb3N3e3+Dh4uPk5ebn6Onq6+zt7u/w
8fLz9PX29/j5+vv8/f7/MIID1DCCArygAwIBAgIQHpFpjHVf56b6C+OC9siGTDAN
BgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIg
TWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENB
IExpbWl0ZWQxKTAnBgNVBAMTIFRlc3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9y
aXR5MB4XDTE0MDEwMTAwMDAwMFoXDTMwMTIzMTIzNTk1OVowgYMxCzAJBgNVBAYT
AkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZv
cmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSkwJwYDVQQDEyBUZXN0IFJT
QSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL/ZSIMZBY4Ifq5oXcdSPDa5ArrYahP4qhO9aES9jT7TEr5tpNIQ
QP044h+3MGc7Cgf17OYSqpd4WvvhgUCkc8XDda3JgKEgCaHfnjgynBtXk6JP8stM
IuKPZS9WcEQSKB7JPOnjaHdBkLRfbuSu0y7he9IoibiSCIU5mJ8T6QNd5wEWBp4j
gRQWnLBXtJENtCzcU5j2sPh0gZUFjlu1V3Cc8JUENzDpMpjtxNYHtbL68BFXcWvy
7hrqnE4eNM5K3DfEacdrvFgIQNfCMc4KEh2DFzDoCZpchDLhVGrYrTObG4D/RR0o
T2QuFqbaiatLcG/armNUgb+4VH1R/HOQaf0CAwEAAaNCMEAwHQYDVR0OBBYEFIaG
HcsGJX0nAVdr5Wo40OREr5MyMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTAD
AQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCeQAWeNNtsKuUt5V9JifMy2AduOcK7lndh
M24L8KG86o7aoye1QDqMfFmUrFo7nDVno6G013PnRo97BcrVPoMVB66TP5LywOrL
rVoiIF9I5OD4BrtgvrRtlT3iMZwxjzU19lgEcLs+sJZhug2eDKAjp0PaJ40Wg5sn
o3CRq/urYgtIAiFdxgMBefK0Ejivos5RLDzmHjA/Wo+jFMfXvdP6RxVmz7Nxfcws
I+sOSWmb60dZlaC1yVZ0PbD2DFj7yEnW94p86d7Thmv6ksaqbOeWdJErnYJkqXPB
0wSazHQeQHjWp91j4ZwlYRhZQfovwiRi601iWNNE7hPrMb87FkvyMQA=
-----END PKCS7-----Revoke Device certificate by order number
Sending a request to CA to add the Device certificate under the particular order number to certificate revocation list.
Path parameters
| Parameter | Description |
|---|---|
|
Certificate Order Number |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
reasonCode |
Number |
Revocation reason code to be put to CRL (Mozilla Root Store Policy 2.8 section 6.1.1) Reason code (unspecified (0), keyCompromise (1), affiliationChanged (3), superseded (4), cessationOfOperation (5)) |
[Allowed ranges 0,1 and 3-5] |
reason |
String |
Short message explaining why certificate needs to be revoked |
[Size must be between 0 and 512 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/device/v1/revoke/order/125546' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13724' \
-H 'password: Password123' \
-H 'customerUri: cst13724' \
-d '{"reasonCode":4,"reason":"my reason"}'Example response
HTTP/1.1 204 No ContentRevoke Device certificate by serial number
Sending a request to CA to add the Device certificate under the particular serial number to certificate revocation list.
Path parameters
| Parameter | Description |
|---|---|
|
Certificate Serial Number |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
reasonCode |
Number |
Revocation reason code to be put to CRL (Mozilla Root Store Policy 2.8 section 6.1.1) Reason code (unspecified (0), keyCompromise (1), affiliationChanged (3), superseded (4), cessationOfOperation (5)) |
[Allowed ranges 0,1 and 3-5] |
reason |
String |
Short message explaining why certificate needs to be revoked |
[Size must be between 0 and 512 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/device/v1/revoke/serial/A7:35:E0:9A:D6:D1:C0:CC:56:EA:6C:D0:E3:97:B6:D9' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13739' \
-H 'password: Password123' \
-H 'customerUri: cst13739' \
-d '{"reasonCode":4,"reason":"my reason"}'Example response
HTTP/1.1 204 No ContentRenew Device certificate by order number
Submission of a request for a new Device certificate using the CSR and parameters of the initial Device certificate. The initial certificate is defined by its order number.
Path parameters
| Parameter | Description |
|---|---|
|
Order Number of certificate which you are going to renew. |
Example request
$ curl 'https://cert-manager.com/api/device/v1/renew/order/12345' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13677' \
-H 'password: Password123' \
-H 'customerUri: cst13677'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 45
{"orderNumber":13681,"backendCertId":"13681"}Renew Device certificate by serial number
Submission of a request for a new Device certificate using the CSR and parameters of the initial Device certificate. The initial certificate is defined by its serial number.
Path parameters
| Parameter | Description |
|---|---|
|
Serial Number of certificate which you are going to renew. |
Example request
$ curl 'https://cert-manager.com/api/device/v1/renew/serial/A7:35:E0:9A:D6:D1:C0:CC:56:EA:6C:D0:E3:97:B6:D9' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13704' \
-H 'password: Password123' \
-H 'customerUri: cst13704'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 45
{"orderNumber":13708,"backendCertId":"13708"}Replace Device certificate by order number
Submission of a request for a replace of a Device certificate using new CSR and the parameters of the initial Device certificate. The initial certificate is defined by its order number.
Path parameters
| Parameter | Description |
|---|---|
|
Order Number of certificate which you are going to replace. |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
csr |
String |
Certificate signing request related to new key pair |
[Must match the regular expression: |
reason |
String |
Short message explaining why certificate needs to be replaced |
[Must not be empty, Size must be between 1 and 512 inclusive] |
revoke |
Boolean |
Previous certificate will be revoked if true |
[Must not be null] |
Example request
$ curl 'https://cert-manager.com/api/device/v1/replace/order/252' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13714' \
-H 'password: Password123' \
-H 'customerUri: cst13714' \
-d '{"csr":"-----BEGIN CERTIFICATE REQUEST-----\nMIIC4jCCAcoCAQAwdDELMAkGA1UEBhMCVUExDTALBgNVBAgTBHRlc3QxDTALBgNV\nBAcTBHRlc3QxDTALBgNVBAoTBHRlc3QxDTALBgNVBAsTBHRlc3QxEjAQBgNVBAMT\nCWNjbXFhLmNvbTEVMBMGCSqGSIb3DQEJARYGdGVzdEB0MIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAul8SGkicOnrMjJDvgG8P2j1Ee5hY6ww+qSoe0oI2\ntvRcLBknPHMMAkxTjW9fy80wD8hyrnc+IGlQcq2R/tEMIJHRsJD603M+2FjAwlP9\n8xtiqv0hMyHO4fEt+HMyy8Q367aTBmnZCuAxJZJapfFW9wH5jGZxuX8mnrXVsBTD\n4ZBO4UFd9P4u8P0nJx80CiuDt4COSDl6Br4pNLciPVqfwj7LQ5/skwPkNCggk3/G\nxoQX/3FV7O4fC6WCxVP1uYjJVQjlD1Tf06hPNfonVfThVuP20OL3QAlnIF3lZiyY\nJ5etdFtu+BKcPNMdQDJOS/O4Zz0YJn6K2HdAXSc1YxYniwIDAQABoCkwJwYJKoZI\nhvcNAQkOMRowGDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQsF\nAAOCAQEAVJVTTELGHWoRh8JZt+kx/zO0VnibBq/D6uB405L+Ir80X48Ei9hTLB11\nAqhSBE+AbEgBhRnEIDBjiXEDcWvC532Omex721kc17ZTzowuD8lOjfQkTHbAmjIi\nnCQNFAPf0D/zpi6Eync5pi2P//Uj/Yn7oDYYli1t61EZwuQyEu4mbQ1efUnU/SOl\nAAQtDPhNwATZPmfefjM8+YuzhG70dQvmFAClcFayKM92Zx9khDd/VnLT85YzDULJ\n8iiHW8dZNblaTsUjKrc73iX2hONZIxw6B3tGCFs8mH9lZlExV7Y2er3t/lO1pdxe\nSUohEELWcttIxyWnYgxvwaWX4lfx9A==\n-----END CERTIFICATE REQUEST-----","reason":"Test","revoke":false}'Example response
HTTP/1.1 204 No ContentGet list of device certificates
Enables the administrator to get list of existing device certificates.
Example request
$ curl 'https://cert-manager.com/api/device/v1?size=10&position=0&commonName=34356576543tnl54hgnu49u90g&email=Someone%40nobody.comodo.od.ua&status=APPROVED&certTypeId=1036' -i -X GET \
-H 'login: admin_customer13672' \
-H 'password: Password123' \
-H 'customerUri: cst13672'Request parameters
| Parameter | Description |
|---|---|
|
Count of returned entries |
|
Position shift |
|
Certificate common name filter |
|
Certificate requester email filter |
|
Certificate status filter. Possible values: ', 'AWAITING_APPROVAL', 'APPROVED', 'DECLINED', 'APPLIED', 'ISSUED', 'DOWNLOADED' - deprecated, 'EXPIRED', 'REVOKED', 'REJECTED'' |
|
Certificate organization ID filter |
|
Certificate profile ID filter |
|
Certificate serial number filter |
|
Certificate backend ID filter |
|
Certificate signature algorithm filter |
|
Certificate public key algorithm filter |
|
Certificate public key size or curve name filter |
|
Certificate key usage filter |
|
Certificate extended key Usage filter |
HTTP request
GET /api/device/v1?size=10&position=0&commonName=34356576543tnl54hgnu49u90g&email=Someone%40nobody.comodo.od.ua&status=APPROVED&certTypeId=1036 HTTP/1.1
login: admin_customer13672
password: Password123
customerUri: cst13672
Host: cert-manager.comExample response
HTTP/1.1 200 OK
X-Total-Count: 1
Content-Type: application/json
Content-Length: 154
[{"id":76,"status":"APPROVED","backendCertId":"13676","certificateDetails":{"subject":"C=UA,ST=Odessa,L=Odessa,O=Test,OU=Test,CN=Test,E=test@test.test"}}]Response body
[{"id":76,"status":"APPROVED","backendCertId":"13676","certificateDetails":{"subject":"C=UA,ST=Odessa,L=Odessa,O=Test,OU=Test,CN=Test,E=test@test.test"}}]Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of requested device certificates |
|
|
Certificate ID |
|
|
Certificate ID in enrolling backend |
|
|
Certificate status |
|
|
Certificate details |
|
|
The subject of the issuing CA certificate |
|
|
The subject of CA certificate |
|
|
The subject alternative names of the issuing CA certificate |
|
|
The MD5 fingerprint of CA certificate |
|
|
The SHA1 fingerprint of CA certificate |
Response headers
| Name | Description |
|---|---|
|
Contains total number of device certificates available according to the filtering applied |
Get count of device certificates
Enables the administrator to get count of existing device certificates.
Example request
$ curl 'https://cert-manager.com/api/device/v1?commonName=34356576543tnl54hgnu49u90g&orgId=372&status=APPROVED' -i -X HEAD \
-H 'login: admin_customer13647' \
-H 'password: Password123' \
-H 'customerUri: cst13647'Request parameters
| Parameter | Description |
|---|---|
|
Certificate common name filter |
|
Certificate requester email filter |
|
Certificate status filter. Possible values: ', 'AWAITING_APPROVAL', 'APPROVED', 'DECLINED', 'APPLIED', 'ISSUED', 'DOWNLOADED' - deprecated, 'EXPIRED', 'REVOKED', 'REJECTED'' |
|
Certificate organization ID filter |
|
Certificate profile ID filter |
|
Certificate serial number filter |
|
Backend certificate ID filter |
|
Certificate signature algorithm filter |
|
Certificate public key algorithm filter |
|
Certificate public key size or curve name filter |
|
Certificate key usage filter |
|
Certificate extended key Usage filter |
HTTP request
HEAD /api/device/v1?commonName=34356576543tnl54hgnu49u90g&orgId=372&status=APPROVED HTTP/1.1
login: admin_customer13647
password: Password123
customerUri: cst13647
Host: cert-manager.comExample response
HTTP/1.1 200 OK
X-Total-Count: 1Response headers
| Name | Description |
|---|---|
|
Contains total number of device certificates available according to the filtering applied |
Get details of device certificate
Enables the administrator to get details of existing device certificate.
Example request
$ curl 'https://cert-manager.com/api/device/v1/67' -i -X GET \
-H 'login: admin_customer13627' \
-H 'password: Password123' \
-H 'customerUri: cst13627'HTTP request
GET /api/device/v1/67 HTTP/1.1
login: admin_customer13627
password: Password123
customerUri: cst13627
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
Certificate ID. |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 541
{"commonName":"34356576543tnl54hgnu49u90g","id":67,"orgId":360,"status":"Approved","orderNumber":13631,"backendCertId":"13631","certType":{"id":1026,"name":"Test device type","description":"Device cert profile","terms":[365],"keyTypes":{"RSA":["2048"]},"useSecondaryOrgName":false},"term":365,"requester":"Someone@nobody.comodo.od.ua","requested":"03/07/2023","expires":"03/06/2024","keyAlgorithm":"RSA","keySize":2048,"keyType":"RSA - 2048","certificateDetails":{"subject":"C=UA,ST=Odessa,L=Odessa,O=Test,OU=Test,CN=Test,E=test@test.test"}}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Certificate common name |
|
|
An ID using which this certificate can be revoked through Enrollment form |
|
|
An organization which this certificate is associated with |
|
|
The status of this certificate |
|
|
The obsolete parameter for the order identifier under which the certificate request has been processed. backendCertId should be used instead |
|
|
Certificate ID in enrolling backend |
|
|
Information about Certificate Profile this certificate was enrolled from |
|
|
Certificate Profile ID |
|
|
Use secondary organization name |
|
|
Certificate Profile name |
|
|
Certificate Profile description |
|
|
Terms (in days) available for the Certificate Profile |
|
|
Key types available for the Certificate Profile |
|
|
Term (days) |
|
|
The approver of the request for this certificate |
|
|
Requester |
|
|
Requested date |
|
|
Approved date |
|
|
Expiration date |
|
|
Key algorithm (deprecated, see "keyType") |
|
|
Key size (deprecated, see "keyType") |
|
|
Key type. For example: RSA - 2048, EC - P-256. |
|
|
SSL Serial Number |
|
|
Custom fields |
|
|
Custom field name |
|
|
Custom field value |
|
|
Certificate details |
|
|
The subject of the issuing CA certificate |
|
|
The subject of CA certificate |
|
|
The subject alternative names of the issuing CA certificate |
|
|
The MD5 fingerprint of CA certificate |
|
|
The SHA1 fingerprint of CA certificate |
Code Signing on Demand
The Code Signing on Demand (CSoD) API integrates the CSoD service and automation systems (such as Jenkins, TeamCity, Puppet, PerlScript) to provide an end-to-end, automated code signing platform.
Code signing requests are submitted by developers and approved by administrators. The code signing request must first be created, the files uploaded and the request submitted. The request needs to be approved by an administrator. Once approved, the request is completed automatically and the digitally signed files can be downloaded.
In addition to complete files it is possible to just sign hashes. Place the hash in a file with an md5 or sha extension and specify the HASH_SUM siging type when creating the request.
Developer resources
A developer is a special type of user allowed to use the CsoD service to digitally sign files. These API methods require the Developer Login authentication style.
Create code signing request
The code signing request must first be created by a developer. The creation returns a request ID and an URL to upload the file to be signed.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
organizationId |
Number |
Organization ID |
|
version |
String |
A free form field that can be used to provide file verson information if required |
Should not be empty |
algorithms |
String |
Hashing algorithm to use. Multiple comma separated values are possible if the file signing type supports it |
Supported values are: MD5, SHA1, SHA256, SHA384, SHA512 |
signingType |
String |
Type of file(s) to sign. All uploaded files must be of the same type |
Supported values are: MICROSOFT_AUTHENTICODE, JAVA, MICROSOFT_OFFICE_AND_VBA, WINDOWS_PHONE_AND_XBOX, ANDROID, HASH_SUM, POWERSHELL |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
ID for created request |
|
|
URL to upload files for signing |
Example request
$ curl 'https://cert-manager.com/api/csod/v1/requests/developer' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'Accept: application/json' \
-H 'email: test@email' \
-H 'password: 123' \
-H 'customerUri: cst13380' \
-d '{"organizationId":224,"version":"1","algorithms":"sha384","signingType":"java"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 96
{"requestId":5,"uploadUrl":"https://host:123/path?token=U6K3AMSCCGKUDL48OTEBGBOING&requestId=5"}Additional notes
Certificate Manager 19.10 contains a bug in that the uploadUrl response field is incorrect. The URL needs to have the requestId added as a URL parameter. Look at the Example response above.
Upload files
The files to be digitally signed must be uploaded to the URL returned when the code signing request was created. The upload takes the form of a POST with a multipart/form-data content type. If uploading multiple files, the keys just need to be unique, i.e. file1, file2.
Example request
$ curl -F 'file1=@filename' https://agenthost/path?token=L1P1J62D3ALTVB67M511T5CL73&requestId=5Example response
HTTP/1.1 204 No ContentAdditional Notes
The hosted code signing agent by default will use a self-signed certificate so the upload may require extra handling. For example if using curl you can specify the --insecure flag.
Submit signing request
After the files have been uploaded the signing request is submitted. The request must then be approved by before it is completed. Requests are approved by an administrator.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
requestId |
Number |
Request ID returned when request created |
Example request
$ curl 'https://cert-manager.com/api/csod/v1/requests/developer' -i -X PUT \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'email: test@email' \
-H 'password: 123' \
-H 'customerUri: cst13416' \
-d '{"requestId":1}'Example response
HTTP/1.1 204 No ContentGet code signing request count
Enables the developer to get the number of code signing requests created by them.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Requests count |
Example request
$ curl 'https://cert-manager.com/api/csod/v1/requests/developer/count' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'email: test@email' \
-H 'password: 123' \
-H 'customerUri: cst13376'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 11
{"count":1}Get list of submitted requests
Enables the developer to get the code signing requests IDs created by them.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of request IDs |
Example request
$ curl 'https://cert-manager.com/api/csod/v1/requests/developer/?size=1&position=10' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'email: test@email' \
-H 'password: 123' \
-H 'customerUri: cst13412'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 3
[2]Get code signing request details
Enables the developer to get the code signing requests IDs created by them.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Developer email address |
|
|
Organization name |
|
|
Department name. Optional |
|
|
Name of the person who approved operation |
|
|
Value provided when creating request |
|
|
Type of file(s), possible values are: MICROSOFT_AUTHENTICODE, JAVA, MICROSOFT_OFFICE_AND_VBA, WINDOWS_PHONE_AND_XBOX, ANDROID, HASH_SUM, POWERSHELL |
|
|
Creation date |
|
|
State of request, posible values are: INIT, CREATED, IN_PROGRESS, DECLINED, SIGNED, EXPIRED, FAILED |
|
|
Array of applied hash algorithms |
|
|
Array of signed files |
|
|
File name |
|
|
URL to download the digitally signed file from. The process of downloading does involve a redirect to the code signing agent |
|
|
File size |
Example request
$ curl 'https://cert-manager.com/api/csod/v1/requests/developer/1' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'email: test@email' \
-H 'password: 123' \
-H 'customerUri: cst13404'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 358
{"developerEmail":"test@email","organization":"org4Test","approver":"test ","version":"1","digestAlgorithms":["SHA256"],"signingService":"MICROSOFT_AUTHENTICODE","created":"03/07/2023 20:05:42 GMT","state":"SIGNED","files":[{"name":"test.msi","downloadUrl":"https://cert-manager.com/customer/cst13404/csfile/69d026b4-742a-49e6-8cfb-b808348c1d6b","size":10}]}Administrator resources
An administrator is a Certificate Manager user with privileges to approve code signing requests.
Approve code signing request
Enables the administrators to permit execution of the developer’s code signing request.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
requestId |
Number |
Request ID to be approved |
|
comment |
String |
Short message about approval |
None |
Example request
$ curl 'https://cert-manager.com/api/csod/v1/requests/admin/approve' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13364' \
-H 'password: Password123' \
-H 'customerUri: cst13364' \
-d '{"requestId":1,"comment":"Test"}'Example response
HTTP/1.1 204 No ContentDecline code signing request
Enables the administrators to decline execution of the developer’s code signing request.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
requestId |
Number |
Request ID to be declined |
|
comment |
String |
Short message about decline |
None |
Example request
$ curl 'https://cert-manager.com/api/csod/v1/requests/admin/decline' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13388' \
-H 'password: Password123' \
-H 'customerUri: cst13388' \
-d '{"requestId":1,"comment":"Test"}'Example response
HTTP/1.1 204 No ContentGet code signing request count
Enables the administrator to get the number of the code signing requests submitted and assigned to the organization(s) or department(s) that are delegated to them.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Requests count |
Example request
$ curl 'https://cert-manager.com/api/csod/v1/requests/admin/count' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13372' \
-H 'password: Password123' \
-H 'customerUri: cst13372'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 11
{"count":2}Get list of submitted requests
Enables the administrator to get the code signing requests IDs submitted and assigned to the organization(s) or department(s) that are delegated to them.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of request IDs |
Example request
$ curl 'https://cert-manager.com/api/csod/v1/requests/admin/?size=1&position=10' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13408' \
-H 'password: Password123' \
-H 'customerUri: cst13408'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 5
[2,3]Get code signing request details
Enables the administrator to get the code signing request details by its ID.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Developer email address |
|
|
Organization name |
|
|
Department name. Optional |
|
|
Name of the person who approved operation |
|
|
Value provided when creating request |
|
|
Type of file(s), possible values are: MICROSOFT_AUTHENTICODE, JAVA, MICROSOFT_OFFICE_AND_VBA, WINDOWS_PHONE_AND_XBOX, ANDROID, HASH_SUM, POWERSHELL |
|
|
Creation date |
|
|
State of request, posible values are: INIT, CREATED, IN_PROGRESS, DECLINED, SIGNED, EXPIRED, FAILED |
|
|
Array of applied hash algorithms |
|
|
Array of signed files |
|
|
File name |
|
|
URL to download the digitally signed file from. The process of downloading does involve a redirect to the code signing agent |
|
|
File size |
Example request
$ curl 'https://cert-manager.com/api/csod/v1/requests/admin/1' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13400' \
-H 'password: Password123' \
-H 'customerUri: cst13400'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 358
{"developerEmail":"test@email","organization":"org4Test","approver":"test ","version":"1","digestAlgorithms":["SHA256"],"signingService":"MICROSOFT_AUTHENTICODE","created":"03/07/2023 20:05:42 GMT","state":"SIGNED","files":[{"name":"test.msi","downloadUrl":"https://cert-manager.com/customer/cst13400/csfile/69d026b4-742a-49e6-8cfb-b808348c1d6b","size":10}]}Domain control validation resource
Any domain added to SCM must pass Domain Control Validation (DCV) before Sectigo can issue certificates to it. DCV is a procedure of validation of the Applicant’s control of the domain which needs to appear in the subject of the certificate. This resource is used to perform DCV.
