Document toolboxDocument toolbox

Certificate operations

Owned by Juan Tomás Alonso Nieto (Deactivated)
Last updated: Aug 21, 2024
2 min read
[ 1 Overview ] [ 2 Endpoints and methods ]

Overview

Check the list of available endpoints and methods to work with domain certificates using the Provisioning API:

Endpoints and methods

Description

Endpoints and methods

Description

GET /cert/domain/{domainName} see below

List all the certificates in a given domain.

GET /certificate/{type} see below

Download certificates in a given domain.

Endpoints and methods

GET /cert/domain/{domainName}

The Provisioning API allows listing the domain certificates, using the operation above. The result will be provided as a list containing all the certificates assigned to the required domain name.

Path parameters

Add the following path parameters as part of the endpoint:

Parameter

Type

Description

Parameter

Type

Description

domainName required

string

Name of the required domain.

Find below a request example:

https://api-us.devo.com/probio/cert/domain/myDomain

Code

Description

Code

Description

200

Successful response. List of certificates retrieved.

[ { "thumbprint": "dbe971d3f735335f3534f87da77d9a051bf60a31", "type": "client", "certificate": null, "privateKey": "my-cert-key=\r\n", "ca": "ommited-for-brevity=\r\n" } ]

4xx

Bad request.

{ "error": { "code": 4xx, "message": "string" } }

GET /certificate/{type}

Download the available certificates in a given domain.

When downloading certificates, you need to provide domain-level credentials. Multitenant credentials do not contain the specific domain to download and thus cannot be used to download certificates.

Path parameters

Add the following path parameters as part of the endpoint:

Parameter

Type

Description

Parameter

Type

Description

type

string

Type of certificate to be downloaded. Possible values are:

  • pkcs12 - Downloads the .pkcs12 file.

  • tar - Compressed file including the .crt, .ca and .key files.

Legacy path

/certificate (without the /{type}) is a legacy path that remains just to ensure compatibility, but it returns the same response as if calling /certificate/{type} with type pkcs12.

Query string parameters

Query string parameters are added after the path parameters, preceded by a question mark (?) and separated by an ampersand (&)

Parameter

Type

Description

Parameter

Type

Description

name

string

Name of the certificate to be downloaded.

pwd

string

Password of the required certificate.

Depending on the parameters given, the behavior will be different:

  • Name and password provided → The service will look for a certificate matching the given values. A failure response will be sent on errors.

  • Name given, but no password provided → The service will assume the domain API secret as the certificate password. If the certificate exists but has a different password, an error will be returned.

  • No name nor password →  In this case, a certificate named '{domainName}_0' will be used, creating it when not found, and using the domain API secret as the password.

Find below a request example:

Code

Description

Code

Description

200

Successful response. Certificate downloaded.

4xx

Bad request.