Personal tools

From HEXONET Wiki

Jump to: navigation, search
Line 4: Line 4:
  
  
==What are the features of the new SSL API?==
+
== Why use the new SSL API? ==
 +
 
 +
With the new SSL API you can:
 +
* Order SSL certificates without having to provide contact data - given the domain name, we will retrieve the required contact information from the WHOIS
 +
* Order SSL certificates without having to create a CSR first - we take care of this for you
 +
* Order SSL certificates using contact handles - just like in domain commands
 +
* Use advanced validation methods - instead of confirming emails, you can prove that you have control over a domain by a simple DNS or web content modification
  
The new SSL API offers:
 
* SSL certificate orders where no contact data has to be provided - given the domain name, we retrieve the required contact information per WHOIS call
 
* SSL certificate orders where no CSR has to be provided - we can take care of this
 
* SSL certificate orders where the contact data can be provided via contact handles - just like in domain commands
 
* Advanced validation methods - instead of confirming emails, you can prove that you have control over a domain by a simple DNS or web content modification
 
  
 
== How to use the new SSL API? ==
 
== How to use the new SSL API? ==
Line 61: Line 62:
  
 
= Order certificate (API) =
 
= Order certificate (API) =
'''All parameters'''
+
'''All new parameters'''
 
<pre>
 
<pre>
 
[COMMAND]
 
[COMMAND]
 
command = CreateSSLCert
 
command = CreateSSLCert
 
sslcertclass = <CLASS>
 
sslcertclass = <CLASS>
 +
period = <INT>
  
 
ownercontact0 = <CONTACT>
 
ownercontact0 = <CONTACT>
Line 73: Line 75:
 
csrcontact0 = <CONTACT>
 
csrcontact0 = <CONTACT>
  
domain0 = <DOMAIN>
+
domain# = <DOMAIN>
domain1 = <DOMAIN>
+
validation# = EMAIL | DNSZONE | URL
...
+
validationemail# = <EMAIL>
 
+
validation0 = EMAIL | DNSZONE | URL
+
validation1 = EMAIL | DNSZONE | URL
+
...
+
 
+
validationemail0 = <EMAIL>
+
validationemail1 = <EMAIL>
+
...
+
 
+
csr0 = -----BEGIN CERTIFICATE REQUEST-----
+
csr1 = ...
+
...
+
 
+
pem0 = -----BEGIN RSA PRIVATE KEY-----
+
pem1 = ...
+
...
+
  
 +
csr# = <TEXT>
 +
pem# = <TEXT>
 
</pre>
 
</pre>
 
<pre>
 
<pre>
Line 158: Line 146:
 
...
 
...
  
 +
</pre>
 +
<br>
 +
'''Order certificate where you tell us exactly what contact data to put into the CSR'''
 +
<br>
 +
The CSR is created automatically using the contact data provided in csrcontact0.
 +
<pre>
 +
[COMMAND]
 +
command = CreateSSLCert
 +
sslcertclass = <CLASS>
 +
domain0 = <DOMAIN>
 +
ownercontact0=<CONTACT>
 +
admincontact0=<CONTACT>
 +
techcontact0=<CONTACT>
 +
billingcontact0=<CONTACT>
 +
csrcontact0=<CONTACT>
 +
</pre>
 +
<br>
 +
'''Order certificate with plain contact data'''
 +
<br>
 +
This works just like for domains.
 +
<pre>
 +
[COMMAND]
 +
command = CreateSSLCert
 +
sslcertclass = <CLASS>
 +
domain0 = <DOMAIN>
 +
 +
ownercontact0organization = <TEXT> | <NULL>
 +
ownercontact0firstname = <TEXT> | <NULL>
 +
ownercontact0lastname = <TEXT> | <NULL>
 +
ownercontact0street = <TEXT> | <NULL>
 +
ownercontact0city = <TEXT> | <NULL>
 +
ownercontact0state = <TEXT> | <NULL>
 +
ownercontact0zip = <TEXT> | <NULL>
 +
ownercontact0country = <TEXT> | <NULL>
 +
ownercontact0phone = <TEXT> | <NULL>
 +
ownercontact0fax = <TEXT> | <NULL>
 +
ownercontact0email = <TEXT> | <NULL>
 +
ownercontact0title = <TEXT> | <NULL>
 
</pre>
 
</pre>
 
<headertabs/>
 
<headertabs/>

Revision as of 09:53, 8 April 2016

New SSL API

Why use the new SSL API?