Start validation HTTP
Start Domain Control Validation using HTTP method.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
URL |
|
|
First line |
|
|
Second line |
Example request
$ curl 'https://cert-manager.com/api/dcv/v1/validation/start/domain/http' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer16470' \
-H 'password: Password123' \
-H 'customerUri: cst16470' \
-d '{"domain":"ccmqa.com"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 196
{"url":"http://ccmqa.com/.well-known/pki-validation/89AE81C40CE8BCD629A9955DAB0CA31E.txt","firstLine":"464ed6ba4fde47b757d6d719155d161d7880131484cb9bc639291c61110c50ff","secondLine":"sectigo.com"}Start validation HTTPS
Start Domain Control Validation using HTTPS method.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
URL |
|
|
First line |
|
|
Second line |
Example request
$ curl 'https://cert-manager.com/api/dcv/v1/validation/start/domain/https' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer16478' \
-H 'password: Password123' \
-H 'customerUri: cst16478' \
-d '{"domain":"ccmqa.com"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 197
{"url":"https://ccmqa.com/.well-known/pki-validation/89AE81C40CE8BCD629A9955DAB0CA31E.txt","firstLine":"464ed6ba4fde47b757d6d719155d161d7880131484cb9bc639291c61110c50ff","secondLine":"sectigo.com"}Start validation CName
Start Domain Control Validation using CName method.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Host |
|
|
Point |
Example request
$ curl 'https://cert-manager.com/api/dcv/v1/validation/start/domain/cname' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer16454' \
-H 'password: Password123' \
-H 'customerUri: cst16454' \
-d '{"domain":"ccmqa.com"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 144
{"host":"_89ae81c40ce8bcd629a9955dab0ca31e.ccmqa.com.","point":"464ed6ba4fde47b757d6d719155d161d.7880131484cb9bc639291c61110c50ff.sectigo.com."}Start validation email
Start Domain Control Validation using Email method.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of e-mails |
Example request
$ curl 'https://cert-manager.com/api/dcv/v1/validation/start/domain/email' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer16462' \
-H 'password: Password123' \
-H 'customerUri: cst16462' \
-d '{"domain":"ccmqa.com"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 155
{"emails":["admin@ccmqa.com","administrator@ccmqa.com","hostmaster@ccmqa.com","postmaster@ccmqa.com","webmaster@ccmqa.com","domain-admin@comodogroup.com"]}Submit validation HTTP
Submit a request for Domain Control Validation using HTTP method.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
domain |
String |
Domain to validate |
[Must not be empty, Size must be between 0 and 255 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/dcv/v1/validation/submit/domain/http' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer16470' \
-H 'password: Password123' \
-H 'customerUri: cst16470' \
-d '{"domain":"ccmqa.com"}'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Order status |
|
|
Message |
|
|
Status |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 83
{"status":"VALIDATED","orderStatus":"SUBMITTED","message":"Submitted successfully"}Submit validation HTTPS
Submit a request for Domain Control Validation using HTTPS method.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
domain |
String |
Domain to validate |
[Must not be empty, Size must be between 0 and 255 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/dcv/v1/validation/submit/domain/https' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer16478' \
-H 'password: Password123' \
-H 'customerUri: cst16478' \
-d '{"domain":"ccmqa.com"}'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Order status |
|
|
Message |
|
|
Status |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 83
{"status":"VALIDATED","orderStatus":"SUBMITTED","message":"Submitted successfully"}Submit validation CName
Submit a request for Domain Control Validation using CName method.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
domain |
String |
Domain to validate |
[Must not be empty, Size must be between 0 and 255 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/dcv/v1/validation/submit/domain/cname' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer16454' \
-H 'password: Password123' \
-H 'customerUri: cst16454' \
-d '{"domain":"ccmqa.com"}'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Order status |
|
|
Message |
|
|
Status |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 83
{"status":"VALIDATED","orderStatus":"SUBMITTED","message":"Submitted successfully"}Submit validation email
Submit a request for Domain Control Validation using Email method.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
domain |
String |
Domain to validate |
[Must not be empty, Size must be between 0 and 255 inclusive] |
String |
[Must be a well-formed email address, Must not be empty] |
Example request
$ curl 'https://cert-manager.com/api/dcv/v1/validation/submit/domain/email' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer16462' \
-H 'password: Password123' \
-H 'customerUri: cst16462' \
-d '{"domain":"ccmqa.com","email":"email@ccmqa.com"}'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Order status |
|
|
Message |
|
|
Status |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 83
{"status":"VALIDATED","orderStatus":"SUBMITTED","message":"Submitted successfully"}Get validation status
Obtain the result of Domain Control Validation procedure as a validation status of the subject domain.
V2
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
domain |
String |
Domain which status is requested |
[Must not be empty, Size must be between 0 and 255 inclusive] |
HTTP request
POST /api/dcv/v2/validation/status HTTP/1.1
Content-Type: application/json;charset=utf-8
login: admin_customer16486
password: Password123
customerUri: cst16486
Accept: application/json
Content-Length: 23
Host: cert-manager.com
{"domain":"ccmdev.com"}Example request
$ curl 'https://cert-manager.com/api/dcv/v2/validation/status' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer16486' \
-H 'password: Password123' \
-H 'customerUri: cst16486' \
-H 'Accept: application/json' \
-d '{"domain":"ccmdev.com"}'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Validation status |
|
|
Validation order status |
|
|
Validation expiration date |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 76
{"status":"EXPIRED","orderStatus":"SUBMITTED","expirationDate":"2023-03-06"}V1
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
domain |
String |
Domain to validate |
[Must not be empty, Size must be between 0 and 255 inclusive] |
HTTP request
POST /api/dcv/v1/validation/status HTTP/1.1
Content-Type: application/json;charset=utf-8
login: admin_customer16374
password: Password123
customerUri: cst16374
Content-Length: 22
Host: cert-manager.com
{"domain":"ccmqa.com"}Example request
$ curl 'https://cert-manager.com/api/dcv/v1/validation/status' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer16374' \
-H 'password: Password123' \
-H 'customerUri: cst16374' \
-d '{"domain":"ccmqa.com"}'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Validation status |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 22
{"status":"VALIDATED"}Search domains
Obtain the result of Domain Control Validation procedure as a validation statuses.
Request parameters
| Parameter | Description |
|---|---|
|
Position shift |
|
Count of entries |
|
Domain |
|
Organization ID |
|
Department ID |
|
DCV Status |
|
DCV Order status |
|
Expires in (days) |
HTTP request
GET /api/dcv/v1/validation?size=10&position=0&org=&department=&domain=ccmqa.com&expiresIn=&dcvStatus=&orderStatus=&org=&department=&expiresIn=&dcvStatus=&orderStatus= HTTP/1.1
login: admin_customer16382
password: Password123
customerUri: cst16382
Accept: application/json
Host: cert-manager.comExample request
$ curl 'https://cert-manager.com/api/dcv/v1/validation?size=10&position=0&org=&department=&domain=ccmqa.com&expiresIn=&dcvStatus=&orderStatus=&org=&department=&expiresIn=&dcvStatus=&orderStatus=' -i -X GET \
-H 'login: admin_customer16382' \
-H 'password: Password123' \
-H 'customerUri: cst16382' \
-H 'Accept: application/json'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of DCV domains |
|
|
Domain |
|
|
DCV Status |
|
|
DCV Order status |
|
|
DCV Method |
|
|
DCV Expiration date |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 265
[{"domain":"ccmqa.com","dcvStatus":"VALIDATED","dcvOrderStatus":"NOT_INITIATED","dcvMethod":"EMAIL","expirationDate":"2023-03-08"},{"domain":"www.ccmqa.com","dcvStatus":"VALIDATED","dcvOrderStatus":"NOT_INITIATED","dcvMethod":"EMAIL","expirationDate":"2023-03-08"}]Clear validation
Enables the administrator to reset the parameters of a request for DCV and drop Domain validation Status and DCV Order Status of the domain to the initial values.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Order status |
|
|
Message |
|
|
Status |
Example request
$ curl 'https://cert-manager.com/api/dcv/v1/validation/clear' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer16366' \
-H 'password: Password123' \
-H 'customerUri: cst16366' \
-d '{"domain":"ccmqa.com"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 119
{"status":"VALIDATED","orderStatus":"NOT_INITIATED","message":"DCV status: VALIDATED; DCV order status: NOT_INITIATED"}Custom field resource
Create custom field
Enables the administrator to create the custom field for a particular type of certificate.
V2
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
name |
String |
Custom field name |
[Must not be blank, Size must be between 0 and 256 inclusive] |
mandatories |
Array |
List of access methods for which this field is mandatory |
Possible values: ADMIN_UI, REST_API, SOAP_API, WEB_FORM |
certType |
String |
Custom field certificate type |
Possible values: ssl, smime, device |
state |
String |
State |
[] |
Example request
$ curl 'https://cert-manager.com/api/customField/v2' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'Accept: application/json' \
-H 'login: admin_customer13494' \
-H 'password: Password123' \
-H 'customerUri: cst13494' \
-d '{"name":"test","certType":"ssl","state":"ACTIVE","mandatories":["ADMIN_UI","REST_API","SOAP_API","WEB_FORM"]}'Example response
HTTP/1.1 201 Created
Location: https://cert-manager.com/api/customField/v2/-1V1
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Custom field ID |
|
|
Custom field name |
|
|
Custom field mandatory attribute |
|
|
Custom field certificate type |
|
|
State |
Example request
$ curl 'https://cert-manager.com/api/customField/v1' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'Accept: application/json' \
-H 'login: admin_customer13474' \
-H 'password: Password123' \
-H 'customerUri: cst13474' \
-d '{"name":"test","mandatory":true,"certType":"ssl","state":"ACTIVE"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 74
{"id":-1,"name":"test","mandatory":true,"certType":"ssl","state":"ACTIVE"}Custom field details
Enables the administrator to get details for a particular custom field by ID.
V2
Path parameters
| Parameter | Description |
|---|---|
|
ID of custom field whose details are being requested |
Example request
$ curl 'https://cert-manager.com/api/customField/v2/100500' -i -X GET \
-H 'Accept: application/json' \
-H 'login: admin_customer13502' \
-H 'password: Password123' \
-H 'customerUri: cst13502'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 121
{"id":100500,"name":"test","certType":"ssl","state":"ACTIVE","mandatories":["ADMIN_UI","REST_API","SOAP_API","WEB_FORM"]}Get custom fields
Enables the administrator to get the list of all existing custom fields with their details.
V2
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of custom fields |
|
|
Custom field ID |
|
|
Custom field name |
|
|
List of access methods for which this field is mandatory |
|
|
Custom field certificate type |
|
|
State |
Example request
$ curl 'https://cert-manager.com/api/customField/v2' -i -X GET \
-H 'login: admin_customer13506' \
-H 'password: Password123' \
-H 'customerUri: cst13506' \
-H 'Accept: application/json'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 126
[{"id":101,"name":"Test field","certType":"ssl","state":"ACTIVE","mandatories":["ADMIN_UI","REST_API","SOAP_API","WEB_FORM"]}]V1
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of custom fields |
|
|
Custom field ID |
|
|
Custom field name |
|
|
Custom field mandatory attribute |
|
|
Custom field certificate type |
|
|
State |
Example request
$ curl 'https://cert-manager.com/api/customField/v1' -i -X GET \
-H 'login: admin_customer13482' \
-H 'password: Password123' \
-H 'customerUri: cst13482' \
-H 'Accept: application/json'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 83
[{"id":101,"name":"Test field","mandatory":true,"certType":"ssl","state":"ACTIVE"}]Get custom fields by Certificate Profile
Enables the administrator to get the list of all custom fields with their details existing for a particular type of certificate.
V2
Request parameters
| Parameter | Description |
|---|---|
|
Certificate type. Possible values: [SMIME, SSL, Device] |
Example request
$ curl 'https://cert-manager.com/api/customField/v2/?certType=SSL' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'Accept: application/json' \
-H 'login: admin_customer13510' \
-H 'password: Password123' \
-H 'customerUri: cst13510'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 126
[{"id":101,"name":"Test field","certType":"ssl","state":"ACTIVE","mandatories":["ADMIN_UI","REST_API","SOAP_API","WEB_FORM"]}]Response fields
| Path | Type | Description |
|---|---|---|
|
|
Custom field ID |
|
|
Custom field name |
|
|
List of access methods for which this field is mandatory |
|
|
Custom field certificate type |
|
|
State |
V1
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Custom field ID |
|
|
Custom field name |
|
|
Custom field mandatory attribute |
|
|
Custom field certificate type |
|
|
State |
Example request
$ curl 'https://cert-manager.com/api/customField/v1/ssl' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'Accept: application/json' \
-H 'login: admin_customer13486' \
-H 'password: Password123' \
-H 'customerUri: cst13486'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 83
[{"id":101,"name":"Test field","mandatory":true,"certType":"ssl","state":"ACTIVE"}]Update custom fields
Allows the administrator to edit the custom field.
V2
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Custom field ID |
|
|
Custom field name |
|
|
List of access methods for which this field is mandatory |
|
|
Custom field certificate type |
|
|
State |
Example request
$ curl 'https://cert-manager.com/api/customField/v2' -i -X PUT \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'Accept: application/json' \
-H 'login: admin_customer13514' \
-H 'password: Password123' \
-H 'customerUri: cst13514' \
-d '{"id":101,"name":"Test field","certType":"ssl","state":"ACTIVE","mandatories":[]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 81
{"id":101,"name":"Test field","certType":"ssl","state":"ACTIVE","mandatories":[]}V1
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Custom field ID |
|
|
Custom field name |
|
|
Custom field mandatory attribute |
|
|
Custom field certificate type |
|
|
State |
Example request
$ curl 'https://cert-manager.com/api/customField/v1' -i -X PUT \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'Accept: application/json' \
-H 'login: admin_customer13490' \
-H 'password: Password123' \
-H 'customerUri: cst13490' \
-d '{"id":101,"name":"Test field","mandatory":true,"certType":"ssl","state":"ACTIVE"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 81
{"id":101,"name":"Test field","mandatory":true,"certType":"ssl","state":"ACTIVE"}Delete custom fields
Allows the administrator to delete the custom field which is no longer needed.
V2
Path parameters
| Parameter | Description |
|---|---|
|
Custom field ID |
Example request
$ curl 'https://cert-manager.com/api/customField/v2/1' -i -X DELETE \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'Accept: application/json' \
-H 'login: admin_customer13498' \
-H 'password: Password123' \
-H 'customerUri: cst13498'Example response
HTTP/1.1 204 No ContentV1
Path parameters
| Parameter | Description |
|---|---|
|
Custom field ID |
Example request
$ curl 'https://cert-manager.com/api/customField/v1/1' -i -X DELETE \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'login: admin_customer13478' \
-H 'password: Password123' \
-H 'customerUri: cst13478'Example response
HTTP/1.1 204 No ContentDiscovery resource
Add the following introduction under the 'Discovery resource':
The Discovery API automates frequently performed operations to accelerate certificate discovery for customers with dynamically changing IP ranges.
The 'Tasks' resource contains information about planned discovery scans. A task comprises general information (task name, agent, ranges to scan), assignment rules, scan schedule, and has a 'Status' parameter.
Add network scan task
Enables administrators to create a scan task for the private and/or public network(s) in search of SSL certificates.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
name |
String |
Task name |
[Must not be empty, Size must be between 1 and 256 inclusive] |
agent |
String |
Agent name |
[Must not be empty] |
ranges |
Array |
Array of ranges |
[Must not be empty] |
ranges[].address |
String |
Range address |
|
ranges[].ports |
String |
Range port |
|
certBucketId |
String |
Id of the bucket to which this task will be applied |
[Must not be null] |
frequency |
String |
Task frequency |
[Must not be empty] |
timeZone |
String |
Time zone |
[Must not be empty] |
time |
Object |
Time |
[Must not be null] |
time.hours |
Number |
Hours |
[] |
time.minutes |
Number |
Minutes |
[] |
month |
Number |
Month |
[Must be at most 11] |
dayOfMonth |
Number |
Day of month |
[Must be at most 30] |
dayOfWeek |
Number |
Day of week |
[Must be at most 6] |
Example request
$ curl 'https://cert-manager.com/api/discovery/v2/net_task' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer14186' \
-H 'password: Password123' \
-H 'customerUri: cst14186' \
-d '{"name":"AQWTSQGCZTMDANKYJQDDUOTWYTEDFQMQ","agent":"org4Testzai02","certBucketId":"f258ef72-7cfd-439a-825b-605bf98adcda","ranges":[{"address":"92.115.4.177/32","ports":"2"}],"frequency":"Daily","timeZone":"UTC+00:00 - GMT, UCT, UTC, WET, EGST","time":{"hours":0,"minutes":0},"month":0,"dayOfMonth":0,"dayOfWeek":0}'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Task ID |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 13
{"taskId":-1}Update network scan task
Enables administrators to edit a network scan task.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
taskId |
Number |
Task ID |
[Must not be empty, Size must be between 1 and 256 inclusive] |
name |
String |
Task name |
[Must not be empty, Size must be between 1 and 256 inclusive] |
agent |
String |
Agent name |
[Must not be empty] |
ranges |
Array |
Array of ranges |
[Must not be empty] |
ranges[].address |
String |
Range address |
|
ranges[].ports |
String |
Range port |
|
certBucketId |
String |
Id of the bucket to which this task will be applied |
[Must not be null] |
frequency |
String |
Task frequency |
[Must not be empty] |
timeZone |
String |
Time zone |
[Must not be empty] |
time |
Object |
Time |
[Must not be null] |
time.hours |
Number |
Hours |
[] |
time.minutes |
Number |
Minutes |
[] |
month |
Number |
Month |
[Must be at most 11] |
dayOfMonth |
Number |
Day of month |
[Must be at most 30] |
dayOfWeek |
Number |
Day of week |
[Must be at most 6] |
Example request
$ curl 'https://cert-manager.com/api/discovery/v2/net_task' -i -X PUT \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer14262' \
-H 'password: Password123' \
-H 'customerUri: cst14262' \
-d '{"taskId":3489,"name":"RYLNWYXDDUOPWWGFNLIURMZNVPSOPFUA","agent":"org4Testuz7ba","certBucketId":"92b98fd3-9379-42d0-bd55-017de3b15e9e","ranges":[{"address":"50.79.55.92/32","ports":"1"}],"frequency":"Monthly","timeZone":"UTC+00:00 - GMT, UCT, UTC, WET, EGST","time":{"hours":0,"minutes":0},"month":0,"dayOfMonth":0,"dayOfWeek":0}'Example response
HTTP/1.1 200 OKGet network scan task
Enables the administrator to get the parameters of a particular task of network scanning which he/she is authorized to view and manage.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Task name |
|
|
Agent name |
|
|
Array of ranges |
|
|
Range address |
|
|
Range port |
|
|
Task status |
|
|
Task frequency |
|
|
Time zone |
|
|
Time |
|
|
Hours |
|
|
Minutes |
|
|
Month |
|
|
Day of month |
|
|
Day of week |
Example request
$ curl 'https://cert-manager.com/api/discovery/v2/net_task/2883' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer14246' \
-H 'password: Password123' \
-H 'customerUri: cst14246'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 221
{"name":"Discovery task 0","agent":"","ranges":[],"frequency":"Daily","timeZone":"UTC+00:00 - GMT, UCT, UTC, WET, EGST","time":{"hours":20,"minutes":12},"month":null,"dayOfMonth":null,"dayOfWeek":null,"status":"New Scan"}Get network scan task list
Enables the administrator to get the list of existing tasks of scanning the network(s) which he/she is authorized to view and manage.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
List of Scan Tasks |
|
|
Scan Task ID |
|
|
Name of Scan Task |
|
|
Scan Task Status |
Example request
$ curl 'https://cert-manager.com/api/discovery/v2/net_task?size=10&position=0&name=Discovery+task+1&status=NEW' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer14410' \
-H 'password: Password123' \
-H 'customerUri: cst14410'Example response
HTTP/1.1 200 OK
X-Total-Count: 10
Content-Type: application/json
Content-Length: 621
[{"taskId":8943,"name":"Discovery task 0","status":"New Scan"},{"taskId":8944,"name":"Discovery task 1","status":"New Scan"},{"taskId":8945,"name":"Discovery task 2","status":"New Scan"},{"taskId":8946,"name":"Discovery task 3","status":"New Scan"},{"taskId":8947,"name":"Discovery task 4","status":"New Scan"},{"taskId":8948,"name":"Discovery task 5","status":"New Scan"},{"taskId":8949,"name":"Discovery task 6","status":"New Scan"},{"taskId":8950,"name":"Discovery task 7","status":"New Scan"},{"taskId":8951,"name":"Discovery task 8","status":"New Scan"},{"taskId":8952,"name":"Discovery task 9","status":"New Scan"}]Start network scan task
Enables administrators to start a network(s) scan for a specific task
Example request
$ curl 'https://cert-manager.com/api/discovery/v2/net_task/9347/start' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer14422' \
-H 'password: Password123' \
-H 'customerUri: cst14422'Path parameters
| Parameter | Description |
|---|---|
|
Task ID |
Example response
HTTP/1.1 200 OKDelete network scan task
Enables administrators to delete a specific network scanning task.
Example request
$ curl 'https://cert-manager.com/api/discovery/v2/net_task/9145' -i -X DELETE \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer14414' \
-H 'password: Password123' \
-H 'customerUri: cst14414'Path parameters
| Parameter | Description |
|---|---|
|
Task ID |
Example response
HTTP/1.1 204 No ContentCreate assignment rule
Assignment Rules are associated with discovery tasks to assign 'Unmanaged' certificates (those not issued by SCM) to a particular Organization or Department
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
name |
String |
Assignment rule name |
[Must not be null, Size must be between 1 and 128 inclusive] |
orgId |
Number |
Organization ID |
[Must be at least 1, Must not be null] |
certType |
String |
Certificate type. Default value is SSL for backward compatibility. Values: [SSL, SMIME, CodeSign, Device] |
[] |
filters[] |
Array |
Array of rule filters |
[Must not be empty] |
filters[].filterType |
String |
Rule filter type |
[Must not be empty] |
filters[].matchType |
String |
Rule match type |
[Must not be empty] |
filters[].value |
String |
Rule value |
[Must not be empty, Size must be between 0 and 128 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/assignmentrule' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer132' \
-H 'password: Password123' \
-H 'customerUri: cst132' \
-d '{"name":"CKHRGFBWAOBTQAVLYRAXCVJZCKCXHFPO","orgId":64,"filters":[{"filterType":"ORGANIZATION","matchType":"MATCHES","value":"org4Test"}],"certType":"SSL"}'Example response
HTTP/1.1 201 Created
Location: https://cert-manager.com/api/discovery/v1/assignmentrule/252Update assignment rule
Enables the administrator to edit the existing assignment rule.
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/assignmentrule/12171' -i -X DELETE \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer12540' \
-H 'password: Password123' \
-H 'customerUri: cst12540' \
-d '{"ruleId":0,"name":"PQDDJDGOMBKJOKPYXCQLUKWFXJJOFKXZ","orgId":164,"filters":[{"filterType":"ORGANIZATION","matchType":"STARTS_WITH","value":"org4Test"}],"certType":"SSL"}'Path parameters
| Parameter | Description |
|---|---|
|
Assignment rule ID |
Example response
HTTP/1.1 204 No ContentFind assignment rule by ID
Enables the administrator to find the assignment rule by its ID.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Assignment rule name |
|
|
Assignment rule organization ID |
|
|
Assignment rule certificate type |
|
|
Array of rule filters |
|
|
Rule filter type |
|
|
Rule match type |
|
|
Rule value |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/assignmentrule/4697' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer4874' \
-H 'password: Password123' \
-H 'customerUri: cst4874' \
-d '{"ruleId":3485,"name":"COECKXUPWTWYHCHVWKGACGZJULZLMIMT","orgId":98,"filters":[{"filterType":"ORGANIZATION","matchType":"STARTS_WITH","value":"org4Test"}],"certType":"SSL"}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 116
{"name":"Assignment rule 4878 [organization: org4Test, customer ID: 105]","orgId":112,"filters":[],"certType":"SSL"}Get assignment rules count
Enables administrators to get the number of existing assignment rules for the organization or department delegated to them.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Assignment rules count |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/assignmentrule/count' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer4252' \
-H 'password: Password123' \
-H 'customerUri: cst4252'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 13
{"count":202}Get assignment rules ID list
Enables Admins to get the list of existing assignment rules IDs for the organization or department delegated to them.
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of assignment rule IDs |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/assignmentrule/?size=10&position=0' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer12334' \
-H 'password: Password123' \
-H 'customerUri: cst12334'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 61
[11969,11970,11971,11972,11973,11974,11975,11976,11977,11978]Delete assignment rule
Enables the administrator to delete a particular assignment rule that is applicable to the organization or department delegated to them.
