Reselling SSL certificates

 

This article contains API requests that allow you to work with certificates at https://api-eu.ispmanager.com

SSL certificate ID's

Available actions:

  1. Order SSL-certificate
  2. Order SSL certificate with an existing CSR
  3. Issue an existing certificate
  4. Reissue certificate
  5. Delete certificate
  6. Get a list of countries with digital codes
  7. Receive data to confirm SSL certificate
  8. Re-request for DNS validation
  9. Re-request for email validation

API address of ispmanager billing system: https://api-eu.ispmanager.com.

Authorization in the system is performed using the parameter authinfo, which takes the value authinfo=EMAIL:PASSWORD, where:

To order certificates for multiple domains, you must pass additional domains written with a space in the altname and altname_input parameters.

Examples of ordering a secret key and SSL certificate for multiple domains. The remaining queries are generated in the same way as the examples.

For GET requests use "%20" instead of a space to correctly process the request; for POST-requests the space is kept.

Order SSL certificate

Ordering SSL-certificate consists of 2 steps:

  1. Get the secret key or Get the secret key for multiple domains.
  2. Order SSL certificate or Order an SSL certificate for multiple domains.

Get the secret key

To get the secret key, send the following request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.order.csr&sok=ok&snext=ok&crt_type=generate&field_country=COUNTRY&period=12&pricelist=PRICELIST&CN=DOMAIN&ST=REGION&L=CITY&O=ORGANIZATION&OU=ORG_UNIT&emailAddress=EMAIL

The order is made using the certificate.order.csr function, which has the parameters:

  • authinfo – billing access data in EMAIL:PASSWORD format;
  • field_country – country code (182 - Russia);
  • period – period in months (12 or 24);
  • pricelist – tariff plan ID (see Table of certificate ID's );
  • CN – domain;
  • ST – region;
  • L – city;
  • O – organization;
  • OU – department (optional);
  • emailAddress – e-mail (optional).

If the response is successful, the model.csr and model.key fields will contain the request and the key, which must be saved for future use.

Get the secret key for multiple domains

To get the secret key for multiple domains, you need to send the following request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.order.csr&sok=ok&snext=ok&crt_type=generate&field_country=COUNTRY&period=12&pricelist=PRICELIST&CN=DOMAIN&ST=REGION&L=CITY&O=ORGANIZATION&OU=ORG_UNIT&emailAddress=EMAIL&altname_input=example1.com%20example2.com&altname=example1.com%20example2.com

Order SSL certificate

To order an SSL certificate, you need to send the following request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.order.param&sok=ok&skipbasket=on&crt_type=generate&field_country=COUNTRY&period=12&pricelist=PRICELIST&CN=DOMAIN&ST=REGION&L=CITY&O=ORGANIZATION&OU=ORG_UNIT&emailAddress=EMAIL&adm_fname=NAME&adm_lname=LASTNAME&adm_jtitle=POSITION&adm_email=EMAIL&adm_phone=PHONE&tech_fname=NAME&tech_lname=LASTNAME&tech_jtitle=POSITION&tech_email=EMAIL&tech_phone=PHONE&approver_email_1=EMAIL&csr=CSR&key=KEY

The order is executed using the certificate.order.param function, which contains the following parameters:

  • authinfo – billing access data in EMAIL:PASSWORD format;
  • skipbasket – when passing the value on, adding to cart will be skipped, and the payment will be immediately debited from the personal account;
  • field_country – country code (182 - Russia);
  • period – period in months(12 или 24);
  • pricelist – tariff plan ID (see Table of certificate ID's);
  • CN – domain;
  • ST – region;
  • L – city;
  • O – organization;
  • OU – department (optional);
  • emailAddress – e-mail (optional);
  • adm_fname – the administrative contact name;
  • adm_lname – the administrative contact last name;
  • adm_jtitle – the administrative contact position;
  • adm_email – the administrative contact e-mail;
  • adm_phone – the administrative contact phone number;
  • tech_fname – the technical contact name;
  • tech_lname – the technical contact last name;
  • tech_jtitle – the technical contact position;
  • tech_email – the technical contact e-mail;
  • tech_phone – the technical contact phone number;
  • approver_email_1 – the email address for certificate confirmation; this e-mail must be one of the following, where DOMAIN - the domain, sent in the CN parameter:
    • admin@DOMAIN;
    • administrator@DOMAIN;
    • hostmaster@DOMAIN;
    • postmaster@DOMAIN;
    • webmaster@DOMAIN;
  • csr - the csr key received when getting a secret key;
  • key - the key received when getting a secret key.

Order SSL certificate for multiple domains

To order an SSL certificate for multiple domains, you need to send the following request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.order.param&sok=ok&skipbasket=on&crt_type=generate&field_country=COUNTRY&period=12&pricelist=PRICELIST&CN=DOMAIN&ST=REGION&L=CITY&O=ORGANIZATION&OU=ORG_UNIT&emailAddress=EMAIL&adm_fname=NAME&adm_lname=LASTNAME&adm_jtitle=POSITION&adm_email=EMAIL&adm_phone=PHONE&tech_fname=NAME&tech_lname=LASTNAME&tech_jtitle=POSITION&tech_email=EMAIL&tech_phone=PHONE&csr=CSR&key=KEY&altname_input=example1.com%20example2.com&altname=example1.com%20example2.com&approver_email_1=EMAIL&approver_email_2=EMAIL2&approver_email_3=EMAIL3&addon_55364=2

If the domain is verified by email, you need to pass the parameters approver_email_n with the value of email for verification, where n is the order of domains (1 is the main one, and 2, 3, etc. are the additional ones).

