Global Certificate Management

# Create a Global Certificate

# Description

Create a Global Certificate

# URI

POST /admin-api/global/1/certs

# URI Parameters

• label:

  type: string

  required: no

  description: label for the certificate

• server_cert

  type: string

  required: no (when attempting to manually upload a certificate, it’s required)

  description: end-entity certificate in pem format

• priv_key

  type: string

  required: no (when attempting to manually upload a certificate, it’s required)

  description: private key in pem format

• cert_chain:

  type: string

  required: no

  description: certificate chain, usually no need to upload

• client_verify

  type: boolean

  required: no

  description: Whether the certificate is used for client certificate validation, the default value is false.

• ca_cert

  type: string

  required: no (when attempting to enable client_verify, it’s required)

  description: the field is required when using client certificate verification. The client certificate is signed using this ca

• acme_host

  type: string

  required: no (when attempting to issue certificate via ACME, it’s required)

  description: signing a certificate using acme, only wildcard domain name can be signed here.

• acme_providers

  type: integer

  required: no

  description: use the certificate issuer that supports ACME as defined in the global configuration. If not specified, Let’s Encrypt will be used

• acme_csr_type

  type: string

  required: no

  description: specify the encryption algorithm for the ACME issued certificate, which current support ‘rsa’ and ’ec’. The default value is ‘rsa’.

• acme_use_uploaded_key

  type: boolean

  required: no

  description: whether to use manual uploaded private key for the ACME issued certificate.

• acme_takeover

  type: boolean

  required: no

  description: whether the specified domains of the uploaded certificate is updated by the specified ACME provider. (the default value is false)

# Example Request

# Shell

curl -X POST \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  https://{admin-site}/admin-api/global/1/certs \
  -d '{"acme_host":"*.example.com"}'

# Example Response

Status: 200 OK

{
  "data": {"id": 1},
  "status": 0
}

# Get the global certificate list

# Description

Get the global certificate list

# URI

GET /admin-api/global/1/certs

# Example Request

# Shell

curl \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  https://{admin-site}/admin-api/global/1/certs

# Example Response

Status: 200 OK

{
  "data": [
    {
      "client_verify": false,
      "id": 1,
      "server_cert": "-----BEGIN CERTIFICATE----- xxxx",
      "acme_host": "*.example.com",
      "expdate": 123456789
    }
  ],
  "status": 0
}

# Update the Global certificate

# Description

Update the Global certificate

# URI

PUT /admin-api/global/1/certs/{cert_id}

# Example Request

# Shell

curl -X PUT \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  https://{admin-site}/admin-api/global/1/certs/1 \
  -d '{"acme_host": "*.test.com"}'

# Example Response

Status: 200 OK

{"status":0}

# Delete the certificate from global

# Description

Delete the certificate from global

# URI

DELETE /admin-api/global/1/certs/{cert_id}

# Example Request

# Shell

curl -X DELETE \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  https://{admin-site}/admin-api/global/1/certs/1 \

# Example Response

Status: 200 OK

{ "status": 0 }

# Create ACME Provider

# Description

Create ACME Provider

# URI

POST /admin-api/global/1/acme_providers

# URI Parameters

• name

  type: string

  required: yes

  description: name of ACME Provider

• endpoint

  type: string

  required: yes

  description: endpoint(URI) of ACME Provider

• eab_kid

  type: string

  required: yes

  description: EAB_KEY_ID field of ACME Provider

• eab_hmac_key

  type: string

  required: yes

  description: EAB_HMAC_KEY field of ACME Provider

• email

  type: string

  required: no

  description: email address

# Example Request

# Shell

curl -X POST \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  https://{admin-site}/admin-api/global/1/acme_providers \
  -d '{"name":"ZeroSSL","endpoint": "https://acme.zerossl.com/v2/DV90","eab_kid":"EAB_KEY_ID","eab_hmac_key":"EAB_HMAC_KEY"}'

# Example Response

Status: 200 OK

{
  "data": {"id": 1},
  "status": 0
}

# Get the ACME Provider list

# Description

Get the ACME Provider list

# URI

GET /admin-api/global/1/acme_providers

# Example Request

# Shell

curl \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  https://{admin-site}/admin-api/global/1/acme_providers

# Example Response

Status: 200 OK

{
  "data": [
    {
      "id": 1,
      "name": "ZeroSSL",
      "endpoint": "https://acme.zerossl.com/v2/DV90",
      "eab_kid": "EAB_KEY_ID",
      "eab_hmac_key": "EAB_HMAC_KEY"
    }
  ],
  "status": 0
}

# Update the ACME Provider

# Description

Update the ACME Provider

# URI

PUT /admin-api/global/1/acme_providers/{provider_id}

# Example Request

# Shell

curl -X PUT \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  https://{admin-site}/admin-api/global/1/acme_providers/1 \
  -d '{"eab_kid":"EAB_KEY_ID_2"}'

# Example Response

Status: 200 OK

{"status":0}

# Delete the ACME Provider

# Description

Delete the ACME Provider

# URI

DELETE /admin-api/global/1/acme_providers/{provider_id}

# Example Request

# Shell

curl -X DELETE \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  https://{admin-site}/admin-api/global/1/acme_providers/1 \

# Example Response

Status: 200 OK

{"status": 0}