Path parameters
| Parameter | Description |
|---|---|
|
Assignment rule ID |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/assignmentrule/4495' -i -X DELETE \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer4668' \
-H 'password: Password123' \
-H 'customerUri: cst4668'Example response
HTTP/1.1 204 No ContentCreate cert bucket
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
name |
String |
Cert Bucket name |
[Must be at most 128, Must not be null] |
assignmentRules |
Array |
Assignment rule IDs |
[] |
orgDelegation |
Array |
Delegated organization IDs |
[] |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/bucket' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: admin_customer13549' \
-H 'password: Password123' \
-H 'customerUri: test' \
-d '{"name": "Cert Bucket Example", "assignmentRules": [12981], "orgDelegation":[300]}'Example response
HTTP/1.1 201 Created
Location: https://cert-manager.com/api/discovery/v1/bucket/54b283dc-4f69-444b-ac29-0346e4e2f627Update cert bucket
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
name |
String |
Cert Bucket name |
[Must be at most 128, Must not be null] |
assignmentRules |
Array |
Assignment rule IDs |
[] |
orgDelegation |
Array |
Delegated organization IDs |
[] |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/bucket/cb9fa5fb-336f-48bb-9fd0-b6b2585d60c9' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'login: admin_customer13569' \
-H 'password: Password123' \
-H 'customerUri: test' \
-d '{"name": "Cert Bucket Example", "assignmentRules": [12984], "orgDelegation":[309]}'Path parameters
| Parameter | Description |
|---|---|
|
Cert Bucket ID |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 118
{"id":"cb9fa5fb-336f-48bb-9fd0-b6b2585d60c9","name":"Cert Bucket Example","assignmentRules":[6],"orgDelegation":[309]}Find cert bucket by ID
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Cert Bucket ID |
|
|
Cert Bucket name |
|
|
Assignment rule IDs |
|
|
Delegated organization IDs |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/bucket/13f3029c-95f1-412e-9820-2fc9fb60ccdf' -i -X GET \
-H 'login: admin_customer13562' \
-H 'password: Password123' \
-H 'customerUri: test'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 118
{"id":"13f3029c-95f1-412e-9820-2fc9fb60ccdf","name":"Example Cert Bucket","assignmentRules":[5],"orgDelegation":[306]}List cert buckets
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Certificate buckets list |
|
|
ID |
|
|
Name |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/bucket?position=0&size=10' -i -X GET \
-H 'login: admin_customer13566' \
-H 'password: Password123' \
-H 'customerUri: test'Example response
HTTP/1.1 200 OK
X-Total-Count: 1
Content-Type: application/json
Content-Length: 68
[{"id":"9a2ca706-0fda-4efb-84eb-82be147ca400","name":"test bucket"}]Delete cert bucket
Path parameters
| Parameter | Description |
|---|---|
|
Cert Bucket ID |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/bucket/fdaec626-e55a-4f1f-8a63-4d90ffbd9429' -i -X DELETE \
-H 'login: admin_customer13555' \
-H 'password: Password123' \
-H 'customerUri: test'Example response
HTTP/1.1 200 OKCertificates in cert bucket
Path parameters
| Parameter | Description |
|---|---|
|
Cert Bucket ID |
Request parameters
| Parameter | Description |
|---|---|
|
Position shift |
|
Count of entries |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/bucket/613d0e16-a9a5-4414-8c8b-7b40e2b580f8/certificates?position=0&size=0' -i -X GET \
-H 'login: admin_customer13558' \
-H 'password: Password123' \
-H 'customerUri: test'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 478
{"total":1,"data":[{"hash":"11a736dd5d67af1ed5b6a14fbf92ca8fe97df841","details":{"cn":"*.ssl.hwcdn.net","validFrom":"2023-03-07T22:09:07Z","validTo":"2023-03-07T22:09:07Z","issuer":{},"subject":{},"san":[],"keyAlgorithm":"RSA","keySize":2048,"signatureAlgorithm":"SHA256withRSA","sn":"32616335373265322D343361362D336331332D396537632D643330306338303130643332","md5Hash":"0e6d4f8af5d5a163676d0780b3b4b54e","sha1Hash":"11a736dd5d67af1ed5b6a14fbf92ca8fe97df841","ku":[],"eku":[]}}]}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Total count of founded certificates |
|
|
List of Certificates |
|
|
Certificate hash |
|
|
Certificate details |
|
|
Certificate common name |
|
|
Certificate issue date |
|
|
Certificate expiry date |
|
|
Certificate subject |
|
|
Certificate subject alternative names |
|
|
Certificate key algorithm |
|
|
Certificate key size |
|
|
Certificate signature algorithm |
|
|
Certificate serial number |
|
|
Certificate md5 hash |
|
|
Certificate sha1 hash |
|
|
Certificate key usage |
|
|
Certificate extended key usage |
|
|
Certificate issuer |
Run rules against certificates bucket
Path parameters
| Parameter | Description |
|---|---|
|
Cert Bucket ID |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/bucket/07f41695-e1ce-4401-bd14-fd882b706d70/runrules' -i -X POST \
-H 'login: admin_customer13541' \
-H 'password: Password123' \
-H 'customerUri: test'Example response
HTTP/1.1 200 OKAssign certificates in cert bucket
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
hashes |
Array |
List of certificate hashes |
[Must not be empty] |
certType |
String |
Certificate type. Values: [SSL, SMIME, CodeSign, Device] |
[Must not be null] |
organizationId |
Number |
Organization ID |
[Must not be null] |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/bucket/0f0426b8-ae60-4a0b-bb72-d5f61a932adb/assign' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: admin_customer13545' \
-H 'password: Password123' \
-H 'customerUri: test' \
-d '{"hashes":["hash"],"certType":"SSL","organizationId":12}'Path parameters
| Parameter | Description |
|---|---|
|
Cert Bucket ID |
Example response
HTTP/1.1 200 OKGet operations list
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Cert Bucket ID |
|
|
List of operations |
|
|
Operation ID |
|
|
Operation status |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/net_task/51/operation' -i -X GET \
-H 'Accept: application/json' \
-H 'login: nick-107' \
-H 'password: Password123' \
-H 'customerUri: test'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 272
{"total":4,"data":[{"id":"2c9780878596231201859c0992dc0004","status":"completed"},{"id":"2c9780878596231201859d39f42d0005","status":"completed"},{"id":"2c978087859623120185a07545370006","status":"completed"},{"id":"2c978087859623120185a0861ad20007","status":"completed"}]}Stop operation
Path parameters
| Parameter | Description |
|---|---|
|
Discovery task type. Allowed values: [ad_task, net_task] |
|
Discovery task ID |
|
Operation ID |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/net_task/1/operation/2c978087859623120185a07545370106/stop' -i -X POST \
-H 'login: nick-112' \
-H 'password: Password123' \
-H 'customerUri: test'Example response
HTTP/1.1 200 OKGet result of operation
Path parameters
| Parameter | Description |
|---|---|
|
Discovery task type. Allowed values: [ad_task, net_task] |
|
Discovery task ID |
|
Operation ID |
Request parameters
| Parameter | Description |
|---|---|
|
Position shift |
|
Count of entries |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Total count of founded certificates |
|
|
Array of founded certificates |
|
|
Operation details |
|
|
Operation ID |
|
|
Operation create date |
|
|
Certificate status |
|
|
Certificate status: tls version |
|
|
Certificate status: handshake MS |
|
|
Certificate status: ciper suite |
|
|
Certificate status: name lookup |
|
|
Certificate create date |
|
|
Certificate data |
|
|
Certificate hash |
|
|
Certificate managed id |
|
|
Certificate details |
|
|
Certificate common name |
|
|
Certificate issue date |
|
|
Certificate expiry date |
|
|
Certificate subject |
|
|
Certificate subject alternative names |
|
|
Certificate key algorithm |
|
|
Certificate key size |
|
|
Certificate signature algorithm |
|
|
Certificate serial number |
|
|
Certificate md5 hash |
|
|
Certificate sha1 hash |
|
|
Certificate issuer |
|
|
Certificate key usage |
|
|
Certificate key usage |
|
|
Certificate location |
|
|
Certificate location type |
|
|
Certificate location details |
|
|
Certificate location ip |
|
|
Certificate location port |
|
|
Certificate location host name |
Example request
$ curl 'https://cert-manager.com/api/discovery/v1/net_task/50/operation/2c9b8087864fefb701865a26f77b0001/result' -i -X GET \
-H 'Accept: application/json' \
-H 'login: nick-102' \
-H 'password: Password123' \
-H 'customerUri: test'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 794
{"total":1,"data":[{"certificate":{"hash":"09a736dd5d67af1ed5b6a14fbf92ca8fe97df839","managedId":"ssl:130","details":{"cn":"*.ssl.hwcdn.net","validFrom":"2022-12-30T02:00:00Z","validTo":"2024-01-20T01:59:59Z","issuer":{},"subject":{},"san":[],"keyAlgorithm":"RSA","keySize":2048,"signatureAlgorithm":"SHA256withRSA","sn":"2AC572E243A63C139E7CD300C8010D32","md5Hash":"0e6d4f8af5d5a163676d0780b3b4b54e","sha1Hash":"09a736dd5d67af1ed5b6a14fbf92ca8fe97df839","ku":[],"eku":[]}},"location":{"type":"NETWORK_HOST","details":{"ip":"151.139.128.14","port":443,"hostName":"sectigo.com"}},"status":{"tlsVersion":1,"cipherSuite":"123","handshakeMs":2,"nameLookupMs":3},"operation":{"id":"2c9b8087864fefb701865a26f77b0001","created":"2023-02-16T12:15:48.604401Z"},"created":"2023-01-26T05:28:06.879212Z"}]}Client Administrator resource
Create client admin
Create client admin’s account.
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
login |
String |
Login |
[Must be null or not blank, Must match the regular expression: |
String |
[Must be a well-formed email address, Must be null or not blank, Must not be blank] |
||
forename |
String |
Forename |
[Must be null or not blank, Must match the regular expression: |
surname |
String |
Surname |
[Must be null or not blank, Must match the regular expression: |
title |
String |
Title or Position |
[] |
telephone |
String |
Telephone Number |
[Must match the regular expression: |
street |
String |
Street Address |
[] |
locality |
String |
Locality |
[] |
state |
String |
State |
[] |
postalCode |
String |
Postal Code |
[Must match the regular expression: |
country |
String |
Country |
[] |
relationship |
String |
Relationship |
[Size must be between 0 and 256 inclusive] |
certificateSerialNumber |
String |
Authentication Certificate Serial Number |
[Must match the regular expression: |
password |
String |
Password |
[Must be null or not blank, Size must be between 0 and 64 inclusive] |
privileges |
Array |
Privileges |
[] |
credentials.[] |
Array |
Credentials |
[Must not be empty] |
credentials.[].role |
String |
Role |
[] |
credentials.[].orgId |
Number |
Organization Identifier |
[] |
identityProviderId |
Number |
Identifier of Identity Provider, if IdP is required |
[Must be at least 1] |
idpPersonId |
String |
Person Identifier for given Identity Provider |
[Size must be between 0 and 256 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/admin/v1/' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13777' \
-H 'password: Password123' \
-H 'customerUri: cst13777' \
-H 'Accept: application/json' \
-d '{"login":"admin","email":"a@test.test","forename":"Admin","surname":"Admin","telephone":"+00000000","password":"1234","credentials":[{"role":"RAO_SSL","orgId":440}]}'Example response
HTTP/1.1 201 Created
Location: https://cert-manager.com/api/admin/v1/394Update client admin
Update client admin’s account.
Path parameters
| Parameter | Description |
|---|---|
|
ID of client admin being updated |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
login |
String |
Login |
[Must be null or not blank, Must match the regular expression: |
String |
[Must be a well-formed email address, Must be null or not blank, Must not be blank] |
||
forename |
String |
Forename |
[Must be null or not blank, Must match the regular expression: |
surname |
String |
Surname |
[Must be null or not blank, Must match the regular expression: |
title |
String |
Title or Position |
[] |
telephone |
String |
Telephone Number |
[Must match the regular expression: |
street |
String |
Street Address |
[] |
locality |
String |
Locality |
[] |
state |
String |
State |
[] |
postalCode |
String |
Postal Code |
[Must match the regular expression: |
country |
String |
Country |
[] |
relationship |
String |
Relationship |
[Size must be between 0 and 256 inclusive] |
certificateSerialNumber |
String |
Authentication Certificate Serial Number |
[Must match the regular expression: |
password |
String |
Password |
[Must be null or not blank, Size must be between 0 and 64 inclusive] |
privileges |
Array |
Privileges |
[] |
credentials.[] |
Array |
Credentials |
[Must not be empty] |
credentials.[].role |
String |
Role |
[] |
credentials.[].orgId |
Number |
Organization Identifier |
[] |
identityProviderId |
Number |
Identifier of Identity Provider, if IdP is required |
[Must be at least 1] |
idpPersonId |
String |
Person Identifier for given Identity Provider |
[Size must be between 0 and 256 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/admin/v1/478' -i -X PUT \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13937' \
-H 'password: Password123' \
-H 'customerUri: cst13937' \
-H 'Accept: application/json' \
-d '{"login":"drao","email":"drao@aa.com","forename":"client-admin-13945on","surname":"client-admin-13945","telephone":"+1 (888) 266-6361","password":"1234","privileges":["allowEdit","allowDelete","allowCreate"],"credentials":[{"role":"RAO_SSL","orgId":481}]}'Example response
HTTP/1.1 200 OKDelete client admin
Delete client admin’s account.
Path parameters
| Parameter | Description |
|---|---|
|
ID of client admin being deleted |
Example request
$ curl 'https://cert-manager.com/api/admin/v1/465' -i -X DELETE \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13913' \
-H 'password: Password123' \
-H 'customerUri: cst13913'Example response
HTTP/1.1 204 No ContentGet client admins list
Get list of Client Administrators.
Request parameters
| Parameter | Description |
|---|---|
|
Count of returned entries |
|
Position shift |
|
Login filter |
|
E-mail filter |
|
Status filter |
|
Organization ID filter |
Example request
$ curl 'https://cert-manager.com/api/admin/v1?size=10&position=0' -i -X GET \
-H 'login: admin_customer13769' \
-H 'password: Password123' \
-H 'customerUri: cst13769'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of requested client admins |
|
|
Client admin ID |
|
|
Client admin login |
|
|
Client admin E-mail |
|
|
Client admin forename |
|
|
Client admin surname |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 440
[{"id":389,"login":"testadmin_customer13769","forename":"client-admin-13775","surname":"client-admin-13775","email":"TestAdmin_Customer13769@aa.com"},{"id":388,"login":"admindrao_customer13769","forename":"client-admin-13773","surname":"client-admin-13773","email":"AdminDrao_Customer13769@aa.com"},{"id":387,"login":"admin_customer13769","forename":"client-admin-13770","surname":"client-admin-13770","email":"Admin_Customer13769@aa.com"}]Get client admin’s details
Get detailed information about Client Administrator.
Path parameters
| Parameter | Description |
|---|---|
|
ID of client admin whose details are being requested |
Example request
$ curl 'https://cert-manager.com/api/admin/v1/444' -i -X GET \
-H 'login: admin_customer13873' \
-H 'password: Password123' \
-H 'customerUri: cst13873' \
-H 'Accept: application/json'Response fields
| Path | Type | Description |
|---|---|---|
|
|
ID |
|
|
Client admin status. Possible values: 'REQUESTED', 'ACTIVE' and 'AWAITING_ME' |
|
|
Forename |
|
|
Surname |
|
|
Login |
|
|
|
|
|
Client admin creation date |
|
|
Client admin last modification date |
|
|
Last password change date |
|
|
Array of client admin’s roles |
|
|
Client admin’s role |
|
|
Organization ID |
|
|
Client admin’s password state. Possible values: 'ALIVE', 'EXPIRED' and 'NEVER_EXPIRE' |
|
|
Expiration date of Client Admin’s password |
|
|
Client admin’s active state. Possible values: 'ACTIVE' and 'SUSPENDED' |
|
|
Number of failed attempts |
|
|
Client admin account type. Possible values: 'STANDARD', 'IDP_USER' and 'IDP_TEMPLATE' |
|
|
Array of client admin’s privileges |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 454
{"id":444,"status":"Active","forename":"client-admin-13877","surname":"client-admin-13877","login":"admindrao_customer13873","email":"AdminDrao_Customer13873@aa.com","created":"2023-03-07","modified":"2023-03-07","lastPasswordChange":"2023-03-07","credentials":[{"role":"DRAO_SSL","orgId":465}],"passwordState":"ALIVE","passwordExpiryDate":"2023-06-06","activeState":"Active","privileges":["allowCreate","allowEdit"],"failedAttempts":0,"type":"Standard"}Get client admin’s roles
Get roles available for client admin
Example request
$ curl 'https://cert-manager.com/api/admin/v1/roles' -i -X GET \
-H 'login: admin_customer13897' \
-H 'password: Password123' \
-H 'customerUri: cst13897' \
-H 'Accept: application/json'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Roles of Client Admin. Possible values: 'MRAO', 'RAO_SSL', 'RAO_SMIME', 'RAO_DEVICE', 'RAO_CS', 'DRAO_SSL', 'DRAO_SMIME', 'DRAO_DEVICE', and 'DRAO_CS' |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 100
["MRAO","RAO_SSL","RAO_SMIME","RAO_CS","RAO_DEVICE","DRAO_SSL","DRAO_SMIME","DRAO_CS","DRAO_DEVICE"]Get client admin’s privileges
Get privileges available for client admin
Request parameters
| Parameter | Description |
|---|---|
|
Client admin’s role. Multiple roles can be provided. |
Example request
$ curl 'https://cert-manager.com/api/admin/v1/privileges?role=RAO_SSL&role=RAO_SMIME' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13889' \
-H 'password: Password123' \
-H 'customerUri: cst13889' \
-H 'Accept: application/json'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Privileges for Client Admin. Possible names: 'allowCreate' - Allow creation of peer admin users, 'allowEdit' - Allow editing of peer admin users, 'allowDelete' - Allow deleting of peer admin users, 'allowDCV' - Allow DCV, 'allowSslChanging' - Allow SSL details changing, 'allowSslAutoApprove' - Allow SSL auto approve, 'wsApiUseOnly' - WS API use only, 'allowMsAdDiscovery' - MS AD Discovery, 'allowKeyVault' - Allow download keys from Key Vault, 'approveDomainDelegation' - Approve domain delegation |
|
|
Description for privilege. |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 494
[{"name":"allowCreate","description":"Allow creation of peer admin users"},{"name":"allowDelete","description":"Allow deleting of peer admin users"},{"name":"allowEdit","description":"Allow editing of peer admin users"},{"name":"allowSslAutoApprove","description":"Allow SSL auto approve"},{"name":"allowSslChanging","description":"Allow SSL details changing"},{"name":"approveDomainDelegation","description":"Approve domain delegation"},{"name":"wsApiUseOnly","description":"WS API use only"}]Get password state
State of Client Admin’s password
Response fields
| Path | Type | Description |
|---|---|---|
|
|
State of Client Admin. Possible values: 'ALIVE', 'EXPIRED' and 'NEVER_EXPIRE' |
|
|
Expiration date of Client Admin’s password |
Example request
$ curl 'https://cert-manager.com/api/admin/v1/password' -i -X GET \
-H 'login: admin_customer13881' \
-H 'password: Password123' \
-H 'customerUri: cst13881' \
-H 'Accept: application/json'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 47
{"expirationDate":"2023-06-06","state":"ALIVE"}Change password
Change of Client Admin’s password. Possible only within a month from expiration.
Success case
Example request
$ curl 'https://cert-manager.com/api/admin/v1/changepassword' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13753' \
-H 'password: Password123' \
-H 'customerUri: cst13753' \
-H 'Accept: application/json' \
-d '{"newPassword":"newPass122345"}'Example response
HTTP/1.1 204 No ContentFailed case
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Code of error if error has occurred |
|
|
Error message |
Example request
$ curl 'https://cert-manager.com/api/admin/v1/changepassword' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13761' \
-H 'password: Password123' \
-H 'customerUri: cst13761' \
-H 'Accept: application/json' \
-d '{"newPassword":"new"}'Example response
HTTP/1.1 400 Bad Request
Content-Type: application/json
Content-Length: 79
{"code":-976,"description":"New password must be between 8 and 32 characters."}Get list of identity providers
Get list of Identity Providers for IdP users .
Example request
$ curl 'https://cert-manager.com/api/admin/v1/idp' -i -X GET \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer13905' \
-H 'password: Password123' \
-H 'customerUri: cst13905' \
-H 'Accept: application/json'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of customer’s IdP |
|
|
IdP ID |
|
|
IdP name |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 29
[{"id":69,"name":"Test Idp"}]Person resource
Find person ID by email
A GET request will return ID for a person with given email.
