CZERTAINLY ACME API (2.13.1)
Download OpenAPI specification:Download
ACME API according to the RFC 8555
Interfaces used by ACME clients to request ACME related operations. ACME Profile defines the behaviour for the specific ACME configuration. When the ACME Profile contains default RA Profile, it can be used by the ACME clients to request operations on their specific URL.
Revoke Certificate
path Parameters
| acmeProfileName required | string ACME Profile name |
Request Body schema: application/jose+jsonrequired
Certificate Revocation JWS payload
| certificate required | string Certificate in base64url-encoded version of DER format |
| reason |
Responses
Request samples
- Payload
{- "certificate": "<base64url-encoded version of the DER format>",
- "reason": 1
}Response samples
- 400
- 401
- 403
{- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
}List Orders
path Parameters
| acmeProfileName required | string ACME Profile name |
| accountId required | string Account Id |
Request Body schema: application/jose+jsonrequired
List Orders JWS Payload
Responses
Response samples
- 200
- 400
- 401
- 403
[- {
- "status": "pending",
- "expires": "2019-08-24T14:15:22Z",
- "identifiers": [
- {
- "type": "dns",
- "value": "www.some-domain.com"
}
], - "notBefore": "2019-08-24T14:15:22Z",
- "notAfter": "2019-08-24T14:15:22Z",
- "error": {
- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
},
}
]Get Order details
path Parameters
| acmeProfileName required | string ACME Profile name |
| orderId required | string Order Id |
Request Body schema: application/jose+jsonrequired
Get Order details payload
Responses
Response samples
- 200
- 400
- 401
- 403
{- "status": "pending",
- "expires": "2019-08-24T14:15:22Z",
- "identifiers": [
- {
- "type": "dns",
- "value": "www.some-domain.com"
}
], - "notBefore": "2019-08-24T14:15:22Z",
- "notAfter": "2019-08-24T14:15:22Z",
- "error": {
- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
},
}Finalize Order
path Parameters
| acmeProfileName required | string ACME Profile name |
| orderId required | string Order Id |
Request Body schema: application/jose+jsonrequired
Finalize Order JWS payload
| csr required | string CSR in Base64url-encoded version of the DER format |
Responses
Request samples
- Payload
{- "csr": "<base64url-encoded version of the DER format>"
}Response samples
- 200
- 400
- 401
- 403
{- "status": "pending",
- "expires": "2019-08-24T14:15:22Z",
- "identifiers": [
- {
- "type": "dns",
- "value": "www.some-domain.com"
}
], - "notBefore": "2019-08-24T14:15:22Z",
- "notAfter": "2019-08-24T14:15:22Z",
- "error": {
- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
},
}Request new Order
path Parameters
| acmeProfileName required | string ACME Profile name |
Request Body schema: application/jose+jsonrequired
New Order JWS payload
required | Array of objects (Identifier) List of Identifiers for the Order |
| notBefore | string <date-time> Requested value of notBefore field in the certificate |
| notAfter | string <date-time> Requested value of notAfter field in the certificate |
Responses
Request samples
- Payload
{- "identifiers": [
- {
- "type": "dns",
- "value": "www.some-domain.com"
}
], - "notBefore": "2019-08-24T14:15:22Z",
- "notAfter": "2019-08-24T14:15:22Z"
}Response samples
- 201
- 400
- 401
- 403
{- "status": "pending",
- "expires": "2019-08-24T14:15:22Z",
- "identifiers": [
- {
- "type": "dns",
- "value": "www.some-domain.com"
}
], - "notBefore": "2019-08-24T14:15:22Z",
- "notAfter": "2019-08-24T14:15:22Z",
- "error": {
- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
},
}Create Account
path Parameters
| acmeProfileName required | string ACME Profile name |
Request Body schema: application/jose+jsonrequired
New Account JWS payload
| contact | Array of strings List of contacts for the Account. Required if the required flag is set in ACME Profile |
| termsOfServiceAgreed | boolean Terms of Service agreed flag. true = Yes, false = No. Required if the required flag is set in ACME Profile |
| onlyReturnExisting | boolean Default: false Return existing Account only flag |
Responses
Request samples
- Payload
{- "contact": [
- "mailto:someadmin@domain.com"
], - "termsOfServiceAgreed": false,
- "onlyReturnExisting": false
}Response samples
- 200
- 201
- 400
- 401
- 403
{- "status": "valid",
- "contact": [
- "mailto:someadmin@domain.com"
], - "termsOfServiceAgreed": true,
}Key Rollover
path Parameters
| acmeProfileName required | string ACME Profile name |
Request Body schema: application/jose+jsonrequired
Key Rollover JWS payload
| account required | string Account URL |
| oldKey required | string Old key of the Account |
Responses
Request samples
- Payload
{- "oldKey": "<Account old key content>"
}Response samples
- 200
- 400
- 401
- 403
- 409
{ }Validate Challenge
path Parameters
| acmeProfileName required | string ACME Profile name |
