This is a series of articles dedicated to demonstrating how to get acquainted with Openprovider SSL API methods. If you want to go the beginning of this guide, please navigate to the article "1 How to choose a product".
To get more information about our API in general, please use our documentation portal as your reference.
1. CSR
2. Approver email address
Please note, one more action is required before submitting a request: you will need to provide a "handle" - this is how Openprovider calls a contact person from your reseller account.
Please refer to this guide if you do not have a handle in your Openprovider account yet.
After a handle has been created, please move on to submitting a request.
- send certificate request to the Certificate Authority (CA) immediately (status of the certificate will be REQ). In this case you will not be able to edit certificate data further (e.g. domain name, contact data, etc.). To choose this variant you should send start_provision = true.
- create certificate only in Openprovider without sending request to the CA immediately (status of the certificate will be PAI). In this case you will be able to update any certificate data (instead of the parameters that correspond to the chosen product). To choose this variant you should send start_provision = false (it is default value). To send request to the CA you will need to use update SSL order request with start_provision = true.
POST {base_url}/ssl/orders/
REQUEST VALUES↓
Name |
Type |
Values |
Description |
---|---|---|---|
product_id | integer | Checklist of products ID available. |
Mandatory parameter. The ID of the product order will be created for. |
period | integer | 1 or 2 |
Mandatory parameter. Period of the certificate lifetime. |
domain_amount | integer |
Optional parameter. The domains amount should be included. Required for the multi-domain certificates. If it is not provided will be set to the included_domains_count (check product description) in case of start_provision = 0 and to the amount of the sent domains in case of start_provision = 1. |
|
csr | string |
Mandatory parameter. Certificate signing request including information regarding the further certificate. Been already generated before. |
|
host_names | array | Array of strings |
Optional parameter. Array of hostnames. This parameter is optional, and only allowed in combination with a multi domain SSL certificate. If passed, the hostnames in this parameter will override any hostnames in the CSR, except for the common name. |
1. domain_validation_methods | array |
Optional parameter. Allows to select a specific method for Domain Validation. Hostnames in the array must be equal to hostnames specified in the request (commonName and SANs from the CSR and hostnames). |
|
1.1 host_name | string | Mandatory parameter. Hostname specified in the request (commonName and SANs from the CSR and hostnames). | |
1.2 method | string | Mandatory parameter. The validation method (e.g. 'https'). Check DCV methods description for more details. | |
approver_email | string | Email address. | Optional parameter. Valid email address (e.g. admin@example.com). |
signature_hash_algorithm | string | sha1 (deprecated) or sha2 (default) | Mandatory parameter. Hashing algorithm of the further certificate. Use sha2 or leave blank as by default. |
software_id | string | linux or windows. | Mandatory parameter. Software used on a host where the certificate will be installed. |