Path parameters
| Parameter | Description |
|---|---|
|
API version |
|
Person e-mail. Must be formatted as valid e-mail string. Also might need to be properly encoded as required by URL syntax standard. For example, the '@' character should be replaced with the %40 code, '.' - with %2E and so on. |
Example request
$ curl 'https://cert-manager.com/api/person/v1/id/byEmail/224_nobody@nobody.comodo.od.ua' -i -X GET \
-H 'login: admin_customer15915' \
-H 'password: Password123' \
-H 'customerUri: test' \
-H 'Accept: application/json'Response body
{"personId":159}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Person ID |
Find person by ID
Path parameters
| Parameter | Description |
|---|---|
|
API version |
|
Person ID |
Example request
$ curl 'https://cert-manager.com/api/person/v1/158' -i -X GET \
-H 'login: admin_customer15915' \
-H 'password: Password123' \
-H 'customerUri: test' \
-H 'Accept: application/json;charset=UTF-8'Response body
{"id":158,"firstName":"Tester","middleName":"","lastName":"","email":"217_nobody@nobody.comodo.od.ua","organizationId":1495,"validationType":"STANDARD","phone":"123456789","secondaryEmails":["321nobody@nobody.comodo.od.ua","100500admin@nobody.comodo.od.ua"],"commonName":"Tester","eppn":"","upn":""}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Person ID |
|
|
Organization ID |
|
|
Person e-mail |
|
|
Person firstname |
|
|
Person lastname |
|
|
Person middlename |
|
|
Person validation type. Values: [STANDARD, HIGH] |
|
|
Person Phone |
|
|
Person CommonName |
|
|
Person Secondary Emails |
|
|
Person EPPN |
|
|
Person UPN |
Create new person
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
firstName |
String |
Person’s first name |
[Must not be blank, Size must be between 1 and 64 inclusive] |
middleName |
String |
Person’s middle name |
[Size must be between 0 and 64 inclusive] |
lastName |
String |
Person’s last name |
[Must not be blank, Size must be between 0 and 64 inclusive] |
String |
Person’s email |
[Must be a well-formed email address, Must not be empty, Size must be between 0 and 128 inclusive] |
|
validationType |
String |
Person’s validation type. Values: [STANDARD, HIGH] |
[Must not be null] |
organizationId |
Number |
Organization ID |
[Must be at least 1, Must not be null] |
phone |
String |
Person phone |
[Must match the regular expression: |
commonName |
String |
Person commonName |
[Size must be between 0 and 64 inclusive] |
secondaryEmails |
Array |
Person Secondary Emails |
[] |
eppn |
String |
Person EPPN |
[Size must be between 0 and 128 inclusive] |
upn |
String |
Person UPN |
[Size must be between 0 and 256 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/person/v1' -i -X POST \
-H 'Content-Type: application/json;charset=UTF-8' \
-H 'login: admin_customer15915' \
-H 'password: Password123' \
-H 'customerUri: test' \
-d '{"firstName":"First Name","middleName":"Middle Name","lastName":"Last Name","email":"test@email.com","organizationId":1485,"validationType":"STANDARD","phone":"1235","secondaryEmails":["321nobody@nobody.comodo.od.ua","100500admin@nobody.comodo.od.ua"],"commonName":"Tester123","eppn":"","upn":null}'Example response
HTTP/1.1 201 Created
Location: https://cert-manager.com/api/person/v1/146Update person
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
firstName |
String |
Person’s first name |
[Must not be blank, Size must be between 1 and 64 inclusive] |
middleName |
String |
Person’s middle name |
[Size must be between 0 and 64 inclusive] |
lastName |
String |
Person’s last name |
[Must not be blank, Size must be between 0 and 64 inclusive] |
String |
Person’s email |
[Must be a well-formed email address, Must not be empty, Size must be between 0 and 128 inclusive] |
|
validationType |
String |
Person’s validation type |
[Must not be null] |
organizationId |
Number |
Organization ID |
[Must be at least 1, Must not be null] |
phone |
String |
Person phone |
[Must match the regular expression: |
commonName |
String |
Person commonName |
[Size must be between 0 and 64 inclusive] |
secondaryEmails |
Array |
Person Secondary Emails |
[] |
eppn |
String |
Person EPPN |
[Size must be between 0 and 128 inclusive] |
upn |
String |
Person UPN |
[Size must be between 0 and 256 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/person/v1/166' -i -X PUT \
-H 'Content-Type: application/json;charset=UTF-8' \
-H 'login: admin_customer15915' \
-H 'password: Password123' \
-H 'customerUri: test' \
-d '{"firstName":"First Name","middleName":"Middle Name","lastName":"Last Name","email":"test@email.com","organizationId":1503,"validationType":"STANDARD","phone":"1235","secondaryEmails":["321nobody@nobody.comodo.od.ua","100500admin@nobody.comodo.od.ua"],"commonName":"Tester123","eppn":"","upn":null}'Example response
HTTP/1.1 200 OKDelete person
Path parameters
| Parameter | Description |
|---|---|
|
API version |
|
Person ID being deleted |
Example request
$ curl 'https://cert-manager.com/api/person/v1/157' -i -X DELETE \
-H 'login: admin_customer15915' \
-H 'password: Password123' \
-H 'customerUri: test'Example response
HTTP/1.1 200 OKList persons
Path parameters
| Parameter | Description |
|---|---|
|
API version |
Example request
$ curl 'https://cert-manager.com/api/person/v1?position=0&size=10&name=Tester&organizationId=1499&email=245_nobody%40nobody.comodo.od.ua&commonName=Tester&secondaryEmail=321nobody%40nobody.comodo.od.ua&phone=3456789' -i -X GET \
-H 'login: admin_customer15915' \
-H 'password: Password123' \
-H 'customerUri: test'Request parameters
| Parameter | Description |
|---|---|
|
Position shift |
|
Count of entries |
|
Person name (url encoded) |
|
Organization ID |
|
Person email |
|
Person commonName |
|
Person phone |
|
Person Secondary Email |
Response body
[{"id":162,"firstName":"Tester","middleName":"","lastName":"","email":"245_nobody@nobody.comodo.od.ua","organizationId":1499,"validationType":"STANDARD","phone":"123456789","secondaryEmails":["321nobody@nobody.comodo.od.ua","100500admin@nobody.comodo.od.ua"],"commonName":"Tester","eppn":"","upn":""}]Response fields
| Path | Type | Description |
|---|---|---|
|
|
List of persons |
|
|
Person ID |
|
|
Organization ID |
|
|
Person e-mail |
|
|
Person firstname |
|
|
Person lastname |
|
|
Person middlename |
|
|
Person validation type |
|
|
Person Phone |
|
|
Person CommonName |
|
|
Person Secondary Emails |
|
|
Person EPPN |
|
|
Person UPN |
Send invitation to person by id
'V2'
Path parameters
| Parameter | Description |
|---|---|
|
API version |
|
Person ID |
Request body
{"accountId":41}Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
accountId |
Number |
Client Certificate Web Form Account ID |
Example request
$ curl 'https://cert-manager.com/api/person/v2/107/invitation/send' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer15122' \
-H 'password: Password123' \
-H 'customerUri: test' \
-H 'Accept: application/json' \
-d '{"accountId":41}'Example response
HTTP/1.1 202 Accepted'V1'
Path parameters
| Parameter | Description |
|---|---|
|
API version |
|
Person ID |
Request body
{"profileId":2105,"term":365,"keyType":"RSA - 2048"}Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
term |
Number |
Term for certificate in days |
|
keyType |
String |
Allowed Key Type |
|
profileId |
Number |
Profile ID |
Example request
$ curl 'https://cert-manager.com/api/person/v1/165/invitation/send' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer15915' \
-H 'password: Password123' \
-H 'customerUri: test' \
-H 'Accept: application/json' \
-d '{"profileId":2105,"term":365,"keyType":"RSA - 2048"}'Example response
HTTP/1.1 202 AcceptedImport client certificate with private key for person
V2
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
p12 |
String |
Base64 encoded pkcs12 file |
[] |
password |
String |
Password to access pkcs12 file |
Optional |
customFields |
Array |
An array of custom fields if required |
Optional |
Path parameters
| Parameter | Description |
|---|---|
|
API version |
|
Person ID |
Example request
$ curl 'https://cert-manager.com/api/person/v2/105/import-key' -i -X POST \
-H 'Content-Type: application/json;charset=UTF-8' \
-H 'login: admin_customer15106' \
-H 'password: Password123' \
-H 'customerUri: test' \
-d '{"p12":"MIIc9AIBAzCCHK4GCSqGSIb3DQEHAaCCHJ8EghybMIIclzCCBXwGCSqGSIb3DQEHAaCCBW0EggVpMIIFZTCCBWEGCyqGSIb3DQEMCgECoIIE+jCCBPYwKAYKKoZIhvcNAQwBAzAaBBRkrpqy0Rl09IE89cMzT+8i0+lhOAICBAAEggTIXoY6WMPXG7P4x888tra7Y49A4GYbv5szwUKjjddvux14IPB8yz0MPeAD4TO/5Qmp4ERF3V/TF6YBL5MxQw+IEHDF3r1P3drvdd/Ku4R/us6XSHfphqGHT9BVmP+qtZOLOkhe3r7NNLVETNw6GZNQPKRKMf6VbLJE9VpJO4evI23wSZxqUnfKZpkGYtoh+jIBLxV31erwxa4/ffBeVlFYPw+MNj38lMn7Q3Xr5vys6PmLBtUgRTnbER/jXxbo9vXP6pJobupZpwfQRabzqm3Gj7qk51NNAfj8I7hXG2u8VcCAB+LJuj6CqGf13zhkEcibjI+JlqHKI7FfzHFZFLNURrRciGpd6WxT4R27GTPUqiNwmK5XU+GTwgO/NNXQCQTFKJ3HZ1LJj4i3hbUBBAzABTD7OB7Zns6vdSzHx447Qc9hY2g907ZhluLhyAxKNSkZXrRArJKadDNYV+eD9zdY80/itKQGKqR0haFkZW1NMEs2ZQsWAPgMcvdyxkU47+QvGH7ETBnpWGJFVRH/x4juLo46y8IQ9/umiyxYmJ9q9TEy7wm/Fg4UqG9JXckXNN5Apsk4Y2Me7I+uPXFeHbmifzgngMRvrCb+2NppOaPrvCPFCbknVq3091dLHDd2Ajd0vTtP/467YI0xPyr+Yzx6RcFm7oFNtx5Z8JRKpJT4RFF6ZVMkMsKAozsAHJsbtCB9JBE7gRJzm6HPEVSqwZ+49CtIyJ5JTuzDV/DB0DDg39y+27NpAL/Gj4Em4wcEhdyGpnsAhMO+FNMLRDPQGDbdOhdrz3eKIVy3wqxIiJb6VEOuV+J8cLxF7rvqctj+tGQP5VVxsXSHJHQCFPeo5GHlBk/GqG/ZIbxqJdYag+Bpyf7C/XKd85VriiBO949Jio4HxDe/C62j/RwqbTeUoJ7FU/0JPsGhxkloPbmLNmoXv9aJlewwjYDgqSsHfjQpVGNopcRiX0X1HPZNMlF4XpZ8lEGK+RAbYJnHhp/RQKe80tKg4NY7WYmB9cHYhvax8a0VMuKmYlzpugHJRQlE0q+i3Gzh8nPeEjN4HX+RrwXBNbHDBtuUYdNBh6vSvdD64w1Jw22zF8RsfN5vRCDsBM64bwdWlUW7LYhV6eiqrle8X6JIEUUl2OIQLwUCL6m0LzUwzUh902+iEAZi28QnNSQB0bVoxfnCnN8P978+B5oVDhsbRjPhplSjD7BvSSBPiTpjesRFGIqPkzAMXlfbOszyXRwEErtwDNlqp/qj110hDxskuaV154HDcZLSyqJGvs/GxooBCNIDdxI75eATwnwMNHHxo+gebj9crLycA1AkHRr3/iFHbDZN0Hd2kIm7Z+beD7DmBCLFY8AcfeQBYmCxo4BLHVBIvr9hlqUxi1zU4KEWFhHgo8/S4qOXfR99c7LvfV3rOaE4qEyj7cxJean1smnEp9uc0chUXGbL+MsgrkAXOfafGNkxmAflwEh/WyhtsVjU9saDvWzRN3sJnkwlhuqBfqGfV0402TmHYpaGzyOeHqn7Wir/Nn7F5P0BmgnSmJIIG0bKE44hTJcvppcEju+qmyJUCM9NmahMSmwkZLTWAx9mhZDe2OqC6d4yqIRK9I/gHwMLqhlFuSOzwhDnpb+qwVY3QMw+MVQwIwYJKoZIhvcNAQkVMRYEFI3YZBRdwYCDyiA9uLphQZnGCtx2MC0GCSqGSIb3DQEJFDEgHh4AYQBkAG0AaQBuAEAAYwBjAG0AcQBhAC4AYwBvAG0wghcTBgkqhkiG9w0BBwagghcEMIIXAAIBADCCFvkGCSqGSIb3DQEHATAoBgoqhkiG9w0BDAEGMBoEFA6laLzuLYF2mkOyxGvWfC04PwIOAgIEAICCFsCgCj9qK1Vzx9McX8htHPTeg2LiplMfbMQhCGotrhNAq06NFlKSwIjkLnLijveF3oosyZ4mTYuNBy4Wqg9Q7uZpne5hWTKD87X4NUn1cSB3Xq8ATRTA6pVAF6uZCDQwLBtmUBaRCsIPRNjukLqAxvyQavSqAHmn1+v3Na0BIc8x4RRN6RxiJnMiHEAhwQecx8WT802xGMyXvga06N3fXYGr0w0sVMHckZm0yagJObQ8AMQci9YdiFJsUtfrL+SGkfWgG0SyG3PP77ZFALVciwtMs82Y+yPDC6ZJVsas15UqAzbWGtWyqy459fVpIUu0LNo4Mqg2UeG3toZTcBYF1SfnYalbRsPSN3miL9NQJmluTWv0l/jm3YZETDpeRsbgpm2wuDvkBGxzzS8mwlmwenjKXfPD8uGpbyLX7oxP0m0a+zrQvkApbNI2ZI7Ebgo/JjNOhr9JWXo5hEjOgNh+dRv+gqwKgNy0bxEbncHkQc/xxMpDGfyUpHNEFvZLWdMwrz+l1Xy+3lI8jHsyZ3uMj8e93ADQnWuMSPhGwihFqbTU0HwIGiQt0DgNK87jFxlc+/iZ5QEh6T62jTR7jXY+sVQ1PfTBWQ0UwGYhF1VavFpPzNa/UmTppo8mV8eGNfChcUn0nk1O5jQQOV7rx5uSmKFKgGUP2upTKkikIePrhjqIMXzFgalmMQ/loBimxi/5fEMlZIVb9YAx5cBNVtx6ZdwsJ4J72WiAuLYkIialoVfCeLHr3v5Sk1oZbwT/mFxv85rNFGobD3LpSU87iJPghAQInKJyWHgaoRzyTubHqgnKJRrMFEb45FJ/EtTP50XCknQVHW7u/geDMNhAmCCA4KSBuhmWDSs6DnmXiDHaG/Msd4E1o/0X56fbRI+qFr+iaMSWIoXrps/SmuUQC8QTLs9qJ1mESXCLPyhsY9dZRMhtX+7qBRPElC+IKHsVTdmYS4cpANy+adviTipJMlwWvNJm7cgRrOcRdFD7xOsxRX1cICCoEsaRKifzzts6xfOGJRE/1KFi+krlH3zQuVkooky/PWQXjgRKdRJvIUIX3RQNCwmDHeAA9IhmmlXARjJOtRMj/eHOOS93y0dYrsA5Md5p5NTX5FLQHWXF/rSvCD841345T7gF4c0zYYKj9toQ57qExx/TZvdrIQcNPoD80ZQk4YSd9O54f7KxD5uTOPjAmuzvFrrrb6y6Zxh7jU37x0KHJmiwPSa7fYCwzR9zuWwfFXJ+z0ztWWbKE39ZeVWPkM1Dx6il+Pew99ftslUzoglfeU+OMcdd+pQkX2MiTHzGC7gt8krSQqt79HqmgD8iptVc7mW+m3JsyI3xT4hKTssqEZKYy9+t6UTNxSus1iaj1jKo3wieI8odgKzVhEyKxr54qVPDsmlbI+z4HY5/lnmkwV/OIyuVfr76+3EMQ+PhPJcb9z4zHkYkMDbeu5i1vsWvYyg92RfbYSaLbdNDxHnZAjb+bExDnwksariQk5r0C75hvveu2v7+T9meF2EbOPod1lVPJNN7SU0TiptIIfyBFTheha8gwIRUoaMPwfnLiYc/XdDNCEkcoRwUxYb4Cdgxf1kcEzuBJy7dERlKyPibTT9xzoHrQpMm3KgcPIvFXj3fDABcDw23mC16ZEfs/a17N2cfsH+UXHvNiphM/VJIWCHORj1o6gqs6lfV7S5NDEjwNgS1q8zRZF8RGrtbSjlAdyFJ3LlHDAvOAvBsN+OQRR7AB+mJvP+JxDrihDAx9Kggz7qBcTzsyzp7de5eka7ju/D73NBNnalKbvaBMmp5hkDMVvAZGLsgRGK4gEwtAtf5tBb/bQKFtvbwdHs63vh0V/fpRU4v2JWegl8mgexw+vNhRv9Sv93Zpw6PUSMYRYiTF/csOk3aemdUwCBEVyoElOvL1CJX2pKYchYzbKVk+00zLaAWlOhlsBCeVmVnZhi6HirFcUPWmzJS1AEa66feuy6nuJREcUbMLaLpIvjmd44T7oTqzZPFYNIi/9jCtXREp1Lav4z17CUAtGEmaRSwMjoorBjTLGgPF3/+/04MClWf3h4oKLyhtj98ric9r5KDhZRDnYZHCUxBXbkvAo55svvmKopCuB2coB2B8H44DOfc/3wKNk/ud9MzcyD/J9C8pBLGGdjwm70g8DYyoJCBOEuMff1879kQWJblNcIJJAlKf70UfOHpwc4Nw+MD9e66TR3LWV74SqUqSRvtGrtWRGernQnPRoEe1/DlaxlUxDESIyL9FzrcXROQRXCuufspczS2cUucWCESbJAUwVVShCTgRKv3HhTakkbw4U5dy89kLx9VWX/Qj0NPJYOaelef7EI+PLeYqxhwHNDbicXih4dE8L9ImsyzybV4tpO9cBxTQVYJkAPo2DWGB8UFjvbZBq8hxOeQ/GRx+bSKn7nm21c4t6DDH3Sp+jSNqi3851StlLP/TtspQDk8fq9/+WgcAEGlRCloW+8M/mAfh6ZYTRNJoqN3Ey4WkRMzPc6ZTCBzcqagAizj3CZreLoYPBCKdwv01BqqJM5q+FbfVzk5k8AqWDlotcNW0O4q4vl8mk8AmHDP5J/zy8Co5S2vfqD65vZsGdbOSjES1u6WMyltSnrIxjXdVzo3xriFt33aNc/wW3d12ZGoD0dHO6fJJw1QSWlVJqmZVWGQBjouz3o15V9f3GVJu812P1R4BKQCqz8M288LrD9gOTUrlUR+kXHg0Q7tHDqLTkGHZ2wV4gJZ8PQzoXn4tthqH8fbkHFIXDUyLAg6CrGxaJX9KCRzJ7WeLpTmJf/ljXbwySpI/zkFvK9EJT0tmEfsxUXnzzJLpnmlr3f/gkXn9TYkzB9S3V1yIvsk2IaDh0thZC2RNnbT1A9i4OvNTnAL8JnTkW3t2GB7BLU5bseHUnsdec2fitddaCPcOWmnPO33KoJ7bDRJun1l7zjJP5ZntShAdEJRUHOaAyTaY2Jm4PPm7hrgcVdltNT+4PiMkv9smqNrbovOhmGyYETyS9CxPqaS1iLn3RLkp6HiQTi5xekJXmyZl5ya/DhC3I7kZycV9ca3qEqdvbwF7PMG7Z48kPpTX8PS7gRP83ASjCqTLQROLkHl20+6VgM2+5kPiNA28OFOXrpTWdVnkMH6rHOSxnxMjejeoZEv+5vtvUH4owL5B82FH/fJ9QeDSo6iM+V2v9Xc8nkxl/3HWuRdJWCJ730J49kOheyXpEA9wt9aw5YpPhqJeBPa84kI9JtP5Tlkr3gGAtD/L+jO2Y+jbedQxCffc5R4OVBCndPMFLS+3awrCOP1WNiDQO7+CohGUssFxiRBIBJ948Fx1D7M8ZE8qKliDz+q7EcT5md7nR1d4exUn4aILmwbcwXGKvSiWTJmBGfH7iwSdMbr/ZtCiSfCYMref8ZHG5uO/tGQ/cpCZn67KfsWW6mC35UGnpxnohyyd95rOUSzHkAqi4PJx5tu1LGNXosy4VOSQeQ6ChExKkx2u1j55whlZqaFAsuWA4CxQo1mcny9Qjt8IAFjE2YVbvtvLhMn/lcH3DQUukA6LJPB59udh0lgZDSuQSwRb35+9Q8jWdiCUUbWYJUR5TIwvSngtVt4g2P0eHncD0luHz21F9txsmrql6IOnr5YxU4KptQnU0SssvuYb5jfUO3oOBvvkqCM1vntzgDSKvS53hn0RdH+wY68gltoHsJDFjDVXmobhcHr5ubX3PK11r2uGbDOWApc/h+Bmkwf5rsVn8fCHbnWe+1wQTPSfyujpcC7PffJ/Knmv+vYLAWofMC4TbIY451HIJ4xUHlZfHnaGnnJGf6Hlnpn2P6cFI4AXFNGAzxfAjoNzQowuUQzKxtsEB4mng7hCEzKi5SdEcgTudd6qcMd9Kj1UJFED3gqu7Fo1tjM2EMWlinYOxQxlRSE1lpcd8Y8ZPljOUplZ3P0cSikSLyuGDVkXN94OagUMTNieF+oINFCZsU1aAqf/SxOMh7+tDUNvGj2VTIKa+kBlDTzl51aIGXGwCjj4d7HBJy4cbKH7nW4E2Q6xSKZLYf/UoF6jWao6lO5cpvWFENzGiI6o2fYEYfp2KVyRW+4liMKYT1g5na1NP4Z8VsfEKS6UNzOiiqoMcsiHz2L7qTtvDEL49wYVwuBNm8GHXQ32oZGexIDZz+uhO+nYfVJRRkNh2sKurLgA+NF7jAvP87nejqzwW+aI+SuSppnKe+QBvEfq2IeVaqdpau8qzdlmC3ke3vGC679m+9krN1YNmRdJAxEgs4WF2g1qjKG5hQKVA5uve5dQfFDbHv7y7jkd4zob32A2A1p37qjWESZoRYRtZVjuWduJXB8dG+2tqp8MonINGGbXNLfvahOs+RyiW12c0/17T8x72BSoXOK4DQuABOci0kS7OwjSpKD3joh/nn+Mg6Lmm6Luj+D8i8SB/+kv5+U9oWgbfKNKkz6ilY28px+D8H9P6wLwWFcsiSyO6Sb1vFMY0Wegdt5uXCupf4CVX7d9NEtSYpFKWP8Ufdc6zRvc5LofRJ8noxSpVou0I2+KTFUCfdhIA7LV62JmhC2k61QhN8YllYJcItQc5bgxrSYs/i7dVhwqPDUzbUAcO4q4xuQNtc4asozmjxb2YdidBtE4V2CMf7p//yTA9PGBqDbuv6Yx7RwavTdJW3bLBb+seQKrnYp8zV4u07DaOSOaEVUJfn9fTFt5QiCwOuo5Z2tr7hbn5rwvAA9pm6Br4lys5B5nMFetMp7jKByfZPjF8i1586IjWqgT3B+b7Jrp7qUs/FFmLA5jziVyeVzzGCiw/oXEI1g59Vn8hNPKY3CDXi5vsWVR6zQieA8wM1vXhXM4JdYdsU1fAwDqLf8s+XZND4zveACTdl836QIidvwpUQAkl2AoitI0lE5CNsDClqtY9KIf9TmTkwaWCPXtbQ3A+N/X6abreQn6Tv8w4cu7cu5+v2ebkAIomd9X/BtntSRUreLpZr1+yDOtu6+FNMX2d8c8lSjdO5CekVNXBXaJeyF47oKBmO5oOP3jfvHH7QqW+qXxFcor5x1SJI73eLv+9//z109sWnZ/Fc6aKi1eBe+/SSCisJs8Dh4/W2oLPxhfcMC6hhwvV6yB7dvKZ2eNYeuqR58JS9QwMD4DT3+Qq6Lu7CUcdUkgIQ2/SvnAOaPpRbC1VVoc+fZ/UuBA2DPafWPm0OZzoUA9wrSN5CBCcJLKvY0J2yW9FPuE2wy6CgXtN869K6sEQiHtXqd7hhqVEvmvykjmFFHX2THCEiDd0Jr/Upc7b/tM4tcrEe67AWa7qLCidhQx+lqviyuNgVLDKk73MlwcpFRyrFbZk34qf8H2y5A5DMXfUWr7/5mP4NMbb0b3CTsBWJfB5mu23EBJGifpv5iYGUaDh+n29lvv6X5cyDSJIEpNpDSdQliPaf0einf7EtlkIwVh1JPvxYmL2Xt2w0LXm5SP62zPYfGMYEY5lYW4c5qFSIzKeFjEU+dDA+9tIgtw5XAlkJFIQ2DBl1hIfJczbWJlj5lWX/jDsXk9gdJ13/kU3fRzmdtRhFWPuKWNHI6RJtmKq+6eUldgb7dPbLF8+nVALbSk47+DwqJs6AqKJr/jndJKHtfAdoob/1796/aQUdVHx7Qfzku//gsUEWEvOlUPGloOlBRwf6scvXtcsaGftIc52v6DmHh6A5ehmgdSFpZWoSmQ3BhfbEa2j3grUT9iuv54v4xMi8F1JDDu3tpQG8FwXg6fY2VvKjqHHf6hoS7Xtf5pFrggUbGbDc5gzx5QnPHPHnHuTdnAwcSVwPEh7/9oNe6zYCmhrrbOFEU3QKs7r3wsRe19yjLyyIAfLfrgFUjQ4eS9jNE/NCyDLecqZxg5As72j3uo9HjKnYM0iHC5S57+5IzGVUH7noqFJoyaVE/ATerqP0MqJ1ePaaKpbaE1dx822JWj2rQ0v0UtrsPwEiPMcfDQnxnuv2Norw0UFIm3tOHNQeD2XAcd/epyj43K1EWMc31IS7nPf6EitA0X+ziqFUyLzgqieRTXj9zmDdTzcSnYVdFOQJcMnJSlb9Q7FHfySyJlzGxGUe3ATalnq9psZ1V5ifnzmoAeLvRbdKWguOhPJDK6EemkJSYWvALkrOF+GJkabAhL2PzmOj6VUidgDLhjnwD5ZpmsC7gr8T+Nx1Vmu1ercVRuA66IClIfMijnoq4hjZLOMnvvVLop2yvVh3TMF6qOYQOg1v5Eoz9I0HFu20fn2UZHY2VThdnfCqRkvjYEROIPBRHJVhtPu5ypjS5RWxbVcn90YcBuqVKHDeFgfFPGq7x5fDdAaUNRZW5UZxLR4l9tk8wAAD/oVfoiuPpOXyD2kxqqbnn+UI22Dy0qHjd1JE+w0+WvNb263nTZAjAaM0qB538DHSd2lbsAKHF30C8lBWlsbAfxc8e9t0cqMiZ6R/fVJSwZJVQ507Z/lRVqpgTEFtSLysgBJw1NvUrhQPA1ISu89oEKiwHZDmkWpul7BgY+wYtRuZQBxb7Ji2Ny0y0j+SSBPCDmNZPV+i1Rt0l8YUbu7BH/mGjSMByIaNok4tEEh0pz79G+yZkUeMMUjPWTuiccEg85Jgwh25t62JQu/SnLpPEBjif0dDr3M3sA4jjWX6YxUiGN+Wlry89aoBhIfJFFiNBMtlN42EyonjJfYydof6t/rGeJAlehmfjzMcBRmZEkSUQ6sIqxf04NR3m7ylKv8Wb66DTJaVP5WYHBjuxqQip8hP+gxLb7atHuzV1DFJaU5O/UQ0QDK4FFeNaj1MZRMlAaTh0HBb/DTcZtdH7rDfcX/gft2pbCLwoCetuOiVZGCs0yiyafmUfDsO1QUcJ7PXFO8RGWmN/VXoTb9LJpJLIVGyL361E7IO+iDpeQ2z1L80g4USPzdUPxDDIm0m/eyKlBVZquF76UVvEc0EHiIZjbQa6SXQgzBj6yWm8eUuX4mmHGQEFUF/3X1nc7nXu8t9SwsfAsWk0JEpsQOSaVDmuFJ2G55GO/rgxp3G5szmX1wCQio8fSF04mhHrbuPAznRpHAtBNW6kFJDLbZ+5J3svwHfkS3PlR9Zfw2ko2ZT5LTNwxA/KS+aXEx7JcEwDaHR+0CBrHTI28SfoCyJnUFPnzN2shBTNkGE5gkx168ZAZDB4+mNI7PFR+/pzoa9dVe2zEcYh5N1AA3xF3Rh/beXrRGPRyDwQzGGs3jBMtxA6hXFsTeegzJwhJ6m0oJri5NII6a7/otWEQpx5EKVCN9YxFPwK7FbWuaNAYBPD20lMOYPVUNfwfdbERz2cIYatVW6joaoxiF9xvns13ZJMBk1b3byDKhZZ+8z7qUXCRtx+GZ+b/1462PoUt1BZX7oz6+8miC9CDF+iqixXQ2XcSRbqT7Oy5IkUXAPk1VEmXWh/7sinG2ohj79iwRFfqYWKXHThJO/T4qIBfUUgdsHuakuFNYM5EyZe6P9t1vQ+UrmGCkOiIdpklTEycG3ndHT9H+0wRoR547O3ilteVteuSVDdMR/XvyPZamIPZV6MbC4vgpodFO/1vdenTsIPQV/wqwwMkzoSe7wQZg1A81bFD4CeMgJmO8ZFfIBUczMLEw0s3kvg4o7vJ5yXMzVKjEob9V+D6w24kALruHy+EkilsOInqvYc2VJMy8XxMTUkCrCpkTamtVGcRBcHUn4KCPgoF3KFVJqOfNCFfnlq3JB+bwZ/cp1aF9JKvSotr6HEXGVkBILG7KDt3U3FEBu/+bYDi+kPP1/AgO8x28ZSVlESwaLORcv6Edt3t4lpQHvM9/+CV98I72ajisREmAb9MD0wITAJBgUrDgMCGgUABBRqgZ/wtxdW8d3M7waGVOjCkGjlQgQUGVtjR8gSWzJRRrxlbLNw5CafsKMCAgQA","password":"11","customFields":[]}'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Key Store entry list |
|
|
Alias |
|
|
Client Certificate ID |
|
|
MD5 hash |
|
|
SHA1 hash |
|
|
Import operation status message. 'Imported successfully' - all is OK, 'Already exists' - key absent in Key Vault, otherwise - error message |
V1
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
p12 |
String |
Base64 encoded pkcs12 file |
[] |
password |
String |
Password to access pkcs12 file |
Optional |
customFields |
Array |
An array of custom fields if required |
Optional |
Path parameters
| Parameter | Description |
|---|---|
|
API version |
|
Person ID |
Example request
$ curl 'https://cert-manager.com/api/person/v1/182/import-key' -i -X POST \
-H 'Content-Type: application/json;charset=UTF-8' \
-H 'login: admin_customer15915' \
-H 'password: Password123' \
-H 'customerUri: test' \