| challengeId required | string Challenge Id |
Request Body schema: application/jose+jsonrequired
Initiate Challenge validation JWS Payload
Responses
Request samples
- Payload
{ }Response samples
- 200
- 400
- 401
- 403
{- "type": "dns-01",
- "status": "pending",
- "validated": "2019-08-24T14:15:22Z",
- "error": {
- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
}, - "token": "JGuyIUgkRGFYTER658ykjfYFur76fkFitur7FGHRiytrkfIruFF"
}Download Certificate
path Parameters
| acmeProfileName required | string ACME Profile name |
| certificateId required | string Certificate Id |
Request Body schema: application/jose+jsonrequired
Download Certificate Payload
Responses
Response samples
- 400
- 401
- 403
{- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
}Get Authorizations for an Order
path Parameters
| acmeProfileName required | string ACME Profile name |
| authorizationId required | string Authorization Id |
Request Body schema: application/jose+jsonrequired
Get Authorization of Order JWS Payload
Responses
Request samples
- Payload
"string"Response samples
- 200
- 400
- 401
- 403
{- "identifier": {
- "type": "dns",
- "value": "www.some-domain.com"
}, - "status": "pending",
- "expires": "2019-08-24T14:15:22Z",
- "challenges": [
- {
- "type": "dns-01",
- "status": "pending",
- "validated": "2019-08-24T14:15:22Z",
- "error": {
- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
}, - "token": "JGuyIUgkRGFYTER658ykjfYFur76fkFitur7FGHRiytrkfIruFF"
}
], - "wildcard": false
}Update Account
path Parameters
| acmeProfileName required | string ACME Profile name |
| accountId required | string Account ID |
Request Body schema: application/jose+jsonrequired
Account JWS payload
| contact | Array of strings List of contacts for the Account. Required if the required flag is set in ACME Profile |
| termsOfServiceAgreed | boolean Terms of Service agreed flag. true = Yes, false = No. Required if the required flag is set in ACME Profile |
| onlyReturnExisting | boolean Default: false Return existing Account only flag |
Responses
Request samples
- Payload
{- "contact": [
- "mailto:someadmin@domain.com"
], - "termsOfServiceAgreed": false,
- "onlyReturnExisting": false
}Response samples
- 200
- 400
- 401
- 403
{- "status": "valid",
- "contact": [
- "mailto:someadmin@domain.com"
], - "termsOfServiceAgreed": true,
}Interfaces used by ACME clients to request ACME related operations on top of RA Profile. ACME Profile defines the behaviour for the specific ACME configuration. ACME Profile is bound with specific RA Profile and it can be used by the ACME clients to request operations on their specific URL. These operations are always specific only for the RA Profile.
Revoke Certificate
path Parameters
| raProfileName required | string RA Profile name |
Request Body schema: application/jose+jsonrequired
Certificate Revocation JWS payload
| certificate required | string Certificate in base64url-encoded version of DER format |
| reason |
Responses
Request samples
- Payload
{- "certificate": "<base64url-encoded version of the DER format>",
- "reason": 1
}Response samples
- 400
- 401
- 403
{- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
}List Orders
path Parameters
| raProfileName required | string RA Profile name |
| accountId required | string Account Id |
Request Body schema: application/jose+jsonrequired
List Orders JWS Payload
Responses
Response samples
- 200
- 400
- 401
- 403
[- {
- "status": "pending",
- "expires": "2019-08-24T14:15:22Z",
- "identifiers": [
- {
- "type": "dns",
- "value": "www.some-domain.com"
}
], - "notBefore": "2019-08-24T14:15:22Z",
- "notAfter": "2019-08-24T14:15:22Z",
- "error": {
- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
},
}
]Get Order details
path Parameters
| raProfileName required | string RA Profile name |
| orderId required | string Order Id |
Request Body schema: application/jose+jsonrequired
Get Order details payload
Responses
Response samples
- 200
- 400
- 401
- 403
{- "status": "pending",
- "expires": "2019-08-24T14:15:22Z",
- "identifiers": [
- {
- "type": "dns",
- "value": "www.some-domain.com"
}
], - "notBefore": "2019-08-24T14:15:22Z",
- "notAfter": "2019-08-24T14:15:22Z",
- "error": {
- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
},
}Finalize Order
path Parameters
| raProfileName required | string RA Profile name |
| orderId required | string Order Id |
Request Body schema: application/jose+jsonrequired
Finalize Order JWS payload
| csr required | string CSR in Base64url-encoded version of the DER format |
Responses
Request samples
- Payload
{- "csr": "<base64url-encoded version of the DER format>"
}Response samples
- 200
- 400
- 401
- 403
{- "status": "pending",
- "expires": "2019-08-24T14:15:22Z",
- "identifiers": [
- {
- "type": "dns",
- "value": "www.some-domain.com"
}
], - "notBefore": "2019-08-24T14:15:22Z",
- "notAfter": "2019-08-24T14:15:22Z",
- "error": {
- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
},
}Request new Order
path Parameters
| raProfileName required | string RA Profile name |
Request Body schema: application/jose+jsonrequired
New Order JWS payload
required | Array of objects (Identifier) List of Identifiers for the Order |
| notBefore | string <date-time> Requested value of notBefore field in the certificate |
| notAfter | string <date-time> Requested value of notAfter field in the certificate |
Responses
Request samples
- Payload
{- "identifiers": [
- {
- "type": "dns",
- "value": "www.some-domain.com"
}
], - "notBefore": "2019-08-24T14:15:22Z",
- "notAfter": "2019-08-24T14:15:22Z"
}Response samples
- 201
- 400
- 401
- 403
{- "status": "pending",
- "expires": "2019-08-24T14:15:22Z",
- "identifiers": [
- {
- "type": "dns",
- "value": "www.some-domain.com"
}
], - "notBefore": "2019-08-24T14:15:22Z",
- "notAfter": "2019-08-24T14:15:22Z",
- "error": {
- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
},
}Create Account
path Parameters
| raProfileName required | string RA Profile name |
Request Body schema: application/jose+jsonrequired
New Account JWS payload
| contact | Array of strings List of contacts for the Account. Required if the required flag is set in ACME Profile |
| termsOfServiceAgreed | boolean Terms of Service agreed flag. true = Yes, false = No. Required if the required flag is set in ACME Profile |
| onlyReturnExisting | boolean Default: false Return existing Account only flag |
Responses
Request samples
- Payload
{- "contact": [
- "mailto:someadmin@domain.com"
], - "termsOfServiceAgreed": false,
- "onlyReturnExisting": false
}Response samples
- 200
- 201
- 400
- 401
- 403
{- "status": "valid",
- "contact": [
- "mailto:someadmin@domain.com"
], - "termsOfServiceAgreed": true,
}Key Rollover
path Parameters
| raProfileName required | string RA Profile name |
Request Body schema: application/jose+jsonrequired
Key Rollover JWS Payload
| account required | string Account URL |
| oldKey required | string Old key of the Account |
Responses
Request samples
- Payload
{- "oldKey": "<Account old key content>"
}Response samples
- 400
- 401
- 403
- 409
{- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
}Validate Challenge
path Parameters
| raProfileName required | string RA Profile name |
| challengeId required | string Challenge Id |
Request Body schema: application/jose+jsonrequired
Initiate Challenge validation JWS Payload
Responses
Request samples
- Payload
{ }Response samples
- 200
- 400
- 401
- 403
{- "type": "dns-01",
- "status": "pending",
- "validated": "2019-08-24T14:15:22Z",
- "error": {
- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
}, - "token": "JGuyIUgkRGFYTER658ykjfYFur76fkFitur7FGHRiytrkfIruFF"
}Download Certificate
path Parameters
| raProfileName required | string RA Profile name |
| certificateId required | string Certificate Id |
Request Body schema: application/jose+jsonrequired
Download Certificate Payload
Responses
Response samples
- 400
- 401
- 403
{- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
}Get Authorizations for an Order
path Parameters
| raProfileName required | string RA Profile name |
| authorizationId required | string Authorization Id |
Request Body schema: application/jose+jsonrequired
Get Authorization of Order JWS Payload
Responses
Request samples
- Payload
"string"Response samples
- 200
- 400
- 401
- 403
{- "identifier": {
- "type": "dns",
- "value": "www.some-domain.com"
}, - "status": "pending",
- "expires": "2019-08-24T14:15:22Z",
- "challenges": [
- {
- "type": "dns-01",
- "status": "pending",
- "validated": "2019-08-24T14:15:22Z",
- "error": {
- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
}, - "token": "JGuyIUgkRGFYTER658ykjfYFur76fkFitur7FGHRiytrkfIruFF"
}
], - "wildcard": false
}Update Account
path Parameters
| raProfileName required | string RA Profile name |
| accountId required | string Account ID |
Request Body schema: application/jose+jsonrequired
Account JWS payload
| contact | Array of strings List of contacts for the Account. Required if the required flag is set in ACME Profile |
| termsOfServiceAgreed | boolean Terms of Service agreed flag. true = Yes, false = No. Required if the required flag is set in ACME Profile |
| onlyReturnExisting | boolean Default: false Return existing Account only flag |
Responses
Request samples
- Payload
{- "contact": [
- "mailto:someadmin@domain.com"
], - "termsOfServiceAgreed": false,
- "onlyReturnExisting": false
}Response samples
- 200
- 400
- 401
- 403
{- "status": "valid",
- "contact": [
- "mailto:someadmin@domain.com"
], - "termsOfServiceAgreed": true,
}Response samples
- 400
- 401
- 403
{- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
}Response samples
- 400
- 401
- 403
{- "type": "notFound",
- "title": "Not Found",
- "detail": "Requested object is not found",
- "subproblems": [
- { }
], - "algorithms": "ES256"
}