start_provision | boolean | true or false (default). | Optional parameter. If false then request won't be sent to CA (will stay in status PAI and to change it you'll need to use update order sending start_provision = true) and it will be sent to CA in a case of true. |
organization_handle | string | Handle from reseller account. | Mandatory parameter. Contact of the certificate owner person with organization data (e.g. XY123456-ZW). |
technical_handle | string | Handle from reseller account. |
Optional parameter. Contact of certificate technical person |
autorenew | string | "on" or "off" (default) | Indicates if the certificate should be automatically renewed (check renew process description for the details). |
REQUEST EXAMPLE↓
curl -X POST \
https://api.cte.openprovider.eu/v1beta/ssl/orders \
-H 'Authorization: Bearer deb4bf804928981b018caf45c3c4142b' \
-H 'Content-Type: application/json' \
-d '{
"approver_email": "admin@ssl-123-domain.com",
"autorenew": "off",
"csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIIDNzCCAh8CAQAwgaUxCzAJBgNVBAYTAk5MMRYwFAYDVQQIEw1Ob29yZC1Ib2xs\n
YW5kMQ8wDQYDVQQHEwZIYWFsZW0xGjAYBgNVBAoTEU9wZW5wcm92aWRlciBCLlYu\nMQswCQYDVQQLEwJJVDEbMBkGA1UEAxMSc3NsLTEyMy1kb21haW4uY29tMScwJQYJ\n
KoZIhvcNAQkBFhhhZG1pbkBzc2wtMTIzLWRvbWFpbi5jb20wggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQD4t7KW7vJ8Zjw9xZMo1iU4ez7pdPPglmSNNRAk\n
iJXzTda9cIYPjwxduUR7A8EsgxFT/jQ99Gmjyq85liSX45z88eT5a7f84alEfCui\nMzZh9DUK6Y8nigATFnjOohJhkEXXay8K0fY7/DXD6dSqJYJkhqULedsvB64ofip0\n
0ab8PlgOkdphcLUxKOGcpt8xWpzgKpMTJJnmRVkI7rkikYAU7BWxtJ5tcg/lEFcl\nruh/WUxeBH6qJMZ5xHZ2Z1EWLjiVGb6Mw+sYBUky4WDX9xefv2wl48dEA3opWR9e\n
vTL/8Omo7xDk3vN4nEOAl9cT8gidVHuA+YOLMczLLrhP8LRPAgMBAAGgTDBKBgkq\nhkiG9w0BCQ4xPTA7MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMCEGA1UdEQQaMBiC\n
Fnd3dy5zc2wtMTIzLWRvbWFpbi5jb20wDQYJKoZIhvcNAQELBQADggEBAJVyt+D8\nBDxcQhuT4kOd8A2u0a+T0PAXX7uJcu1AkJr1gMS6tym118nmjXLilgSsL3IarRq2\n
1taUMoxlyZuXe38IztCBuUxpKiZz6Ltx5yUrQZaFNNOVsHNjXHe5oajVA1f7dmoI\nIa3E/fpeHpoPzbWdTv1bfMHuAfHIRqVuTHG78T4fJh4JFXfyHfVbLUN5wc9D7oPo\n
amGOFSUZoY/HLwfGf1zJMqsF9HEreCVmhWGoIHknzKbIhe7sngzR1We3aafNAUOd\nQ3gov4okpEI8yurKRrGSSo1ZzWqiIew5qEkm6gNGAwVWYgZ0kgadXjJQEBdx6deZ\n
4eJiaV7IwubPS78=\n-----END CERTIFICATE REQUEST-----",
"domain_amount": 1,
"domain_validation_methods": [
{
"host_name": "ssl-123-domain.com",
"method": "dns"
}
],
"organization_handle": "IA900531-NL",
"period": 1,
"product_id": 5,
"signature_hash_algorithm": "sha2",
"software_id": "linux",
"start_provision": false,
"technical_handle": "IA900531-NL"
}'
RESPONSE EXAMPLE↓
{
"code": 0,
"data": {
"id": 1
},
"desc": ""
}
RESPONSE VALUES↓
Name |
Values |
Description |
---|---|---|
code |
numeric value |
API Result with code returned. |
1. data |
SSL Create Order operation response data. | Set of values with data returned. |
1.1 id |
Openprovider order ID. | Openprovider order number assigned to request. |
desc |
Description string (if exist). | Description (if presented). |
maintenance |
True or False. | The maintenance: True or False. |
2. warnings |
An array of warning messages. | An array of boolean and string data returned if maintenance is in progress. |
2.1 code |
integer | Code value (digits). |
2.2 data |
string | Data value returned. |
2.3 desc |
string | The description value returned. |
Once we created our SSL Order in status PAI and we got from the response it's ID that is "1".
Using the next method we will retrieve our order with all data included.
Check "5 Retrieving SSL Orders".
It can be helpful in a case if you want to check your order status and current parameters, such as status, checksum, validation methods, DNS records should be created to approve ownership (in a case of DNS validation), etc.