-d '{"p12":"MIIc9AIBAzCCHK4GCSqGSIb3DQEHAaCCHJ8EghybMIIclzCCBXwGCSqGSIb3DQEHAaCCBW0EggVpMIIFZTCCBWEGCyqGSIb3DQEMCgECoIIE+jCCBPYwKAYKKoZIhvcNAQwBAzAaBBRkrpqy0Rl09IE89cMzT+8i0+lhOAICBAAEggTIXoY6WMPXG7P4x888tra7Y49A4GYbv5szwUKjjddvux14IPB8yz0MPeAD4TO/5Qmp4ERF3V/TF6YBL5MxQw+IEHDF3r1P3drvdd/Ku4R/us6XSHfphqGHT9BVmP+qtZOLOkhe3r7NNLVETNw6GZNQPKRKMf6VbLJE9VpJO4evI23wSZxqUnfKZpkGYtoh+jIBLxV31erwxa4/ffBeVlFYPw+MNj38lMn7Q3Xr5vys6PmLBtUgRTnbER/jXxbo9vXP6pJobupZpwfQRabzqm3Gj7qk51NNAfj8I7hXG2u8VcCAB+LJuj6CqGf13zhkEcibjI+JlqHKI7FfzHFZFLNURrRciGpd6WxT4R27GTPUqiNwmK5XU+GTwgO/NNXQCQTFKJ3HZ1LJj4i3hbUBBAzABTD7OB7Zns6vdSzHx447Qc9hY2g907ZhluLhyAxKNSkZXrRArJKadDNYV+eD9zdY80/itKQGKqR0haFkZW1NMEs2ZQsWAPgMcvdyxkU47+QvGH7ETBnpWGJFVRH/x4juLo46y8IQ9/umiyxYmJ9q9TEy7wm/Fg4UqG9JXckXNN5Apsk4Y2Me7I+uPXFeHbmifzgngMRvrCb+2NppOaPrvCPFCbknVq3091dLHDd2Ajd0vTtP/467YI0xPyr+Yzx6RcFm7oFNtx5Z8JRKpJT4RFF6ZVMkMsKAozsAHJsbtCB9JBE7gRJzm6HPEVSqwZ+49CtIyJ5JTuzDV/DB0DDg39y+27NpAL/Gj4Em4wcEhdyGpnsAhMO+FNMLRDPQGDbdOhdrz3eKIVy3wqxIiJb6VEOuV+J8cLxF7rvqctj+tGQP5VVxsXSHJHQCFPeo5GHlBk/GqG/ZIbxqJdYag+Bpyf7C/XKd85VriiBO949Jio4HxDe/C62j/RwqbTeUoJ7FU/0JPsGhxkloPbmLNmoXv9aJlewwjYDgqSsHfjQpVGNopcRiX0X1HPZNMlF4XpZ8lEGK+RAbYJnHhp/RQKe80tKg4NY7WYmB9cHYhvax8a0VMuKmYlzpugHJRQlE0q+i3Gzh8nPeEjN4HX+RrwXBNbHDBtuUYdNBh6vSvdD64w1Jw22zF8RsfN5vRCDsBM64bwdWlUW7LYhV6eiqrle8X6JIEUUl2OIQLwUCL6m0LzUwzUh902+iEAZi28QnNSQB0bVoxfnCnN8P978+B5oVDhsbRjPhplSjD7BvSSBPiTpjesRFGIqPkzAMXlfbOszyXRwEErtwDNlqp/qj110hDxskuaV154HDcZLSyqJGvs/GxooBCNIDdxI75eATwnwMNHHxo+gebj9crLycA1AkHRr3/iFHbDZN0Hd2kIm7Z+beD7DmBCLFY8AcfeQBYmCxo4BLHVBIvr9hlqUxi1zU4KEWFhHgo8/S4qOXfR99c7LvfV3rOaE4qEyj7cxJean1smnEp9uc0chUXGbL+MsgrkAXOfafGNkxmAflwEh/WyhtsVjU9saDvWzRN3sJnkwlhuqBfqGfV0402TmHYpaGzyOeHqn7Wir/Nn7F5P0BmgnSmJIIG0bKE44hTJcvppcEju+qmyJUCM9NmahMSmwkZLTWAx9mhZDe2OqC6d4yqIRK9I/gHwMLqhlFuSOzwhDnpb+qwVY3QMw+MVQwIwYJKoZIhvcNAQkVMRYEFI3YZBRdwYCDyiA9uLphQZnGCtx2MC0GCSqGSIb3DQEJFDEgHh4AYQBkAG0AaQBuAEAAYwBjAG0AcQBhAC4AYwBvAG0wghcTBgkqhkiG9w0BBwagghcEMIIXAAIBADCCFvkGCSqGSIb3DQEHATAoBgoqhkiG9w0BDAEGMBoEFA6laLzuLYF2mkOyxGvWfC04PwIOAgIEAICCFsCgCj9qK1Vzx9McX8htHPTeg2LiplMfbMQhCGotrhNAq06NFlKSwIjkLnLijveF3oosyZ4mTYuNBy4Wqg9Q7uZpne5hWTKD87X4NUn1cSB3Xq8ATRTA6pVAF6uZCDQwLBtmUBaRCsIPRNjukLqAxvyQavSqAHmn1+v3Na0BIc8x4RRN6RxiJnMiHEAhwQecx8WT802xGMyXvga06N3fXYGr0w0sVMHckZm0yagJObQ8AMQci9YdiFJsUtfrL+SGkfWgG0SyG3PP77ZFALVciwtMs82Y+yPDC6ZJVsas15UqAzbWGtWyqy459fVpIUu0LNo4Mqg2UeG3toZTcBYF1SfnYalbRsPSN3miL9NQJmluTWv0l/jm3YZETDpeRsbgpm2wuDvkBGxzzS8mwlmwenjKXfPD8uGpbyLX7oxP0m0a+zrQvkApbNI2ZI7Ebgo/JjNOhr9JWXo5hEjOgNh+dRv+gqwKgNy0bxEbncHkQc/xxMpDGfyUpHNEFvZLWdMwrz+l1Xy+3lI8jHsyZ3uMj8e93ADQnWuMSPhGwihFqbTU0HwIGiQt0DgNK87jFxlc+/iZ5QEh6T62jTR7jXY+sVQ1PfTBWQ0UwGYhF1VavFpPzNa/UmTppo8mV8eGNfChcUn0nk1O5jQQOV7rx5uSmKFKgGUP2upTKkikIePrhjqIMXzFgalmMQ/loBimxi/5fEMlZIVb9YAx5cBNVtx6ZdwsJ4J72WiAuLYkIialoVfCeLHr3v5Sk1oZbwT/mFxv85rNFGobD3LpSU87iJPghAQInKJyWHgaoRzyTubHqgnKJRrMFEb45FJ/EtTP50XCknQVHW7u/geDMNhAmCCA4KSBuhmWDSs6DnmXiDHaG/Msd4E1o/0X56fbRI+qFr+iaMSWIoXrps/SmuUQC8QTLs9qJ1mESXCLPyhsY9dZRMhtX+7qBRPElC+IKHsVTdmYS4cpANy+adviTipJMlwWvNJm7cgRrOcRdFD7xOsxRX1cICCoEsaRKifzzts6xfOGJRE/1KFi+krlH3zQuVkooky/PWQXjgRKdRJvIUIX3RQNCwmDHeAA9IhmmlXARjJOtRMj/eHOOS93y0dYrsA5Md5p5NTX5FLQHWXF/rSvCD841345T7gF4c0zYYKj9toQ57qExx/TZvdrIQcNPoD80ZQk4YSd9O54f7KxD5uTOPjAmuzvFrrrb6y6Zxh7jU37x0KHJmiwPSa7fYCwzR9zuWwfFXJ+z0ztWWbKE39ZeVWPkM1Dx6il+Pew99ftslUzoglfeU+OMcdd+pQkX2MiTHzGC7gt8krSQqt79HqmgD8iptVc7mW+m3JsyI3xT4hKTssqEZKYy9+t6UTNxSus1iaj1jKo3wieI8odgKzVhEyKxr54qVPDsmlbI+z4HY5/lnmkwV/OIyuVfr76+3EMQ+PhPJcb9z4zHkYkMDbeu5i1vsWvYyg92RfbYSaLbdNDxHnZAjb+bExDnwksariQk5r0C75hvveu2v7+T9meF2EbOPod1lVPJNN7SU0TiptIIfyBFTheha8gwIRUoaMPwfnLiYc/XdDNCEkcoRwUxYb4Cdgxf1kcEzuBJy7dERlKyPibTT9xzoHrQpMm3KgcPIvFXj3fDABcDw23mC16ZEfs/a17N2cfsH+UXHvNiphM/VJIWCHORj1o6gqs6lfV7S5NDEjwNgS1q8zRZF8RGrtbSjlAdyFJ3LlHDAvOAvBsN+OQRR7AB+mJvP+JxDrihDAx9Kggz7qBcTzsyzp7de5eka7ju/D73NBNnalKbvaBMmp5hkDMVvAZGLsgRGK4gEwtAtf5tBb/bQKFtvbwdHs63vh0V/fpRU4v2JWegl8mgexw+vNhRv9Sv93Zpw6PUSMYRYiTF/csOk3aemdUwCBEVyoElOvL1CJX2pKYchYzbKVk+00zLaAWlOhlsBCeVmVnZhi6HirFcUPWmzJS1AEa66feuy6nuJREcUbMLaLpIvjmd44T7oTqzZPFYNIi/9jCtXREp1Lav4z17CUAtGEmaRSwMjoorBjTLGgPF3/+/04MClWf3h4oKLyhtj98ric9r5KDhZRDnYZHCUxBXbkvAo55svvmKopCuB2coB2B8H44DOfc/3wKNk/ud9MzcyD/J9C8pBLGGdjwm70g8DYyoJCBOEuMff1879kQWJblNcIJJAlKf70UfOHpwc4Nw+MD9e66TR3LWV74SqUqSRvtGrtWRGernQnPRoEe1/DlaxlUxDESIyL9FzrcXROQRXCuufspczS2cUucWCESbJAUwVVShCTgRKv3HhTakkbw4U5dy89kLx9VWX/Qj0NPJYOaelef7EI+PLeYqxhwHNDbicXih4dE8L9ImsyzybV4tpO9cBxTQVYJkAPo2DWGB8UFjvbZBq8hxOeQ/GRx+bSKn7nm21c4t6DDH3Sp+jSNqi3851StlLP/TtspQDk8fq9/+WgcAEGlRCloW+8M/mAfh6ZYTRNJoqN3Ey4WkRMzPc6ZTCBzcqagAizj3CZreLoYPBCKdwv01BqqJM5q+FbfVzk5k8AqWDlotcNW0O4q4vl8mk8AmHDP5J/zy8Co5S2vfqD65vZsGdbOSjES1u6WMyltSnrIxjXdVzo3xriFt33aNc/wW3d12ZGoD0dHO6fJJw1QSWlVJqmZVWGQBjouz3o15V9f3GVJu812P1R4BKQCqz8M288LrD9gOTUrlUR+kXHg0Q7tHDqLTkGHZ2wV4gJZ8PQzoXn4tthqH8fbkHFIXDUyLAg6CrGxaJX9KCRzJ7WeLpTmJf/ljXbwySpI/zkFvK9EJT0tmEfsxUXnzzJLpnmlr3f/gkXn9TYkzB9S3V1yIvsk2IaDh0thZC2RNnbT1A9i4OvNTnAL8JnTkW3t2GB7BLU5bseHUnsdec2fitddaCPcOWmnPO33KoJ7bDRJun1l7zjJP5ZntShAdEJRUHOaAyTaY2Jm4PPm7hrgcVdltNT+4PiMkv9smqNrbovOhmGyYETyS9CxPqaS1iLn3RLkp6HiQTi5xekJXmyZl5ya/DhC3I7kZycV9ca3qEqdvbwF7PMG7Z48kPpTX8PS7gRP83ASjCqTLQROLkHl20+6VgM2+5kPiNA28OFOXrpTWdVnkMH6rHOSxnxMjejeoZEv+5vtvUH4owL5B82FH/fJ9QeDSo6iM+V2v9Xc8nkxl/3HWuRdJWCJ730J49kOheyXpEA9wt9aw5YpPhqJeBPa84kI9JtP5Tlkr3gGAtD/L+jO2Y+jbedQxCffc5R4OVBCndPMFLS+3awrCOP1WNiDQO7+CohGUssFxiRBIBJ948Fx1D7M8ZE8qKliDz+q7EcT5md7nR1d4exUn4aILmwbcwXGKvSiWTJmBGfH7iwSdMbr/ZtCiSfCYMref8ZHG5uO/tGQ/cpCZn67KfsWW6mC35UGnpxnohyyd95rOUSzHkAqi4PJx5tu1LGNXosy4VOSQeQ6ChExKkx2u1j55whlZqaFAsuWA4CxQo1mcny9Qjt8IAFjE2YVbvtvLhMn/lcH3DQUukA6LJPB59udh0lgZDSuQSwRb35+9Q8jWdiCUUbWYJUR5TIwvSngtVt4g2P0eHncD0luHz21F9txsmrql6IOnr5YxU4KptQnU0SssvuYb5jfUO3oOBvvkqCM1vntzgDSKvS53hn0RdH+wY68gltoHsJDFjDVXmobhcHr5ubX3PK11r2uGbDOWApc/h+Bmkwf5rsVn8fCHbnWe+1wQTPSfyujpcC7PffJ/Knmv+vYLAWofMC4TbIY451HIJ4xUHlZfHnaGnnJGf6Hlnpn2P6cFI4AXFNGAzxfAjoNzQowuUQzKxtsEB4mng7hCEzKi5SdEcgTudd6qcMd9Kj1UJFED3gqu7Fo1tjM2EMWlinYOxQxlRSE1lpcd8Y8ZPljOUplZ3P0cSikSLyuGDVkXN94OagUMTNieF+oINFCZsU1aAqf/SxOMh7+tDUNvGj2VTIKa+kBlDTzl51aIGXGwCjj4d7HBJy4cbKH7nW4E2Q6xSKZLYf/UoF6jWao6lO5cpvWFENzGiI6o2fYEYfp2KVyRW+4liMKYT1g5na1NP4Z8VsfEKS6UNzOiiqoMcsiHz2L7qTtvDEL49wYVwuBNm8GHXQ32oZGexIDZz+uhO+nYfVJRRkNh2sKurLgA+NF7jAvP87nejqzwW+aI+SuSppnKe+QBvEfq2IeVaqdpau8qzdlmC3ke3vGC679m+9krN1YNmRdJAxEgs4WF2g1qjKG5hQKVA5uve5dQfFDbHv7y7jkd4zob32A2A1p37qjWESZoRYRtZVjuWduJXB8dG+2tqp8MonINGGbXNLfvahOs+RyiW12c0/17T8x72BSoXOK4DQuABOci0kS7OwjSpKD3joh/nn+Mg6Lmm6Luj+D8i8SB/+kv5+U9oWgbfKNKkz6ilY28px+D8H9P6wLwWFcsiSyO6Sb1vFMY0Wegdt5uXCupf4CVX7d9NEtSYpFKWP8Ufdc6zRvc5LofRJ8noxSpVou0I2+KTFUCfdhIA7LV62JmhC2k61QhN8YllYJcItQc5bgxrSYs/i7dVhwqPDUzbUAcO4q4xuQNtc4asozmjxb2YdidBtE4V2CMf7p//yTA9PGBqDbuv6Yx7RwavTdJW3bLBb+seQKrnYp8zV4u07DaOSOaEVUJfn9fTFt5QiCwOuo5Z2tr7hbn5rwvAA9pm6Br4lys5B5nMFetMp7jKByfZPjF8i1586IjWqgT3B+b7Jrp7qUs/FFmLA5jziVyeVzzGCiw/oXEI1g59Vn8hNPKY3CDXi5vsWVR6zQieA8wM1vXhXM4JdYdsU1fAwDqLf8s+XZND4zveACTdl836QIidvwpUQAkl2AoitI0lE5CNsDClqtY9KIf9TmTkwaWCPXtbQ3A+N/X6abreQn6Tv8w4cu7cu5+v2ebkAIomd9X/BtntSRUreLpZr1+yDOtu6+FNMX2d8c8lSjdO5CekVNXBXaJeyF47oKBmO5oOP3jfvHH7QqW+qXxFcor5x1SJI73eLv+9//z109sWnZ/Fc6aKi1eBe+/SSCisJs8Dh4/W2oLPxhfcMC6hhwvV6yB7dvKZ2eNYeuqR58JS9QwMD4DT3+Qq6Lu7CUcdUkgIQ2/SvnAOaPpRbC1VVoc+fZ/UuBA2DPafWPm0OZzoUA9wrSN5CBCcJLKvY0J2yW9FPuE2wy6CgXtN869K6sEQiHtXqd7hhqVEvmvykjmFFHX2THCEiDd0Jr/Upc7b/tM4tcrEe67AWa7qLCidhQx+lqviyuNgVLDKk73MlwcpFRyrFbZk34qf8H2y5A5DMXfUWr7/5mP4NMbb0b3CTsBWJfB5mu23EBJGifpv5iYGUaDh+n29lvv6X5cyDSJIEpNpDSdQliPaf0einf7EtlkIwVh1JPvxYmL2Xt2w0LXm5SP62zPYfGMYEY5lYW4c5qFSIzKeFjEU+dDA+9tIgtw5XAlkJFIQ2DBl1hIfJczbWJlj5lWX/jDsXk9gdJ13/kU3fRzmdtRhFWPuKWNHI6RJtmKq+6eUldgb7dPbLF8+nVALbSk47+DwqJs6AqKJr/jndJKHtfAdoob/1796/aQUdVHx7Qfzku//gsUEWEvOlUPGloOlBRwf6scvXtcsaGftIc52v6DmHh6A5ehmgdSFpZWoSmQ3BhfbEa2j3grUT9iuv54v4xMi8F1JDDu3tpQG8FwXg6fY2VvKjqHHf6hoS7Xtf5pFrggUbGbDc5gzx5QnPHPHnHuTdnAwcSVwPEh7/9oNe6zYCmhrrbOFEU3QKs7r3wsRe19yjLyyIAfLfrgFUjQ4eS9jNE/NCyDLecqZxg5As72j3uo9HjKnYM0iHC5S57+5IzGVUH7noqFJoyaVE/ATerqP0MqJ1ePaaKpbaE1dx822JWj2rQ0v0UtrsPwEiPMcfDQnxnuv2Norw0UFIm3tOHNQeD2XAcd/epyj43K1EWMc31IS7nPf6EitA0X+ziqFUyLzgqieRTXj9zmDdTzcSnYVdFOQJcMnJSlb9Q7FHfySyJlzGxGUe3ATalnq9psZ1V5ifnzmoAeLvRbdKWguOhPJDK6EemkJSYWvALkrOF+GJkabAhL2PzmOj6VUidgDLhjnwD5ZpmsC7gr8T+Nx1Vmu1ercVRuA66IClIfMijnoq4hjZLOMnvvVLop2yvVh3TMF6qOYQOg1v5Eoz9I0HFu20fn2UZHY2VThdnfCqRkvjYEROIPBRHJVhtPu5ypjS5RWxbVcn90YcBuqVKHDeFgfFPGq7x5fDdAaUNRZW5UZxLR4l9tk8wAAD/oVfoiuPpOXyD2kxqqbnn+UI22Dy0qHjd1JE+w0+WvNb263nTZAjAaM0qB538DHSd2lbsAKHF30C8lBWlsbAfxc8e9t0cqMiZ6R/fVJSwZJVQ507Z/lRVqpgTEFtSLysgBJw1NvUrhQPA1ISu89oEKiwHZDmkWpul7BgY+wYtRuZQBxb7Ji2Ny0y0j+SSBPCDmNZPV+i1Rt0l8YUbu7BH/mGjSMByIaNok4tEEh0pz79G+yZkUeMMUjPWTuiccEg85Jgwh25t62JQu/SnLpPEBjif0dDr3M3sA4jjWX6YxUiGN+Wlry89aoBhIfJFFiNBMtlN42EyonjJfYydof6t/rGeJAlehmfjzMcBRmZEkSUQ6sIqxf04NR3m7ylKv8Wb66DTJaVP5WYHBjuxqQip8hP+gxLb7atHuzV1DFJaU5O/UQ0QDK4FFeNaj1MZRMlAaTh0HBb/DTcZtdH7rDfcX/gft2pbCLwoCetuOiVZGCs0yiyafmUfDsO1QUcJ7PXFO8RGWmN/VXoTb9LJpJLIVGyL361E7IO+iDpeQ2z1L80g4USPzdUPxDDIm0m/eyKlBVZquF76UVvEc0EHiIZjbQa6SXQgzBj6yWm8eUuX4mmHGQEFUF/3X1nc7nXu8t9SwsfAsWk0JEpsQOSaVDmuFJ2G55GO/rgxp3G5szmX1wCQio8fSF04mhHrbuPAznRpHAtBNW6kFJDLbZ+5J3svwHfkS3PlR9Zfw2ko2ZT5LTNwxA/KS+aXEx7JcEwDaHR+0CBrHTI28SfoCyJnUFPnzN2shBTNkGE5gkx168ZAZDB4+mNI7PFR+/pzoa9dVe2zEcYh5N1AA3xF3Rh/beXrRGPRyDwQzGGs3jBMtxA6hXFsTeegzJwhJ6m0oJri5NII6a7/otWEQpx5EKVCN9YxFPwK7FbWuaNAYBPD20lMOYPVUNfwfdbERz2cIYatVW6joaoxiF9xvns13ZJMBk1b3byDKhZZ+8z7qUXCRtx+GZ+b/1462PoUt1BZX7oz6+8miC9CDF+iqixXQ2XcSRbqT7Oy5IkUXAPk1VEmXWh/7sinG2ohj79iwRFfqYWKXHThJO/T4qIBfUUgdsHuakuFNYM5EyZe6P9t1vQ+UrmGCkOiIdpklTEycG3ndHT9H+0wRoR547O3ilteVteuSVDdMR/XvyPZamIPZV6MbC4vgpodFO/1vdenTsIPQV/wqwwMkzoSe7wQZg1A81bFD4CeMgJmO8ZFfIBUczMLEw0s3kvg4o7vJ5yXMzVKjEob9V+D6w24kALruHy+EkilsOInqvYc2VJMy8XxMTUkCrCpkTamtVGcRBcHUn4KCPgoF3KFVJqOfNCFfnlq3JB+bwZ/cp1aF9JKvSotr6HEXGVkBILG7KDt3U3FEBu/+bYDi+kPP1/AgO8x28ZSVlESwaLORcv6Edt3t4lpQHvM9/+CV98I72ajisREmAb9MD0wITAJBgUrDgMCGgUABBRqgZ/wtxdW8d3M7waGVOjCkGjlQgQUGVtjR8gSWzJRRrxlbLNw5CafsKMCAgQA","password":"11","customFields":[]}'Response fields
| Path | Type | Description |
|---|---|---|
|
|
ID of created certificate based on imported payload |
List available Enrollment Form Endpoints
Path parameters
| Parameter | Description |
|---|---|
|
API version |
|
Person ID |
Example request
$ curl 'https://cert-manager.com/api/person/v2/104/invitation/endpoint' -i -X GET \
-H 'login: admin_customer15098' \
-H 'password: Password123' \
-H 'customerUri: test'Request headers
| Name | Description |
|---|---|
|
User login name |
|
User password |
|
Customer URI part |
Response body
[{"id":70,"name":"test SMIME_WEB_FORM15104","url":"https://SMIME_WEB_FORM15105"}]Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of Enrollment Form Endpoints |
|
|
Endpoint ID |
|
|
Endpoint name |
|
|
Endpoint url |
List available Enrollment Form Accounts for specified Endpoint
Path parameters
| Parameter | Description |
|---|---|
|
API version |
|
Person ID |
|
Client Certificate Enrollment Form Endpoint ID |
Example request
$ curl 'https://cert-manager.com/api/person/v2/103/invitation/endpoint/69/account' -i -X GET \
-H 'login: admin_customer15090' \
-H 'password: Password123' \
-H 'customerUri: test'Request headers
| Name | Description |
|---|---|
|
User login name |
|
User password |
|
Customer URI part |
Response body
[{"id":37,"name":"Client Cert Enrollment Form Account","profiles":["Client cert SASP -2034846737","Client cert SASP -779060493"]}]Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of Enrollment Form Endpoint Accounts |
|
|
Account ID |
|
|
Account name |
|
|
Array of profiles names |
Domain resource (Ver.1)
Create new domain
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
name |
String |
Domain name |
[Must not be null, Size must be between 4 and 255 inclusive] |
description |
String |
Domain description (optional) |
[Must not be null, Size must be between 0 and 255 inclusive] |
active |
Boolean |
Required domain state |
Set 'false' if you want to create domain in suspended state |
delegations[] |
Array |
Domain delegations list |
[Must not be null, Size must be between 1 and 2147483647 inclusive] |
delegations[].orgId |
Number |
Organization ID |
|
delegations[].certTypes |
Array |
Domain delegation certificate types |
Allowed values: [SSL, SMIME, CodeSign] |
Example request
$ curl 'https://cert-manager.com/api/domain/v1' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer14059' \
-H 'password: Password123' \
-H 'customerUri: cst14059' \
-d '{"name":"testdomain.com","description":"Domain created via REST API","active":true,"delegations":[{"orgId":50,"certTypes":["SSL","CodeSign","SMIME"]}]}'Example response
HTTP/1.1 201 Created
Location: https://cert-manager.com/api/domain/v1/57Delete domain
| Only MRAO admin can delete domains. |
Path parameters
| Parameter | Description |
|---|---|
|
Domain ID |
|
API version |
Example request
$ curl 'https://cert-manager.com/api/domain/v1/59' -i -X DELETE \
-H 'login: admin_customer14069' \
-H 'password: Password123' \
-H 'customerUri: cst14069'Example response
HTTP/1.1 200 OKGet domain info
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Domain id |
|
|
Domain name |
|
|
Domain delegation status. Available values are: [ACTIVE, REQUESTED] |
|
|
Domain state. Available values are: [SUSPENDED, ACTIVE] |
|
|
Domain validation status. This field is shown only if DCV is enabled for customer. Available values are: [Not validated, Validated, Expired] |
|
|
DCV expiration date. This field is shown only if DCV is enabled for customer. Format: yyyy-MM-dd |
|
|
List of domain delegations, filtered by client admin credentials. |
|
|
Organization id |
|
|
Certificate types. Available values are: [SSL, SMIME, CodeSign] |
|
|
Delegation status. Available values are: [ACTIVE, REQUESTED] |
Example request
$ curl 'https://cert-manager.com/api/domain/v1/50' -i -X GET \
-H 'login: admin_customer14089' \
-H 'password: Password123' \
-H 'customerUri: cst14089'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 206
{"id":50,"name":"testdomain.com","delegationStatus":"ACTIVE","state":"ACTIVE","validationStatus":"VALIDATED","dcvExpiration":"2020-08-08","delegations":[{"orgId":544,"certTypes":["SSL"],"status":"ACTIVE"}]}Get domain list
Request parameters
| Parameter | Description |
|---|---|
|
Count of returned entries |
|
Position shift |
|
Name filter |
|
State filter, possible values [active, inactive] |
|
Status filter, possible values [requested, approved] |
|
Organization ID filter |
Example request
$ curl 'https://cert-manager.com/api/domain/v1?size=10&position=0' -i -X GET \
-H 'login: admin_customer14077' \
-H 'password: Password123' \
-H 'customerUri: cst14077'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of requested domains |
|
|
Domain ID |
|
|
Domain |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 125
[{"id":0,"name":"example0.com"},{"id":1,"name":"example1.com"},{"id":2,"name":"example2.com"},{"id":3,"name":"example3.com"}]Get domains count
Request parameters
| Parameter | Description |
|---|---|
|
Count of returned entries |
|
Position shift |
|
Name filter |
|
State filter, possible values [active, inactive] |
|
Status filter, possible values [requested, approved] |
|
Organization ID filter |
Example request
$ curl 'https://cert-manager.com/api/domain/v1/count?size=10&position=0' -i -X GET \
-H 'login: admin_customer14039' \
-H 'password: Password123' \
-H 'customerUri: cst14039'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Count for domains |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 11
{"count":4}Activate domain
Example request
$ curl 'https://cert-manager.com/api/domain/v1/56/activate' -i -X PUT \
-H 'login: admin_customer14011' \
-H 'password: Password123' \
-H 'customerUri: cst14011'Example response
HTTP/1.1 200 OKSuspend domain
Example request
$ curl 'https://cert-manager.com/api/domain/v1/60/suspend' -i -X PUT \
-H 'login: admin_customer14121' \
-H 'password: Password123' \
-H 'customerUri: cst14121'Example response
HTTP/1.1 200 OKDelegate domain
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
orgId |
Number |
Organization ID |
[Must be at least 1, Must not be null] |
certTypes |
Array |
Certificate types |
Allowed values: [SSL, SMIME, CodeSign] |
Example request
$ curl 'https://cert-manager.com/api/domain/v1/50/delegation' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer14015' \
-H 'password: Password123' \
-H 'customerUri: cst14015' \
-d '{"orgId":50,"certTypes":["SSL","CodeSign","SMIME"]}'Example response
HTTP/1.1 200 OKRemove domain delegation
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
orgId |
Number |
Organization ID |
[Must be at least 1, Must not be null] |
certTypes |
Array |
Certificate types |
Allowed values: [SSL, SMIME, CodeSign] |
Path parameters
| Parameter | Description |
|---|---|
|
Domain ID. |
|
API version |
Example request
$ curl 'https://cert-manager.com/api/domain/v1/50/delegation' -i -X DELETE \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer14109' \
-H 'password: Password123' \
-H 'customerUri: cst14109' \
-d '{"orgId":50,"certTypes":["SSL","CodeSign","SMIME"]}'Example response
HTTP/1.1 200 OKApprove delegation
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
orgId |
Number |
Organization ID |
[Must be at least 1, Must not be null] |
Path parameters
| Parameter | Description |
|---|---|
|
Domain ID. |
|
API version |
Example request
$ curl 'https://cert-manager.com/api/domain/v1/50/delegation/approve' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer14027' \
-H 'password: Password123' \
-H 'customerUri: cst14027' \
-d '{"orgId":50}'Example response
HTTP/1.1 200 OKReject delegation
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
orgId |
Number |
Organization ID |
[Must be at least 1, Must not be null] |
Path parameters
| Parameter | Description |
|---|---|
|
Domain ID. |
|
API version |
Example request
$ curl 'https://cert-manager.com/api/domain/v1/50/delegation/reject' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer14097' \
-H 'password: Password123' \
-H 'customerUri: cst14097' \
-d '{"orgId":50}'Example response
HTTP/1.1 200 OKOrganization resource (Ver.1)
Get organization list
Example request
$ curl 'https://cert-manager.com/api/organization/v1' -i -X GET \
-H 'login: admin_drao_customer14656' \
-H 'password: Password123' \
-H 'customerUri: cst14656'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of requested organizations |
|
|
Organization name |
|
|
Organization ID |
|
|
Departments array |
|
|
Department ID |
|
|
Department name |
|
|
Department’s parent organization name |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 166
[{"id":843,"name":"org4Test","departments":[{"id":844,"parentName":"org4Test","name":"department4Test"},{"id":845,"parentName":"org4Test","name":"department4Test"}]}]Get organization list by role
Path parameters
| Parameter | Description |
|---|---|
|
API version |
|
Client admin’s requested role |
Example request
$ curl 'https://cert-manager.com/api/organization/v1/managedBy/DRAO_SSL' -i -X GET \
-H 'login: admin_rao_customer14696' \
-H 'password: Password123' \
-H 'customerUri: cst14696'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of requested organizations |
|
|
Organization ID |
|
|
Organization name |
|
|
Department’s parent organization name |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 121
[{"id":864,"parentName":"org4Test","name":"department4Test"},{"id":865,"parentName":"org4Test","name":"department4Test"}]Get organization list by report type
Get organization list related to specific certificate profile.
Path parameters
| Parameter | Description |
|---|---|
|
Certificate type: SSL, Client, Device, CodeSign. |
Example request
$ curl 'https://cert-manager.com/api/organization/v1/report-type/SSL' -i -X GET \
-H 'login: admin_rao_customer14664' \
-H 'password: Password123' \
-H 'customerUri: cst14664'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Array of requested organizations |
|
|
Organization ID |
|
|
Organization name |
|
|
Departments |
|
|
Department ID |
|
|
Department name |
|
|
Department’s parent organization name |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 166
[{"id":847,"name":"org4Test","departments":[{"id":848,"parentName":"org4Test","name":"department4Test"},{"id":849,"parentName":"org4Test","name":"department4Test"}]}]Create organization
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
parentOrgName |
String |
Parent organization name |
[Must not be blank, Size must be between 0 and 64 inclusive] |
name |
String |
Organization or department name |
[Must not be blank, Size must be between 0 and 64 inclusive] |
address1 |
String |
Address 1 |
[Must not be blank, Size must be between 0 and 128 inclusive] |
address2 |
String |
Address 2 |
[Size must be between 0 and 128 inclusive] |
address3 |
String |
Address 3 |
[Size must be between 0 and 128 inclusive] |
city |
String |
City |
[Size must be between 0 and 32 inclusive, Either 'city' or 'stateProvince' must not be blank at least] |
stateProvince |
String |
State or Province |
[Size must be between 0 and 32 inclusive, Either 'city' or 'stateProvince' must not be blank at least] |
postalCode |
String |
Postal Code |
[Size must be between 0 and 10 inclusive] |
clientCertificate |
Object |
Client certificate details |
[Must not be null] |
clientCertificate.allowKeyRecoveryByMasterAdmins |
Boolean |
Allow key recovery by Master admins |
[] |
clientCertificate.allowKeyRecoveryByOrgAdmins |
Boolean |
Allow key recovery by Org admins |
[] |
clientCertificate.allowKeyRecoveryByDepartmentAdmins |
Boolean |
Allow key recovery by Department admins |
[] |
country |
String |
Country |
[Must not be blank, Size must be between 2 and 2 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/organization/v1' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: admin_customer14438' \
-H 'password: Password123' \
-H 'customerUri: cst14438' \
-d '{"parentOrgName":"org4Test","name":"TDINKICSGCGUARQRLPOYYEEJQLKXINXIDFXNHLHTXGXQTWJXLCIUXNSRYEMEGMUC","address1":"MJISYJKYGGAJEIQEVVRXOMESSXIFTWLUGRDIBMPIRYSROGWNDXZFCHRMKRNHGICBVGSVDQOQDVYRFAQLQLPNFKAXKAVUFWCLPRLVNOQFAYBUPSQRZFWLONVSUHTZNOWU","address2":"CMUOQETHXQLBXLMEXOUGHVOPWJVWWLDLDFUKVSCWRBBRGNJLDZDJKQISRRVLHVHVGWPDLWOSGZCGLPBQZMKURVKFZLINAXMZTGOTTDPMRNSMYXFMOGBCISPAFPBYAZUC","address3":"DHSSYQMRKVZXLBBVUIPMPMNKZTZMHDPAVDQHLTKWSSLTJXSFTTSTYXQEBTJGLAGECCENIIPLULJZXWIXXUVNHDYDQJOQPGNLHGSGZDUMZHANVOUKVQCSSWMZYFODCMRP","city":"FMBBNKJDNWRLEMEGZQCFFOHLWETBMHVF","stateProvince":"ZPREURVYAHPXJZSGBLRHZZMPIUDJRMYA","postalCode":"4144256779","country":"MP","clientCertificate":{"allowKeyRecoveryByMasterAdmins":true,"allowKeyRecoveryByOrgAdmins":false,"allowKeyRecoveryByDepartmentAdmins":true}}'Example response
