Global Certificate Management
Create a Global Certificate
Description
Create a Global Certificate
URI
POST /admin-api/global/1/certs
URI Parameters
label:
type: string
required: no
description: label for the certificate
server_cert
type: string
required: no (when attempting to manually upload a certificate, it’s required)
description: end-entity certificate in pem format
priv_key
type: string
required: no (when attempting to manually upload a certificate, it’s required)
description: private key in pem format
cert_chain:
type: string
required: no
description: certificate chain, usually no need to upload
client_verify
type: boolean
required: no
description: Whether the certificate is used for client certificate validation, the default value is
false
.ca_cert
type: string
required: no (when attempting to enable client_verify, it’s required)
description: the field is required when using client certificate verification. The client certificate is signed using this ca
acme_host
type: string
required: no (when attempting to issue certificate via ACME, it’s required)
description: signing a certificate using acme, only wildcard domain name can be signed here.
acme_providers
type: integer
required: no
description: use the certificate issuer that supports ACME as defined in the global configuration. If not specified, Let’s Encrypt will be used
acme_csr_type
type: string
required: no
description: specify the encryption algorithm for the ACME issued certificate, which current support ‘rsa’ and ’ec’. The default value is ‘rsa’.
acme_use_uploaded_key
type: boolean
required: no
description: whether to use manual uploaded private key for the ACME issued certificate.
acme_takeover
type: boolean
required: no
description: whether the specified domains of the uploaded certificate is updated by the specified ACME provider. (the default value is false)
Example Request
Shell
curl -X POST \
-H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
https://{admin-site}/admin-api/global/1/certs \
-d '{"acme_host":"*.example.com"}'
Example Response
Status: 200 OK
{
"data": {"id": 1},
"status": 0
}
Get the global certificate list
Description
Get the global certificate list
URI
GET /admin-api/global/1/certs
Example Request
Shell
curl \
-H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
https://{admin-site}/admin-api/global/1/certs
Example Response
Status: 200 OK
{
"data": [
{
"client_verify": false,
"id": 1,
"server_cert": "-----BEGIN CERTIFICATE----- xxxx",
"acme_host": "*.example.com",
"expdate": 123456789
}
],
"status": 0
}
Update the Global certificate
Description
Update the Global certificate
URI
PUT /admin-api/global/1/certs/{cert_id}
Example Request
Shell
curl -X PUT \
-H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
https://{admin-site}/admin-api/global/1/certs/1 \
-d '{"acme_host": "*.test.com"}'
Example Response
Status: 200 OK
{"status":0}
Delete the certificate from global
Description
Delete the certificate from global
URI
DELETE /admin-api/global/1/certs/{cert_id}
Example Request
Shell
curl -X DELETE \
-H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
https://{admin-site}/admin-api/global/1/certs/1 \
Example Response
Status: 200 OK
{ "status": 0 }
Create ACME Provider
Description
Create ACME Provider
URI
POST /admin-api/global/1/acme_providers
URI Parameters
name
type: string
required: yes
description: name of ACME Provider
endpoint
type: string
required: yes
description: endpoint(URI) of ACME Provider
eab_kid
type: string
required: yes
description: EAB_KEY_ID field of ACME Provider
eab_hmac_key
type: string
required: yes
description: EAB_HMAC_KEY field of ACME Provider
email
type: string
required: no
description: email address
Example Request
Shell
curl -X POST \
-H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
https://{admin-site}/admin-api/global/1/acme_providers \
-d '{"name":"ZeroSSL","endpoint": "https://acme.zerossl.com/v2/DV90","eab_kid":"EAB_KEY_ID","eab_hmac_key":"EAB_HMAC_KEY"}'
Example Response
Status: 200 OK
{
"data": {"id": 1},
"status": 0
}
Get the ACME Provider list
Description
Get the ACME Provider list
URI
GET /admin-api/global/1/acme_providers
Example Request
Shell
curl \
-H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
https://{admin-site}/admin-api/global/1/acme_providers
Example Response
Status: 200 OK
{
"data": [
{
"id": 1,
"name": "ZeroSSL",
"endpoint": "https://acme.zerossl.com/v2/DV90",
"eab_kid": "EAB_KEY_ID",
"eab_hmac_key": "EAB_HMAC_KEY"
}
],
"status": 0
}
Update the ACME Provider
Description
Update the ACME Provider
URI
PUT /admin-api/global/1/acme_providers/{provider_id}
Example Request
Shell
curl -X PUT \
-H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
https://{admin-site}/admin-api/global/1/acme_providers/1 \
-d '{"eab_kid":"EAB_KEY_ID_2"}'
Example Response
Status: 200 OK
{"status":0}
Delete the ACME Provider
Description
Delete the ACME Provider
URI
DELETE /admin-api/global/1/acme_providers/{provider_id}
Example Request
Shell
curl -X DELETE \
-H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
https://{admin-site}/admin-api/global/1/acme_providers/1 \
Example Response
Status: 200 OK
{"status": 0}