With the new SSL API you can:

  • Order SSL certificates without having to provide contact data - given the domain name, we will retrieve the required contact information from the WHOIS
  • Order SSL certificates without having to create a CSR first - we take care of this for you
  • Order SSL certificates using contact handles - just like in domain commands
  • Use advanced validation methods - instead of confirming emails, you can prove that you have control over a domain by a simple DNS or web content modification


How to use the new SSL API?

You can do that right away. Just make use of the new command parameters described below.



SSL certificate
COMODO_ESSENTIALSSL
COMODO_INSTANTSSL
COMODO_INSTANTSSL_PRO
COMODO_PREMIUMSSL
COMODO_PREMIUMSSL_WILDCARD
COMODO_EVSSL
COMODO_UCC
GEOTRUST_QUICKSSLPREMIUM
GEOTRUST_RAPIDSSL
GEOTRUST_RAPIDSSL_WILDCARD
SYMANTEC_SECURESITE
SYMANTEC_SECURESITEPRO
SYMANTEC_SECURESITEEV
SYMANTEC_SECURESITEPROEV
THAWTE_SSL123
THAWTE_SSLWEBSERVER
THAWTE_SSLWEBSERVEREV
THAWTE_SSLWEBSERVER_WILDCARD

All new parameters 

[COMMAND]
command = CreateSSLCert
sslcertclass = <CLASS>
period = <INT>

ownercontact0 = <CONTACT>
admincontact0 = <CONTACT>
techcontact0 = <CONTACT>
billingcontact0 = <CONTACT>
csrcontact0 = <CONTACT>

domain# = <DOMAIN>
validation# = EMAIL | DNSZONE | URL
validationemail# = <EMAIL>

csr# = <TEXT>
pem# = <TEXT>

[RESPONSE]
CODE=200
DESCRIPTION=Command completed successfully
PROPERTY[SSLCERTID][0]=<SSLCERTID>


Order certificate providing the domain name only
The contact data is retrieved from WHOIS. Private key and CSR are created automatically. 

[COMMAND]
command = CreateSSLCert
sslcertclass = <CLASS>
domain0 = <DOMAIN>


Order certificate with contact handles
The private key and CSR are created automatically. 

[COMMAND]
command = CreateSSLCert
sslcertclass = <CLASS>
domain0 = <DOMAIN>
ownercontact0=<CONTACT>
admincontact0=<CONTACT>
techcontact0=<CONTACT>
billingcontact0=<CONTACT>


Order certificate with your own CSR
The domain is retrieved from the provided CSR. 

[COMMAND]
command = CreateSSLCert
sslcertclass = <CLASS>
ownercontact0=<CONTACT>
admincontact0=<CONTACT>
techcontact0=<CONTACT>
billingcontact0=<CONTACT>
csr0 = -----BEGIN CERTIFICATE REQUEST-----
csr1 = ...
...


Order certificate with your own private key
The CSR is created automatically using the provided private key. 

[COMMAND]
command = CreateSSLCert
sslcertclass = <CLASS>
domain0 = <DOMAIN>
ownercontact0=<CONTACT>
admincontact0=<CONTACT>
techcontact0=<CONTACT>
billingcontact0=<CONTACT>
pem0 = -----BEGIN RSA PRIVATE KEY-----
pem1 = ...
...


Order certificate where you tell us exactly what contact data to put into the CSR
The CSR is created automatically using the contact data provided in csrcontact0. 

[COMMAND]
command = CreateSSLCert
sslcertclass = <CLASS>
domain0 = <DOMAIN>
ownercontact0=<CONTACT>
admincontact0=<CONTACT>
techcontact0=<CONTACT>
billingcontact0=<CONTACT>
csrcontact0=<CONTACT>


Order certificate with plain contact data
This works just like for domains. 

[COMMAND]
command = CreateSSLCert
sslcertclass = <CLASS>
domain0 = <DOMAIN>

ownercontact0organization = <TEXT> | <NULL>
ownercontact0firstname = <TEXT> | <NULL>
ownercontact0lastname = <TEXT> | <NULL>
ownercontact0street = <TEXT> | <NULL>
ownercontact0city = <TEXT> | <NULL>
ownercontact0state = <TEXT> | <NULL>
ownercontact0zip = <TEXT> | <NULL>
ownercontact0country = <TEXT> | <NULL>
ownercontact0phone = <TEXT> | <NULL>
ownercontact0fax = <TEXT> | <NULL>
ownercontact0email = <TEXT> | <NULL>
ownercontact0title = <TEXT> | <NULL>

Retrieved from "https://wiki.hexonet.net/index.php?title=New_SSL_API_Main_Page&oldid=6548"