HTTP/1.1 201 Created
Location: https://cert-manager.com/api/organization/v1/730Get organization details
Get detailed information about organization.
Path parameters
| Parameter | Description |
|---|---|
|
API version |
|
ID of organization whose details are being requested |
Example request
$ curl 'https://cert-manager.com/api/organization/v1/831' -i -X GET \
-H 'login: admin_rao_customer14632' \
-H 'password: Password123' \
-H 'customerUri: cst14632'Response fields
| Path | Type | Description |
|---|---|---|
|
|
Organization name |
|
|
Organization ID |
|
|
Address details |
|
|
Address details |
|
|
Address details |
|
|
City |
|
|
State or province |
|
|
Postal code |
|
|
Country |
|
|
Incorporating agency |
|
|
Main telephone number |
|
|
DUN and bradstreet number |
|
|
Company regisstration number |
|
|
Jurisdiction of incorporation city |
|
|
State of incorporation |
|
|
Country of incorporation |
|
|
Date of incorporation |
|
|
Business category |
|
|
Contract signer title |
|
|
Contract signer forename |
|
|
Contract signer surname |
|
|
Contract signer email |
|
|
Contract signer telephone number |
|
|
Contract signer street |
|
|
Contract signer locality |
|
|
Contract signer state |
|
|
Contract signer postal code |
|
|
Contract signer country |
|
|
Contract signer relationship |
|
|
Validation status |
|
|
Secondary validation status |
|
|
Allow key recovery by Master admins |
|
|
Allow key recovery by Org admins |
|
|
Allow key recovery by Department admins |
|
|
Array of allowed certificate types |
|
|
Departments array |
|
|
Department ID |
|
|
Department name |
|
|
Department’s parent organization name |
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1267
{"id":831,"name":"org4Test","certTypes":["SSL"],"departments":[{"id":832,"parentName":"org4Test","name":"department4Test"},{"id":833,"parentName":"org4Test","name":"department4Test"}],"address1":"Deribasovskaya 1","address2":"Street 2","address3":"Street 3","city":"Odesa","stateOrProvince":"Odeska oblast","postalCode":"65059","country":"UA","validationStatus":"Not Validated","secondaryValidationStatus":"Not Validated","clientCertificate":{"allowKeyRecoveryByMasterAdmins":true,"allowKeyRecoveryByOrgAdmins":true,"allowKeyRecoveryByDepartmentAdmins":true},"incorporatingAgency":"Inc Agency","mainTelephoneNumber":"22-22-22","dunAndBradstreetNumber":"123","companyRegistrationNumber":"234","jurisdictionOfIncorporationCity":"Jur City","stateOfIncorporation":"Jur State","countryOfIncorporation":"US","dateOfIncorporation":"03/07/2023","businessCategory":"Private Organization","contractSignerTitle":"Title","contractSignerForename":"Forename","contractSignerSurname":"Surname","contractSignerEmail":"some@email.com","contractSignerTelephoneNumber":"33-33-33","contractSignerStreet":"Street","contractSignerLocality":"Locality","contractSignerState":"State","contractSignerPostalCode":"12345","contractSignerCountry":"US","contractSignerRelationship":"Relationship"}Reports resource (Ver.1)
Several reports can be generated.
Certificate Status Codes
These codes can be used as parameters.
Code |
Status |
0 |
Any |
1 |
Requested |
2 |
Issued |
3 |
Revoked |
4 |
Expired |
5 |
Enrolled - Pending Download |
6 |
Not Enrolled |
7 |
Awaiting Approval |
8 |
Approved |
9 |
Applied |
10 |
Downloaded (Deprecated, Issued with "certificateDateAttribute" equal to "Date of Downloading" should be used instead) |
11 |
External (Deprecated, falls back to Issued. Issued with "certificateRequestSource" should be used instead) |
Date Attribute Type Codes
These codes can be used as parameters.
Code |
Attribute Type |
0 |
Date of Enrollment |
1 |
Date of Downloading |
2 |
Date of Revocation |
3 |
Date of Expiration |
4 |
Date of Request |
5 |
Date of Issuance |
6 |
Date of Invitation |
Activity Log Report
Retrieves a log of SCM activities for a customer’s account, including actions on Certificates and actions of Agents.
Example request
$ curl 'https://cert-manager.com/api/report/v1/activity' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer15564' \
-H 'password: Password123' \
-H 'customerUri: cst15564' \
-d '{"from":"2019-01-01T00:00:00.000Z","to":"2019-01-31T00:00:00.000Z"}'Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
from |
String |
Activity log includes the events that occurred from this date (ISO format, YYYY-MM-DD) |
Filters the audit log records by 'created' date. |
to |
String |
Activity log includes the events that occurred not later than this date (ISO format, YYYY-MM-DD) |
Filters the audit log records by 'created' date. |
Response body
{"statusCode":0,"reports":[{"id":100500,"action":{"id":42,"actionName":"admin: login success"},"admin":{"login":"admin","fullName":"MRAO admin","email":"admin@somecompany.com"},"accessMethod":"UI access","address":"37.214.176.150","date":"2019-01-02T00:00:00.000+02:00"}]}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Report execution status code |
|
|
Array of reported activity log records with details |
|
|
Activity log record ID |
|
|
An access method used to perform the action |
|
|
Action timestamp |
|
|
Source IP address of the action request |
|
|
Activity log record description |
|
|
Action info |
|
|
Action ID |
|
|
Action name |
|
|
Organization info |
|
|
An organization name which this action is associated with |
|
|
Organization address line 1 |
|
|
Organization address line 2 |
|
|
Organization address line 3 |
|
|
Person info |
|
|
A person name which this action is associated with |
|
|
Person email |
|
|
Person GUID |
|
|
Admin user info |
|
|
An admin login which this action is associated with |
|
|
Admin full name |
|
|
Admin email |
|
|
Client certificate info |
|
|
Client certificate subject |
|
|
The obsolete parameter for the order identifier under which the client certificate request has been processed. backendCertId should be used instead |
|
|
Client certificate ID in enrolling backend |
|
|
SSL certificate info |
|
|
SSL certificate common name |
|
|
The obsolete parameter for the order identifier under which the SSL certificate request has been processed. backendCertId should be used instead |
|
|
SSL certificate ID in enrolling backend |
|
|
SSL certificate term (days) |
|
|
SSL certificate profile name |
|
|
Notification info |
|
|
Notification description |
SSL Certificates Report
Example request
$ curl 'https://cert-manager.com/api/report/v1/ssl-certificates' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer15593' \
-H 'password: Password123' \
-H 'customerUri: cst15593' \
-d '{"from":"2019-01-01T00:00:00.000Z","to":"2019-01-31T00:00:00.000Z","organizationIds":[1102],"certificateStatus":1,"certificateDateAttribute":1,"certificateRequestSource":1,"serialNumberFormat":""}'Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
organizationIds |
Array |
Unique identifiers of the organizations. The report contains SSL certificates associated with these organizations. |
[] |
commonName |
String |
The report will contain only certs with Common Name pattern like this |
[Must match the regular expression: |
externalRequester |
String |
The report will contain only certs with External Requester pattern like this (case sensitive) |
[Size must be between 0 and 512 inclusive] |
certificateStatus |
Number |
Status ID of SSL certificates that are included in the report. |
The values applicable to this type of report are: [0(Any), 1(Requested), 2(Issued), 3(Revoked), 4(Expired)]. 11(External) - deprecated, see 'Certificate Status Codes' section for details. |
certificateDateAttribute |
Number |
Unique identifier of the date type. |
The values applicable to this type of report are: [2(Revocation Date), 3(Expiration Date), 4(Request Date), 5(Issuance Date)] |
from |
String |
The report contains SSL certificates which date, defined by 'certificateDateAttribute' request field, is not earlier than this date. |
ISO format, YYYY-MM-DD. Must be earlier than 'to' date. |
to |
String |
The report contains SSL certificates which date, defined by 'certificateDateAttribute' request field, is not later than this date. |
ISO format, YYYY-MM-DD. Must not be earlier than 'from' date. |
certificateRequestSource |
Number |
The source a certificate has been requested from. |
The values applicable to this type of report are: 0 (Enrollment Form) 1 (Client Admin) 2 (Web API) 3 (Discovery) 4 (Imported) 5 (SCEP) 7 (MS Agent) 9 (Bulk Request) 10 (ACME) 11 (EST) 12 (REST API) |
serialNumberFormat |
String |
Special format of a Serial Number, if required. |
If the value specified is 'HEXWithLeadingZeros', then report contains certificate serial numbers in HEX format without leading zeros stripped. |
Response body
{"statusCode":0,"reports":[{"id":42,"type":"Extended Wildcard Premium Customized","typeId":1046,"orgId":51,"commonName":"gov.bb","subjAltNames":"dNSName=www.gov.bb","status":"Requested","requester":"admin@somecompany.com","organizationName":"Office of Strategic Influence","serverType":"OTHER","requestedVia":"API","term":365,"comments":"Enrolled by urgent request","requested":"2019-01-02T00:00:00.000+02:00","serialNumber":"","city":"Bridgetown","state":"St. Michael","country":"BB","publicKeyAlg":"RSA","publicKeySize":"2048","publicKeyType":"RSA - 2048","customFields":[{"name":"Priority","value":"Medium"}]}]}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Report execution status code |
|
|
Array of reported SSL certificates with details |
|
|
Certificate common name |
|
|
An ID using which this certificate can be renewed or revoked through Enrollment form |
|
|
An organization ID which this certificate is associated with |
|
|
An organization name which this certificate is associated with |
|
|
An organization city which this certificate is associated with |
|
|
An organization state which this certificate is associated with |
|
|
An organization country which this certificate is associated with |
|
|
The status of this certificate |
|
|
The obsolete parameter for the order identifier under which the certificate request has been processed. backendCertId should be used instead |
|
|
Certificate ID in enrolling backend |
|
|
Deprecated |
|
|
Deprecated |
|
|
Certificate Profile ID |
|
|
Certificate Profile name |
|
|
Term (days) |
|
|
The subject of the issuing CA certificate |
|
|
Requester |
|
|
Approver |
|
|
External requester |
|
|
Comments |
|
|
Requested date |
|
|
Approved date |
|
|
Declined date |
|
|
Downloaded date |
|
|
Expiration date |
|
|
Revocation date |
|
|
Replaced date |
|
|
IP addresses |
|
|
Key algorithm (deprecated, see "publicKeyType") |
|
|
Key size (deprecated, see "publicKeyType") |
|
|
Key type. For example: RSA - 2048, EC - P-256. |
|
|
Subject alternative names |
|
|
SSL Serial Number |
|
|
Requested Via. Possible values: 'WEB_FORM', 'CLIENT_ADMIN', 'API', 'DISCOVERY', 'IMPORTED', 'SCEP', 'CD_AGENT', 'MS_AGENT', 'MS_CA', 'BULK_REQUEST', 'ACME', 'EST', 'REST' |
|
|
SHA1 Hash |
|
|
MD5 Hash |
|
|
Custom fields |
|
|
Custom field name |
|
|
Custom field value |
Client Certificates Report
Example request
$ curl 'https://cert-manager.com/api/report/v1/client-certificates' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer15568' \
-H 'password: Password123' \
-H 'customerUri: cst15568' \
-d '{"from":"2019-01-01T00:00:00.000Z","to":"2019-01-31T00:00:00.000Z","organizationIds":[1088],"certificateStatus":3,"certificateDateAttribute":1}'Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
organizationIds |
Array |
Unique identifiers of the organizations. The report contains Client certificates associated with these organizations. |
[] |
certificateStatus |
Number |
Status ID of Client certificates that are included in the report. |
The values applicable to this type of report are: [0(Any), 2(Enrolled), 3(Revoked), 4(Expired), 5(Enrolled - Pending Download), 6(Not Enrolled)]. 2(Enrolled) - Former 'Enrolled - Downloaded'. Use with "certificateDateAttribute" equal to "Date of Downloading" to get old semantic. Person list (without client certificates) will be present in the report as well for values: [0(Any), 6(Not Enrolled)] |
certificateDateAttribute |
Number |
Unique identifier of the date type. |
The values applicable to this type of report are: [0(Enrolled Date), 1(Downloaded Date), 2(Revocation Date), 3(Expiration Date)] |
from |
String |
The report contains Client certificates which date, defined by 'certificateDateAttribute' request field, is not earlier than this date. |
ISO format, YYYY-MM-DD. Must be earlier than 'to' date. |
to |
String |
The report contains Client certificates which date, defined by 'certificateDateAttribute' request field, is not later than this date. |
ISO format, YYYY-MM-DD. Must not be earlier than 'from' date. |
Response body
{"statusCode":0,"reports":[{"id":42,"person":{"name":"MRAO admin","email":"admin@somecompany.com","guid":"b89499c0-6329-359e-8a9f-1a42a7afa0c3"},"organization":{"id":"1","name":"Office of Strategic Influence"},"subject":"MRAO admin<admin@somecompany.com>","email":"admin@somecompany.com","orderNumber":100500,"backendCertId":"100500","enrolled":"2019-01-02T00:00:00.000+02:00","expire":"2019-01-03T00:00:00.000+02:00","enrollType":"Self Enroll"}]}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Report execution status code |
|
|
Array of reported client certificates with details |
|
|
An ID using which this certificate can be renewed or revoked through Enrollment form |
|
|
Certificate subject |
|
|
Certificate email |
|
|
The obsolete parameter for the order identifier under which the certificate request has been processed. backendCertId should be used instead |
|
|
Certificate ID in enrolling backend |
|
|
Enrolled date |
|
|
Expiration date |
|
|
Enrollment type. Possible values: 'Admin Enroll', 'Self Enroll', 'API Enroll', 'Auto Enroll', 'CSV Enroll', 'SCEP Enroll', 'IdP Enroll', 'MS Agent Enroll', 'Discovery', 'MS CA Enroll', 'Imported', 'EST Enroll', 'REST Enroll API' |
|
|
Organization info |
|
|
Organization ID |
|
|
An organization name which this certificate is associated with |
|
|
Person info |
|
|
A person name which this certificate is associated with |
|
|
Person email |
|
|
Person GUID |
Device Certificates Report
Example request
$ curl 'https://cert-manager.com/api/report/v1/device-certificates' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer15576' \
-H 'password: Password123' \
-H 'customerUri: cst15576' \
-d '{"from":"2023-03-06T22:17:24.880Z","to":"2023-03-08T22:17:24.880Z","certificateStatus":8,"certificateDateAttribute":4,"serialNumberFormat":""}'Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
organizationIds |
Array |
Unique identifiers of the organizations. The report contains Device certificates associated with these organizations. |
[] |
certificateStatus |
Number |
Status ID of Device certificates that are included in the report. |
The values applicable to this type of report are: [0(Any), 7(Awaiting Approval), 8(Approved), 9(Applied), 2(Issued), 3(Revoked), 4(Expired)]. 10(Downloaded) - deprecated, see 'Certificate Status Codes' section for details. |
certificateDateAttribute |
Number |
Unique identifier of the date type. |
The values applicable to this type of report are: [2(Revocation Date), 3(Expiration Date), 4(Request Date), 5(Issuance Date)] |
from |
String |
The report contains Device certificates which date, defined by 'certificateDateAttribute' request field, is not earlier than this date. |
ISO format, YYYY-MM-DD. Must be earlier than 'to' date. |
to |
String |
The report contains Device certificates which date, defined by 'certificateDateAttribute' request field, is not later than this date. |
ISO format, YYYY-MM-DD. Must not be earlier than 'from' date. |
serialNumberFormat |
String |
Special format of a Serial Number, if required. |
If the value specified is 'HEXWithLeadingZeros', then report contains certificate serial numbers in HEX format without leading zeros stripped. |
Response body
{"statusCode":0,"reports":[{"id":93,"commonName":"34356576543tnl54hgnu49u90g","organization":{"id":"1092","name":"org4Test"},"deviceCertStatus":"Approved","subject":"C=UA,ST=Odessa,L=Odessa,O=Test,OU=Test,CN=Test,E=test@test.test","email":"Someone@nobody.comodo.od.ua","city":"","state":"","country":"","orderNumber":100500,"backendCertId":"100500","serialNumber":"","certTypeName":"Device cert SASP -907490468","expire":"2024-03-06T22:17:24.843+02:00","enrollType":"API","keyAlgorithm":"RSA","keySize":2048,"keyType":"RSA - 2048","signatureAlgorithm":""}]}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Report execution status code |
|
|
Array of reported device certificates with details |
|
|
An ID using which this certificate can be renewed or revoked through Enrollment form |
|
|
Certificate common name |
|
|
Certificate subject |
|
|
An organization city which this certificate is associated with |
|
|
An organization state which this certificate is associated with |
|
|
An organization country which this certificate is associated with |
|
|
The status of this certificate |
|
|
Device certificate serial number |
|
|
Certificate email |
|
|
The obsolete parameter for the order identifier under which the certificate request has been processed. backendCertId should be used instead |
|
|
Certificate ID in enrolling backend |
|
|
Enrolled date |
|
|
Expiration date |
|
|
Enrollment type. Possible values: 'API', 'DISCOVERY', 'API_APPROVAL', 'SELF_ENROLLMENT', 'SCEP_ENROLL', 'MS_CA', 'MS_CA_ENROLL_ON_BEHALF', 'UI', 'EST_ENROLL', 'REST_ENROLL' |
|
|
Key algorithm (deprecated, see "keyType") |
|
|
Key size (deprecated, see "keyType") |
|
|
Key type. For example: RSA - 2048, EC - P-256. |
|
|
Key type. For example: RSA - 2048, EC - P-256. |
|
|
Certificate Profile name |
|
|
Key usage extensions define the purpose of the public key contained in a certificate |
|
|
Extended key usage further refines key usage extensions |
|
|
Certificate authority ID |
|
|
Certificate authority name |
|
|
Organization info |
|
|
Organization ID |
|
|
An organization name which this certificate is associated with |
Domains Report
Example request
$ curl 'https://cert-manager.com/api/report/v1/domains' -i -X POST \
-H 'Content-Type: application/json;charset=utf-8' \
-H 'login: admin_customer15584' \
-H 'password: Password123' \
-H 'customerUri: cst15584'HTTP request
POST /api/report/v1/domains HTTP/1.1
Content-Type: application/json;charset=utf-8
login: admin_customer15584
password: Password123
customerUri: cst15584
Host: cert-manager.comResponse body
{"statusCode":0,"reports":[{"id":42,"name":"gov.bb","status":"ACTIVE","requested":"2019-01-02T00:00:00.000+02:00","dcvStatus":"Validated","stickyUntil":"2019-01-03T00:00:00.000+02:00"}]}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Report execution status code |
|
|
Array of reported domain records with details |
|
|
Domain id |
|
|
Domain name |
|
|
Domain state. Available values are: [Suspended, Active] |
|
|
Domain requested date |
|
|
DCV expiration date |
|
|
Domain control validation status. Possible values: 'Not Initiated', 'Validated', 'Action Required', 'Expired' |
ACME account resource (Ver.1)
Create new ACME account
HTTP request
POST /api/acme/v1/account HTTP/1.1
Content-Type: application/json
login: nick-15272
password: Password123
customerUri: cst15267
Content-Length: 536
Host: cert-manager.com
{"acmeServer":"EV ACME Server","name":"EV ACME Account","organizationId":1043,"evDetails":{"orgName":"org4Test","orgCountry":"UA","postOfficeBox":"PostOfficeBox","orgAddress1":"Deribasovskaya 1","orgAddress2":"Street 2","orgAddress3":"Street 3","orgLocality":"Odesa","orgStateOrProvince":"Odeska oblast","orgPostalCode":"65059","orgJoiState":"Odeska oblast","orgJoiCountry":"UA","orgJoiLocality":"Odesa","assumedName":"Name DBA","businessCategory":"PrivateOrganization","dateOfIncorporation":"1970-01-01","companyNumber":"23459823565"}}Path parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
name |
String |
ACME account name |
[Must not be blank, Size must be between 1 and 128 inclusive] |
acmeServer |
String |
ACME account server name |
[Must not be blank, Size must be between 1 and 1024 inclusive] |
organizationId |
Number |
ACME account organization ID |
[Must be at least 1, Must not be null] |
evDetails.orgName |
String |
EV organization name |
[Must not be blank, Size must be between 0 and 128 inclusive] |
evDetails.orgCountry |
String |
EV organization country |
[Size must be between 2 and 2 inclusive] |
evDetails.postOfficeBox |
String |
EV organization post office box |
[Size must be between 0 and 40 inclusive] |
evDetails.orgAddress1 |
String |
EV organization address 1 |
[Size must be between 0 and 128 inclusive] |
evDetails.orgAddress2 |
String |
EV organization address 2 |
[Size must be between 0 and 128 inclusive] |
evDetails.orgAddress3 |
String |
EV organization address 3 |
[Size must be between 0 and 128 inclusive] |
evDetails.orgLocality |
String |
EV organization city |
[Size must be between 0 and 128 inclusive] |
evDetails.orgStateOrProvince |
String |
EV organization state/province |
[Size must be between 0 and 128 inclusive] |
evDetails.orgPostalCode |
String |
EV organization postal code |
[Size must be between 0 and 40 inclusive] |
evDetails.orgJoiState |
String |
EV organization state or province of incorporation |
[Size must be between 0 and 128 inclusive] |
evDetails.orgJoiCountry |
String |
EV organization country of incorporation |
[Size must be between 2 and 2 inclusive] |
evDetails.orgJoiLocality |
String |
EV organization jurisdiction of incorporation city or town |
[Size must be between 0 and 128 inclusive] |
evDetails.assumedName |
String |
EV organization assumed name |
[Size must be between 0 and 128 inclusive] |
evDetails.businessCategory |
String |
EV organization business category. Values: [PrivateOrganization, GovernmentEntity, BusinessEntity, NonCommercialEntity] |
[] |
evDetails.dateOfIncorporation |
String |
EV organization date of incorporation |
[Size must be between 8 and 8 inclusive] |
evDetails.companyNumber |
String |
EV organization registration number |
[Size must be between 0 and 25 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/account' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: nick-15272' \
-H 'password: Password123' \
-H 'customerUri: cst15267' \
-d '{"acmeServer":"EV ACME Server","name":"EV ACME Account","organizationId":1043,"evDetails":{"orgName":"org4Test","orgCountry":"UA","postOfficeBox":"PostOfficeBox","orgAddress1":"Deribasovskaya 1","orgAddress2":"Street 2","orgAddress3":"Street 3","orgLocality":"Odesa","orgStateOrProvince":"Odeska oblast","orgPostalCode":"65059","orgJoiState":"Odeska oblast","orgJoiCountry":"UA","orgJoiLocality":"Odesa","assumedName":"Name DBA","businessCategory":"PrivateOrganization","dateOfIncorporation":"1970-01-01","companyNumber":"23459823565"}}'Example response
HTTP/1.1 201 Created
Location: https://cert-manager.com/api/acme/v1/account/60Response headers
| Name | Description |
|---|---|
|
New ACME account resource added on Private CA |
List ACME accounts
HTTP request
GET /api/acme/v1/account?position=0&size=10&organizationId=1052&name=OV+ACME+Account&acmeServer=OV+ACME+Server&status=Pending HTTP/1.1
login: nick-15335
password: Password123
customerUri: cst15330
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
Request parameters
| Parameter | Description |
|---|---|
|
Position shift |
|
Count of entries |
|
Organization ID. You can append '%2C-2' (e.g. organizationId=105%2C-2) URL-encoded suffix for none departments selection, only organization(e.g. with ID=105) itself. |
|
ACME account name |
|
ACME account server name |
|
ACME account server validation type. Values: [DV, OV, EV] |
|
ACME account status |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/account?position=0&size=10&organizationId=1052&name=OV+ACME+Account&acmeServer=OV+ACME+Server&status=Pending' -i -X GET \
-H 'login: nick-15335' \
-H 'password: Password123' \
-H 'customerUri: cst15330'Example response
HTTP/1.1 200 OK
X-Total-Count: 1
Content-Type: application/json
Content-Length: 407
[{"id":71,"accountId":"bf0e6668-265d-46b2-bec0-aa172a4f76f3","macId":"bf0e6668-265d-46b2-bec0-aa172a4f76f3","macKey":"d7215fe4-4be5-4084-a6fe-dcf51c9f538b","acmeServer":"OV ACME Server","name":"OV ACME Account","organizationId":1052,"certValidationType":"OV","status":"Pending","ovOrderNumber":1432381264,"evDetails":{},"contacts":"","domains":[{"name":"domain.ccmqa.com"},{"name":"sub.domain.ccmqa.com"}]}]Response headers
| Name | Description |
|---|---|
|
Total count of filtered ACME accounts existing on SASP public CA side |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
List of ACME accounts |
|
|
ACME account entity ID |
|
|
ACME account name |
|
|
ACME account status |
|
|
ACME account HMAC key |
|
|
ACME account key ID |
|
|
ACME account server name |
|
|
ACME account organization ID |
|
|
ACME account server validation type. Values: [DV, OV, EV] |
|
|
ACME account ID |
|
|
OV order number |
|
|
ACME account contacts |
|
|
ACME account EV details |
|
|
ACME account domains |
|
|
ACME account domain name |
Find ACME account by ID
HTTP request
GET /api/acme/v1/account/67 HTTP/1.1
login: nick-15320
password: Password123
customerUri: cst15315
Accept: application/json
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
|
ACME account entity ID |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/account/67' -i -X GET \
-H 'login: nick-15320' \
-H 'password: Password123' \
-H 'customerUri: cst15315' \
-H 'Accept: application/json'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 807
{"id":67,"accountId":"37d1bfda-84c9-4d50-94d4-2a3be89ced47","macId":"37d1bfda-84c9-4d50-94d4-2a3be89ced47","macKey":"147b3304-6358-4366-8ce4-2f9e47db4576","acmeServer":"EV ACME Server","name":"EV ACME Account","organizationId":1050,"certValidationType":"EV","status":"Pending","ovOrderNumber":0,"evDetails":{"orgName":"org4Test","orgCountry":"UA","postOfficeBox":"PostOfficeBox","orgAddress1":"Deribasovskaya 1","orgAddress2":"Street 2","orgAddress3":"Street 3","orgLocality":"Odesa","orgStateOrProvince":"Odeska oblast","orgPostalCode":"65059","orgJoiState":"Odeska oblast","orgJoiCountry":"UA","orgJoiLocality":"Odesa","assumedName":"Name DBA","businessCategory":"PrivateOrganization","dateOfIncorporation":"1970-01-01","companyNumber":"23459823565"},"contacts":"","domains":[{"name":"domain.ccmqa.com"}]}Response fields
| Path | Type | Description |
|---|---|---|
|
|
ACME account entity ID |
|
|
ACME account name |
|
|
ACME account status |
|
|
ACME account HMAC key |
|
|
ACME account key ID |
|
|
ACME account server name |
|
|
ACME account organization ID |
|
|
ACME account server validation type. Values: [DV, OV, EV] |
|
|
ACME account ID |
|
|
OV order number |
|
|
ACME account contacts |
|
|
ACME account EV details |
|
|
EV organization name |
|
|
EV organization country |
|
|
EV organization post office box |
|
|
EV organization address 1 |
|
|
EV organization address 2 |
|
|
EV organization address 3 |
|
|
EV organization city |
|
|
EV organization state/province |
|
|
EV organization postal code |
|
|
EV organization state or province of incorporation |
|
|
EV organization country of incorporation |
|
|
EV organization jurisdiction of incorporation city or town |
|
|
EV organization assumed name |
|
|
EV organization business category. Values: [PrivateOrganization, GovernmentEntity, BusinessEntity, NonCommercialEntity] |
|
|
EV organization date of incorporation |
|
|
EV organization registration number |
|
|
ACME account domains |
|
|
ACME account domain name |
Update ACME account
HTTP request
PUT /api/acme/v1/account/76 HTTP/1.1
Content-Type: application/json
login: nick-15365
password: Password123
customerUri: cst15360
Content-Length: 34
Host: cert-manager.com
{"name":"EV ACME Account Updated"}Path parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
|
ACME account entity ID |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
name |
String |
ACME account name |
[Must not be blank, Size must be between 1 and 128 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/account/76' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'login: nick-15365' \
-H 'password: Password123' \
-H 'customerUri: cst15360' \
-d '{"name":"EV ACME Account Updated"}'Example response
HTTP/1.1 200 OKDelete ACME account
HTTP request
DELETE /api/acme/v1/account/62 HTTP/1.1
login: nick-15289
password: Password123
customerUri: cst15284
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
|
ID of ACME account that being deleted |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/account/62' -i -X DELETE \
-H 'login: nick-15289' \
-H 'password: Password123' \
-H 'customerUri: cst15284'Example response
HTTP/1.1 204 No ContentAdd domains to ACME account
HTTP request
POST /api/acme/v1/account/52/domains HTTP/1.1
Content-Type: application/json
login: nick-15241
password: Password123
customerUri: cst15236
Content-Length: 73
Host: cert-manager.com
{"domains":[{"name":"domain.ccmqa.com"},{"name":"sub.domain.ccmqa.com"}]}Path parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
|
ACME account entity ID |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
domains[] |
Array |
Domains list |
[Must not be empty] |
domains[].name |
String |
Domain name |
[Must not be blank, Size must be between 1 and 1024 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/account/52/domains' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: nick-15241' \
-H 'password: Password123' \
-H 'customerUri: cst15236' \
-d '{"domains":[{"name":"domain.ccmqa.com"},{"name":"sub.domain.ccmqa.com"}]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 40
{"notAddedDomains":["domain.ccmqa.com"]}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Domains not added to the ACME account upon update operation |
Remove domains from ACME account
HTTP request
DELETE /api/acme/v1/account/65/domains HTTP/1.1
Content-Type: application/json
login: nick-15304
password: Password123
customerUri: cst15299
Content-Length: 76
Host: cert-manager.com
{"domains":[{"name":"domain.ccmqa.com.ua"},{"name":"sub.domain.ccmqa.com"}]}Path parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
|
ACME account entity ID |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
domains[] |
Array |
Domains list |
[Must not be empty] |
domains[].name |
String |
Domain name |
[Must not be blank, Size must be between 1 and 1024 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/account/65/domains' -i -X DELETE \
-H 'Content-Type: application/json' \
-H 'login: nick-15304' \
-H 'password: Password123' \
-H 'customerUri: cst15299' \
-d '{"domains":[{"name":"domain.ccmqa.com.ua"},{"name":"sub.domain.ccmqa.com"}]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 45
{"notRemovedDomains":["domain.ccmqa.com.ua"]}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Domains not removed from the ACME account upon update operation |
ACME account resource (Ver.2)
Create new ACME account
HTTP request
POST /api/acme/v2/account HTTP/1.1
Content-Type: application/json
login: nick-15411
password: Password123
customerUri: cst15406
Content-Length: 536
Host: cert-manager.com
{"acmeServer":"EV ACME Server","name":"EV ACME Account","organizationId":1063,"evDetails":{"orgName":"org4Test","orgCountry":"UA","postOfficeBox":"PostOfficeBox","orgAddress1":"Deribasovskaya 1","orgAddress2":"Street 2","orgAddress3":"Street 3","orgLocality":"Odesa","orgStateOrProvince":"Odeska oblast","orgPostalCode":"65059","orgJoiState":"Odeska oblast","orgJoiCountry":"UA","orgJoiLocality":"Odesa","assumedName":"Name DBA","businessCategory":"PrivateOrganization","dateOfIncorporation":"1970-01-01","companyNumber":"23459823565"}}Path parameters
| Parameter | Description |
|---|---|
|
API version (v2) |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
name |
String |
ACME account name |
[Must not be blank, Size must be between 1 and 128 inclusive] |
acmeServer |
String |
ACME account server name |
[Must not be blank, Size must be between 1 and 1024 inclusive] |
organizationId |
Number |
ACME account organization ID |
[Must be at least 1, Must not be null] |
evDetails.orgName |
String |
EV organization name |
[Must not be blank, Size must be between 0 and 128 inclusive] |
evDetails.orgCountry |
String |
EV organization country |
[Size must be between 2 and 2 inclusive] |
evDetails.postOfficeBox |
String |
EV organization post office box |
[Size must be between 0 and 40 inclusive] |
evDetails.orgAddress1 |
String |
EV organization address 1 |
[Size must be between 0 and 128 inclusive] |
evDetails.orgAddress2 |
String |
EV organization address 2 |
[Size must be between 0 and 128 inclusive] |
evDetails.orgAddress3 |
String |
EV organization address 3 |
[Size must be between 0 and 128 inclusive] |
evDetails.orgLocality |
String |
EV organization city |
[Size must be between 0 and 128 inclusive] |
evDetails.orgStateOrProvince |
String |
EV organization state/province |
[Size must be between 0 and 128 inclusive] |
evDetails.orgPostalCode |
String |
EV organization postal code |
[Size must be between 0 and 40 inclusive] |
evDetails.orgJoiState |
String |
EV organization state or province of incorporation |
[Size must be between 0 and 128 inclusive] |
evDetails.orgJoiCountry |
String |
EV organization country of incorporation |
[Size must be between 2 and 2 inclusive] |
evDetails.orgJoiLocality |
String |
EV organization jurisdiction of incorporation city or town |
[Size must be between 0 and 128 inclusive] |
evDetails.assumedName |
String |
EV organization assumed name |
[Size must be between 0 and 128 inclusive] |
evDetails.businessCategory |
String |
EV organization business category. Values: [PrivateOrganization, GovernmentEntity, BusinessEntity, NonCommercialEntity] |
[] |
evDetails.dateOfIncorporation |
String |
EV organization date of incorporation |
[Size must be between 8 and 8 inclusive] |
evDetails.companyNumber |
String |
EV organization registration number |
[Size must be between 0 and 25 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/acme/v2/account' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: nick-15411' \
-H 'password: Password123' \
-H 'customerUri: cst15406' \
-d '{"acmeServer":"EV ACME Server","name":"EV ACME Account","organizationId":1063,"evDetails":{"orgName":"org4Test","orgCountry":"UA","postOfficeBox":"PostOfficeBox","orgAddress1":"Deribasovskaya 1","orgAddress2":"Street 2","orgAddress3":"Street 3","orgLocality":"Odesa","orgStateOrProvince":"Odeska oblast","orgPostalCode":"65059","orgJoiState":"Odeska oblast","orgJoiCountry":"UA","orgJoiLocality":"Odesa","assumedName":"Name DBA","businessCategory":"PrivateOrganization","dateOfIncorporation":"1970-01-01","companyNumber":"23459823565"}}'Example response
HTTP/1.1 201 Created
Location: https://cert-manager.com/api/acme/v2/account/89Response headers
| Name | Description |
|---|---|
|
New ACME account resource added on Private CA |
List ACME accounts
HTTP request
GET /api/acme/v2/account?position=0&size=10&organizationId=1072&name=OV+ACME+Account&acmeServer=OV+ACME+Server&status=Pending HTTP/1.1
login: nick-15474
password: Password123
customerUri: cst15469
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v2) |
Request parameters
| Parameter | Description |
|---|---|
|
Position shift |
|
Count of entries |
|
Organization ID. You can append '%2C-2' (e.g. organizationId=105%2C-2) URL-encoded suffix for none departments selection, only organization(e.g. with ID=105) itself. |
|
ACME account name |
|
ACME account server name |
|
ACME account server validation type. Values: [DV, OV, EV] |
|
ACME account status |
Example request
$ curl 'https://cert-manager.com/api/acme/v2/account?position=0&size=10&organizationId=1072&name=OV+ACME+Account&acmeServer=OV+ACME+Server&status=Pending' -i -X GET \
-H 'login: nick-15474' \
-H 'password: Password123' \
-H 'customerUri: cst15469'Example response
HTTP/1.1 200 OK
X-Total-Count: 1
Content-Type: application/json
Content-Length: 335
[{"id":100,"accountId":"fbd06cb3-1684-42d7-acc6-a3d334182210","macId":"fbd06cb3-1684-42d7-acc6-a3d334182210","macKey":"dce0355a-dd84-42ab-b6ac-19421e1523f2","acmeServer":"OV ACME Server","name":"OV ACME Account","organizationId":1072,"certValidationType":"OV","status":"Pending","ovOrderNumber":768113884,"evDetails":{},"contacts":""}]Response headers
| Name | Description |
|---|---|
|
Total count of filtered ACME accounts existing on SASP public CA side |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
List of ACME accounts |
|
|
ACME account entity ID |
|
|
ACME account name |
|
|
ACME account status |
|
|
ACME account HMAC key |
|
|
ACME account key ID |
|
|
ACME account server name |
|
|
ACME account organization ID |
|
|
ACME account server validation type. Values: [DV, OV, EV] |
|
|
ACME account ID |
|
|
OV order number |
|
|
ACME account contacts |
|
|
ACME account EV details |
Find ACME account by ID
HTTP request
GET /api/acme/v2/account/96 HTTP/1.1
login: nick-15459
password: Password123
customerUri: cst15454
Accept: application/json
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v2) |
|
ACME account entity ID |
Example request
$ curl 'https://cert-manager.com/api/acme/v2/account/96' -i -X GET \
-H 'login: nick-15459' \
-H 'password: Password123' \
-H 'customerUri: cst15454' \
-H 'Accept: application/json'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 767
{"id":96,"accountId":"d701a437-324c-4080-80f2-653a3bbb55d4","macId":"d701a437-324c-4080-80f2-653a3bbb55d4","macKey":"d335d0e4-a990-4a3a-b663-4ffe9d45a51e","acmeServer":"EV ACME Server","name":"EV ACME Account","organizationId":1070,"certValidationType":"EV","status":"Pending","ovOrderNumber":0,"evDetails":{"orgName":"org4Test","orgCountry":"UA","postOfficeBox":"PostOfficeBox","orgAddress1":"Deribasovskaya 1","orgAddress2":"Street 2","orgAddress3":"Street 3","orgLocality":"Odesa","orgStateOrProvince":"Odeska oblast","orgPostalCode":"65059","orgJoiState":"Odeska oblast","orgJoiCountry":"UA","orgJoiLocality":"Odesa","assumedName":"Name DBA","businessCategory":"PrivateOrganization","dateOfIncorporation":"1970-01-01","companyNumber":"23459823565"},"contacts":""}Response fields
| Path | Type | Description |
|---|---|---|
|
|
ACME account entity ID |
|
|
ACME account name |
|
|
ACME account status |
|
|
ACME account HMAC key |
|
|
ACME account key ID |
|
|
ACME account server name |
|
|
ACME account organization ID |
|
|
ACME account server validation type. Values: [DV, OV, EV] |
|
|
ACME account ID |
|
|
OV order number |
|
|
ACME account contacts |
|
|
ACME account EV details |
|
|
EV organization name |
|
|
EV organization country |
|
|
EV organization post office box |
|
|
EV organization address 1 |
|
|
EV organization address 2 |
|
|
EV organization address 3 |
|
|
EV organization city |
|
|
EV organization state/province |
|
|
EV organization postal code |
|
|
EV organization state or province of incorporation |
|
|
EV organization country of incorporation |
|
|
EV organization jurisdiction of incorporation city or town |
|
|
EV organization assumed name |
|
|
EV organization business category. Values: [PrivateOrganization, GovernmentEntity, BusinessEntity, NonCommercialEntity] |
|
|
EV organization date of incorporation |
|
|
EV organization registration number |
Update ACME account
HTTP request
PUT /api/acme/v2/account/105 HTTP/1.1
Content-Type: application/json
login: nick-15504
password: Password123
customerUri: cst15499
Content-Length: 34
Host: cert-manager.com
{"name":"EV ACME Account Updated"}Path parameters
| Parameter | Description |
|---|---|
|
API version (v2) |
|
ACME account entity ID |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
name |
String |
ACME account name |
[Must not be blank, Size must be between 1 and 128 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/acme/v2/account/105' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'login: nick-15504' \
-H 'password: Password123' \
-H 'customerUri: cst15499' \
-d '{"name":"EV ACME Account Updated"}'Example response
HTTP/1.1 200 OKDelete ACME account
HTTP request
DELETE /api/acme/v2/account/91 HTTP/1.1
login: nick-15428
password: Password123
customerUri: cst15423
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v2) |
|
ID of ACME account that being deleted |
Example request
$ curl 'https://cert-manager.com/api/acme/v2/account/91' -i -X DELETE \
-H 'login: nick-15428' \
-H 'password: Password123' \
-H 'customerUri: cst15423'Example response
HTTP/1.1 204 No ContentAdd domains to ACME account
HTTP request
POST /api/acme/v2/account/81/domain HTTP/1.1
Content-Type: application/json
login: nick-15380
password: Password123
customerUri: cst15375
Content-Length: 73
Host: cert-manager.com
{"domains":[{"name":"domain.ccmqa.com"},{"name":"sub.domain.ccmqa.com"}]}Path parameters
| Parameter | Description |
|---|---|
|
API version (v2) |
|
ACME account entity ID |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
domains[] |
Array |
Domains list |
[Must not be empty] |
domains[].name |
String |
Domain name |
[Must not be blank, Size must be between 1 and 1024 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/acme/v2/account/81/domain' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: nick-15380' \
-H 'password: Password123' \
-H 'customerUri: cst15375' \
-d '{"domains":[{"name":"domain.ccmqa.com"},{"name":"sub.domain.ccmqa.com"}]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 40
{"notAddedDomains":["domain.ccmqa.com"]}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Domains not added to the ACME account upon update operation |
List ACME account’s domains
HTTP request
GET /api/acme/v2/account/115/domain?position=0&size=10&name=.*&expiresWithinNextDays=365&stickyExpiresWithinNextDays=365 HTTP/1.1
login: nick-15549
password: Password123
customerUri: cst15544
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v2) |
|
SCM internal ID of ACME account whose domains are requested. |
Request parameters
| Parameter | Description |
|---|---|
|
Position shift |
|
Count of entries |
|
The RegExp that can be used as a filter to get ACME account domains whose names match against. Special characters should be URL-encoded e.g. \. ⇒ %5C%2E |
|
Number of days(from current date) that is used as a filter to get ACME account’s domains whose 'validUntil' field(date) falls within the specifies time period, so during which ACME account’s domain validation will be or already has(in case of negative number) expired.Zero number of days means today, negative number of days means before today, positive number of days means after today. |
|
Number of days(from current date) that is used as a filter to get ACME account’s domains whose 'stickyUntil' field(date) falls within the specifies time period, so during which ACME account domain validation sticky will be or already has(in case of negative number) expired. Zero number of days means today, negative number of days means before today, positive number of days means after today. |
Example request
$ curl 'https://cert-manager.com/api/acme/v2/account/115/domain?position=0&size=10&name=.*&expiresWithinNextDays=365&stickyExpiresWithinNextDays=365' -i -X GET \
-H 'login: nick-15549' \
-H 'password: Password123' \
-H 'customerUri: cst15544'Example response
HTTP/1.1 200 OK
X-Total-Count: 2
Content-Type: application/json
Content-Length: 289
[{"name":"domain.ccmqa.com","validUntil":"2024-03-06T20:17:06.051Z","stickyUntil":"2024-03-06T20:17:06.051Z","ovAnchorOrderNumber":1970510681},{"name":"sub.domain.ccmqa.com","validUntil":"2024-03-06T20:17:06.052Z","stickyUntil":"2024-03-06T20:17:06.052Z","ovAnchorOrderNumber":1970510681}]Response headers
| Name | Description |
|---|---|
|
Total count of filtered ACME account’s domains existing on Public(SASP) CA side |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
ACME account’s domains |
|
|
ACME account domain name |
|
|
ACME account domain validation until date in ISO-8601 format |
|
|
ACME account domain validation sticky until date in ISO-8601 format |
|
|
ACME account validated domain OV order number from SASP public CA |
|
|
ACME account validated domain EV order number from SASP public CA |
Remove domains from ACME account
HTTP request
DELETE /api/acme/v2/account/94/domain HTTP/1.1
Content-Type: application/json
login: nick-15443
password: Password123
customerUri: cst15438
Content-Length: 76
Host: cert-manager.com
{"domains":[{"name":"domain.ccmqa.com.ua"},{"name":"sub.domain.ccmqa.com"}]}Path parameters
| Parameter | Description |
|---|---|
|
API version (v2) |
|
ACME account entity ID |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
domains[] |
Array |
Domains list |
[Must not be empty] |
domains[].name |
String |
Domain name |
[Must not be blank, Size must be between 1 and 1024 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/acme/v2/account/94/domain' -i -X DELETE \
-H 'Content-Type: application/json' \
-H 'login: nick-15443' \
-H 'password: Password123' \
-H 'customerUri: cst15438' \
-d '{"domains":[{"name":"domain.ccmqa.com.ua"},{"name":"sub.domain.ccmqa.com"}]}'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 45
{"notRemovedDomains":["domain.ccmqa.com.ua"]}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Domains not removed from the ACME account upon update operation |
List ACME account’s clients
HTTP request
GET /api/acme/v2/account/112/client?position=0&size=10&userAgent=acme&ipAddress=10.1&contacts=%40contact.test&status=valid&status=pending&lastActivityWithinPrevDays=0 HTTP/1.1
login: nick-15534
password: Password123
customerUri: cst15529
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v2) |
|
SCM internal ID of ACME account whose clients are requested. |
Request parameters
| Parameter | Description |
|---|---|
|
Position shift |
|
Count of entries |
|
The any substring of ACME account client’s 'userAgent' field to match against |
|
The any substring of ACME account client’s 'ipAddress' field to match against |
|
The status string of ACME account client’s 'status' field to equal |
|
Number of days(from end of the current day to the past) that is used as a filter to get ACME account’s clients whose 'lastActivity' field(date) falls within the specifies time period, so during which ACME account’s client was last active (connected/requested the SASP public CA). |
|
The any substring of ACME account client’s 'contacts' field to match against |
Example request
$ curl 'https://cert-manager.com/api/acme/v2/account/112/client?position=0&size=10&userAgent=acme&ipAddress=10.1&contacts=%40contact.test&status=valid&status=pending&lastActivityWithinPrevDays=0' -i -X GET \
-H 'login: nick-15534' \
-H 'password: Password123' \
-H 'customerUri: cst15529'Example response
HTTP/1.1 200 OK
X-Total-Count: 2
Content-Type: application/json
Content-Length: 603
[{"id":69,"accountId":"FswPwHxLUh-caoO3AAAAAA==","ipAddress":"10.18.8.143","userAgent":"CertbotACMEClient/1.22.0 (certbot; Ubuntu 18.04.6 LTS) Authenticator/standalone Installer/None (certonly; flags: n) Py/3.6.9","status":"pending","lastActivity":"2023-03-07T20:05:43.492Z","contacts":"client2.1@contact.test, client2.2@contact.test"},{"id":68,"accountId":"FmcZgzSqt6TpAtQFAAAAAA==","ipAddress":"10.17.7.152","userAgent":"lego-cli/4.2.0 xenolf-acme/4.2.0 (release; windows; amd64)","status":"valid","lastActivity":"2023-03-07T20:05:43.492Z","contacts":"client1.1@contact.test, client1.2@contact.test"}]Response headers
| Name | Description |
|---|---|
|
Total count of filtered ACME account’s clients existing on Public(SASP) CA side |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
ACME account’s clients |
|
|
Internal SCM identifier of ACME account client |
|
|
ACME account client’s accountID. Note this identifier is concerning to the ACME client itself, but not to its parent ACME account. |
|
|
ACME account client’s user agent name |
|
|
IP address of host from where the ACME account’s client was last active |
|
|
ACME account client’s status |
|
|
Date when ACME account’s client was last active |
|
|
ACME account client’s contacts |
Delete ACME account’s client
HTTP request
DELETE /api/acme/v2/account/109/client/66 HTTP/1.1
login: nick-15519
password: Password123
customerUri: cst15514
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v2) |
|
ID of ACME account whose client will being deleted |
|
ID of ACME account’s client that being deleted |
Example request
$ curl 'https://cert-manager.com/api/acme/v2/account/109/client/66' -i -X DELETE \
-H 'login: nick-15519' \
-H 'password: Password123' \
-H 'customerUri: cst15514'Example response
HTTP/1.1 204 No ContentPrivate CA’s ACME account resource
Create new Private CA’s ACME account
HTTP request
POST /api/acme/v1/pca/account HTTP/1.1
Content-Type: application/json
login: nick-15144
password: Password123
customerUri: cst15139
Content-Length: 134
Host: cert-manager.com
{"acmeServer":"Universal ACME Server","name":"Universal ACME Account","organizationId":1000,"profileName":"SSL PRIVATE_CA 1265674234"}Path parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
name |
String |
Universal ACME account name |
[Must not be blank, Size must be between 1 and 128 inclusive] |
acmeServer |
String |
Universal ACME account server name |
[Must not be blank, Size must be between 1 and 1024 inclusive] |
organizationId |
Number |
Universal ACME account organization ID |
[Must be at least 1, Must not be null] |
profileName |
String |
Universal ACME account profile name |
[Must not be empty] |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/pca/account' -i -X POST \
-H 'Content-Type: application/json' \
-H 'login: nick-15144' \
-H 'password: Password123' \
-H 'customerUri: cst15139' \
-d '{"acmeServer":"Universal ACME Server","name":"Universal ACME Account","organizationId":1000,"profileName":"SSL PRIVATE_CA 1265674234"}'Example response
HTTP/1.1 201 Created
Location: https://cert-manager.com/api/acme/v1/pca/account/11Response headers
| Name | Description |
|---|---|
|
New ACME account resource added on Private CA |
List Private CA’s ACME accounts
HTTP request
GET /api/acme/v1/pca/account?position=0&size=10&organizationId=1008&name=Universal+ACME+Account&acmeServer=Universal+ACME+Server HTTP/1.1
login: nick-15186
password: Password123
customerUri: cst15181
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
Request parameters
| Parameter | Description |
|---|---|
|
Position shift |
|
Count of entries |
|
Organization ID |
|
Universal ACME account name |
|
Universal ACME account server name |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/pca/account?position=0&size=10&organizationId=1008&name=Universal+ACME+Account&acmeServer=Universal+ACME+Server' -i -X GET \
-H 'login: nick-15186' \
-H 'password: Password123' \
-H 'customerUri: cst15181'Example response
HTTP/1.1 200 OK
X-Total-Count: 1
Content-Type: application/json
Content-Length: 297
[{"id":15,"accountId":"b1056e8a-3d26-4e02-b567-a01a3a2c7911","macId":"eyJpZCI6MTUsInR5cGUiOiJQUklWQVRFX0FDTUUifQ==","macKey":"394b8985-78b9-4127-817a-4273f57ecc56","acmeServer":"Universal ACME Server","name":"Universal ACME Account","organizationId":1008,"profileName":"SSL PRIVATE_CA 613330629"}]Response headers
| Name | Description |
|---|---|
|
Total count of filtered ACME accounts existing on Private CA side |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
List of Universal ACME accounts |
|
|
Universal ACME account entity ID |
|
|
Universal ACME account name |
|
|
Universal ACME account HMAC key |
|
|
Universal ACME account key ID |
|
|
Universal ACME account server name |
|
|
Universal ACME account organization ID |
|
|
Universal ACME account ID |
|
|
Universal ACME account profile name |
Find Private CA’s ACME account by ID
HTTP request
GET /api/acme/v1/pca/account/14 HTTP/1.1
login: nick-15175
password: Password123
customerUri: cst15170
Accept: application/json
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
|
Universal ACME account entity ID |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/pca/account/14' -i -X GET \
-H 'login: nick-15175' \
-H 'password: Password123' \
-H 'customerUri: cst15170' \
-H 'Accept: application/json'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 295
{"id":14,"accountId":"1afacfb6-5d47-47f2-9058-19693a3e72f0","macId":"eyJpZCI6MTQsInR5cGUiOiJQUklWQVRFX0FDTUUifQ==","macKey":"8311b209-fd7a-40e6-ba4b-b7083a4ba487","acmeServer":"Universal ACME Server","name":"Universal ACME Account","organizationId":1006,"profileName":"SSL PRIVATE_CA 876674632"}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Universal ACME account entity ID |
|
|
Universal ACME account name |
|
|
Universal ACME account HMAC key |
|
|
Universal ACME account key ID |
|
|
Universal ACME account server name |
|
|
Universal ACME account organization ID |
|
|
Universal ACME account ID |
|
|
Universal ACME account profile name |
Update Private CA’s ACME account
HTTP request
PUT /api/acme/v1/pca/account/18 HTTP/1.1
Content-Type: application/json
login: nick-15219
password: Password123
customerUri: cst15214
Content-Length: 41
Host: cert-manager.com
{"name":"Universal ACME Account Updated"}Path parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
|
Universal ACME account entity ID |
Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
name |
String |
Universal ACME account name |
[Must not be blank, Size must be between 1 and 128 inclusive] |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/pca/account/18' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'login: nick-15219' \
-H 'password: Password123' \
-H 'customerUri: cst15214' \
-d '{"name":"Universal ACME Account Updated"}'Example response
HTTP/1.1 200 OKDelete Private CA’s ACME account
HTTP request
DELETE /api/acme/v1/pca/account/12 HTTP/1.1
login: nick-15153
password: Password123
customerUri: cst15148
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
|
ID of Universal ACME account that being deleted |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/pca/account/12' -i -X DELETE \
-H 'login: nick-15153' \
-H 'password: Password123' \
-H 'customerUri: cst15148'Example response
HTTP/1.1 204 No ContentList Private CA’s ACME account’s clients
HTTP request
GET /api/acme/v1/pca/account/16/client?position=0&size=10&userAgent=acme&ipAddress=10.1&status=valid&status=pending&lastActivityWithinPrevDays=0 HTTP/1.1
login: nick-15197
password: Password123
customerUri: cst15192
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
|
SCM internal ID of Universal ACME account whose clients are requested. |
Request parameters
| Parameter | Description |
|---|---|
|
Position shift |
|
Count of entries |
|
The any substring of Universal ACME account client’s 'userAgent' field to match against |
|
The any substring of Universal ACME account client’s 'ipAddress' field to match against |
|
The status string of Universal ACME account client’s 'status' field to equal |
|
Number of days(from end of the current day to the past) that is used as a filter to get Universal ACME account’s clients whose 'lastActivity' field(date) falls within the specifies time period, so during which Universal ACME account’s client was last active (connected/requested the private CA). |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/pca/account/16/client?position=0&size=10&userAgent=acme&ipAddress=10.1&status=valid&status=pending&lastActivityWithinPrevDays=0' -i -X GET \
-H 'login: nick-15197' \
-H 'password: Password123' \
-H 'customerUri: cst15192'Example response
HTTP/1.1 200 OK
X-Total-Count: 2
Content-Type: application/json
Content-Length: 541
[{"id":59,"accountId":"FswPwHxLUh-caoO3AAAAAA==","ipAddress":"10.18.8.143","userAgent":"CertbotACMEClient/1.22.0 (certbot; Ubuntu 18.04.6 LTS) Authenticator/standalone Installer/None (certonly; flags: n) Py/3.6.9","status":"pending","lastActivity":"2023-03-07T20:05:43.465Z","contacts":"email@ccmqa.com"},{"id":58,"accountId":"FmcZgzSqt6TpAtQFAAAAAA==","ipAddress":"10.17.7.152","userAgent":"lego-cli/4.2.0 xenolf-acme/4.2.0 (release; windows; amd64)","status":"valid","lastActivity":"2023-03-07T20:05:43.465Z","contacts":"email@ccmqa.com"}]Response headers
| Name | Description |
|---|---|
|
Total count of filtered ACME account’s clients existing on Private CA side |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Universal ACME account’s clients |
|
|
Internal SCM identifier of Universal ACME account client |
|
|
Universal ACME account client’s accountID. Note this identifier is concerning to the ACME client itself, but not to its parent Universal ACME account. |
|
|
Universal ACME account client’s user agent name |
|
|
IP address of host from where the Universal ACME account’s client was last active |
|
|
Universal ACME account client’s status |
|
|
Date when Universal ACME account’s client was last active |
|
|
Contact(s) concerning of ACME client operations |
Delete Private CA’s ACME account’s client
HTTP request
DELETE /api/acme/v1/pca/account/13/client/52 HTTP/1.1
login: nick-15164
password: Password123
customerUri: cst15159
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
|
ID of Universal ACME account whose client will being deleted |
|
ID of Universal ACME account’s client that being deleted |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/pca/account/13/client/52' -i -X DELETE \
-H 'login: nick-15164' \
-H 'password: Password123' \
-H 'customerUri: cst15159'Example response
HTTP/1.1 204 No ContentACME server resource
List ACME servers
HTTP request
GET /api/acme/v1/server?position=0&size=10&name=OV+ACME+Server&url=https%3A%2Facmeserverfortest-OV&certValidationType=OV&caId=40485 HTTP/1.1
login: nick-130
password: Password123
customerUri: cst129
Host: cert-manager.comPath parameters
| Parameter | Description |
|---|---|
|
API version (v1) |
Request parameters
| Parameter | Description |
|---|---|
|
Position shift |
|
Count of entries |
|
ACME server name |
|
ACME server URL |
|
ACME server validation type. Values: [DV, OV, EV] |
|
ACME server CA ID |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/server?position=0&size=10&name=OV+ACME+Server&url=https%3A%2Facmeserverfortest-OV&certValidationType=OV&caId=40485' -i -X GET \
-H 'login: nick-130' \
-H 'password: Password123' \
-H 'customerUri: cst129'Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 169
[{"url":"https:/acmeserverfortest-OV","caId":40485,"name":"OV ACME Server","singleProductId":66362,"multiProductId":23234,"wcProductId":14608,"certValidationType":"OV"}]Response fields
| Path | Type | Description |
|---|---|---|
|
|
List of ACME servers |
|
|
ACME server name |
|
|
ACME server validation type. Values: [DV, OV, EV] |
|
|
ACME server URL |
|
|
ACME server CA ID |
|
|
ACME server single product ID |
|
|
ACME server multi product ID |
|
|
ACME server WC product ID |
ACME EV details resource
ACME EV details validation
Path parameters
| Parameter | Description |
|---|---|
|
API version |
Example request
$ curl 'https://cert-manager.com/api/acme/v1/evdetails/validation' -i -X POST \
-H 'Content-Type: application/json;charset=UTF-8' \
-H 'login: nick-15560' \
-H 'password: Password123' \
-H 'customerUri: cst15559' \
-d '{"orgName":"org4Test","orgCountry":"UA","postOfficeBox":"PostOfficeBox","orgAddress1":"Deribasovskaya 1","orgAddress2":"Street 2","orgAddress3":"Street 3","orgLocality":"Odesa","orgStateOrProvince":"Odeska oblast","orgPostalCode":"65059","orgJoiState":"Odeska oblast","orgJoiCountry":"UA","orgJoiLocality":"Odesa","assumedName":"Name DBA","businessCategory":"PrivateOrganization","dateOfIncorporation":"1970-01-01","companyNumber":"23459823565"}'Request fields
| Path | Type | Description | Constraints |
|---|---|---|---|
orgName |
String |
EV organization name |
[Must not be blank, Size must be between 0 and 128 inclusive] |
orgCountry |
String |
EV organization country |
[Size must be between 2 and 2 inclusive] |
postOfficeBox |
String |
EV organization post office box |
[Size must be between 0 and 40 inclusive] |
orgAddress1 |
String |
EV organization address 1 |
[Size must be between 0 and 128 inclusive] |
orgAddress2 |
String |
EV organization address 2 |
[Size must be between 0 and 128 inclusive] |
orgAddress3 |
String |
EV organization address 3 |
[Size must be between 0 and 128 inclusive] |
orgLocality |
String |
EV organization city |
[Size must be between 0 and 128 inclusive] |
orgStateOrProvince |
String |
EV organization state/province |
[Size must be between 0 and 128 inclusive] |
orgPostalCode |
String |
EV organization postal code |
[Size must be between 0 and 40 inclusive] |
orgJoiState |
String |
EV organization state or province of incorporation |
[Size must be between 0 and 128 inclusive] |
orgJoiCountry |
String |
EV organization country of incorporation |
[Size must be between 2 and 2 inclusive] |
orgJoiLocality |
String |
EV organization jurisdiction of incorporation city or town |
[Size must be between 0 and 128 inclusive] |
assumedName |
String |
EV organization assumed name |
[Size must be between 0 and 128 inclusive] |
businessCategory |
String |
EV organization business category. Values: [PrivateOrganization, GovernmentEntity, BusinessEntity, NonCommercialEntity] |
[] |
dateOfIncorporation |
String |
EV organization date of incorporation |
[Size must be between 8 and 8 inclusive] |
companyNumber |
String |
EV organization registration number |
[Size must be between 0 and 25 inclusive] |
Response body
{"domains":[{"name":"domain.ccmqa.com"},{"name":"sub.domain.ccmqa.com"}]}Response fields
| Path | Type | Description |
|---|---|---|
|
|
ACME account domains |
|
|
ACME account domain name |