So, it is necessary to additionally pass approver_email_2 and approver_email_3 The rules for them are the same as for approver_email_1, but the domain must match the domain from the alt name parameter. For example, in the request above approver_email_2 could be admin@example1.com, administrator@example1.com, etc.

Also, in the addon_{SSL code} parameter, you must pass the number of domains that were recorded as additional.

In the example request above – addon_55364=2. where:
  • 55364 – means ordering a multi-domain certificate from GlobalSign DomainSSL;
  • 2 –2 additional domains in the certificate.

Order SSL certificate with an existing CSR

To order an SSL certificate, you need to send the following request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.order.param&sok=ok&skipbasket=on&crt_type=manual&period=12&pricelist=PRICELIST&adm_fname=NAME&adm_lname=LASTNAME&adm_jtitle=POSITION&adm_email=EMAIL&adm_phone=PHONE&tech_fname=NAME&tech_lname=LASTNAME&tech_jtitle=POSITION&tech_email=EMAIL&tech_phone=PHONE&approver_email_1=EMAIL&csr=CSR

The order is executed using the certificate.order.param function, which contains the following parameters:

  • authinfo – billing access data in EMAIL:PASSWORD format;
  • skipbasket – when passing the value on, adding to cart will be skipped, and the payment will be immediately debited from the personal account;
  • period – period in months (12 or 24);
  • pricelist – tariff plan (see Table of certificate ID's);
  • adm_fname – the administrative contact name;
  • adm_lname – the administrative contact last name;
  • adm_jtitle – the administrative contact position;
  • adm_email – the administrative contact e-mail;
  • adm_phone – the administrative contact phone number;
  • tech_fname – the technical contact name;
  • tech_lname – the technical contact last name;
  • tech_jtitle – the technical contact position;
  • tech_email – the technical contact e-mail;
  • tech_phone – the technical contact phone number;
  • approver_email_1 –the email address for certificate confirmation; this e-mail must be one of the following, where DOMAIN - the domain, sent in the CN parameter:
    • admin@DOMAIN;
    • administrator@DOMAIN;
    • hostmaster@DOMAIN;
    • postmaster@DOMAIN;
    • webmaster@DOMAIN;
  • csr - csr key.

Issue of an existing certificate

The existing SSL certificate issue is performed with the certificate.file function. ORDER_ID is the certificate ID.

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&func=certificate.file&elid=ORDER_ID&type=crt

Reissue certificate

The SSL certificate reissue is performed with the certificate.reissue function. The elid parameter defines the certificate to be reissued

To reissue an SSL certificate, you need to send a request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.reissue.step2&elid={ID сертификата}&crt_type=oldrequest&approver_method=auth_email&sok=ok&approver_email_1={email to confirm main domain}&approver_email_{i}={email to confirm additional domain}
Explanation

To reissue an SSL certificate with a new CSR, you need to send a request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.reissue.step2&elid={certificate ID}&crt_type=manual&approver_method=auth_email&sok=ok&csr={urlencoded CSR}&approver_email_1={email to confirm main domain}&approver_email_{i}={email to confirm additional domain}
Explanation

To reissue an SSL certificate indicating new domains, you need to send a request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.reissue.step2&elid={certificate ID}&crt_type=altname&approver_method=auth_email&sok=ok&altname={urlencoded list of additional domains with a space}&approver_email_1={email to confirm main domain}&approver_email_{i}={email to confirm additional domain}
Explanation

Delete certificate

The certificate is deleted using the certificate.delete. function. The elid parameter specifies the certificate to be deleted.

To delete an SSL certificate, you need to send the following request:

https://api.ispmanager.com/manager/billmgr?authinfo=USER:PASSWD&out=xml&func=certificate.delete&elid=<license code>&sok=ok

Get the list of countries with digital codes

It is possible to find out the current list of countries with their corresponding identifiers using the certificate.order.csr. function.

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.order.csr&period=12&pricelist=PRICELIST

A successful response will contain:

  • k – country ID;
  • v – country name.

Get data for SSL certificate validation

To get data for SSL certificate validation, you need to send the following request, where ORDER_ID – is the certificate ID:

https://api-eu.ispmanager.com/billmgr?func=certificate.edit&elid=ORDER_ID&out=text

Data for DNS TXT

The value will be specified in the auth_dnstxt_value parameter in the response to the request specified above.

Data for File

There are two possible ways:

  • in the response received to the query above, find the file name in the auth_file_name parameter, and the file content in the auth_file_value parameter
  • to get a file with the corresponding records by executing a request, where ORDER_ID is the ID of the certificate:
https://api-eu.ispmanager.com/billmgr?func=certificate.file&elid=ORDER_ID&type=auth_file

Data for CNAME

In the above query response, find the name in theauth_cname_name parameter and the value in the auth_cname_value parameter.

Re-request for DNS validation

To get the data, send a request where ORDER_ID is the certificate identifier:

https://api-eu.ispmanager.com/billmgr?domains=DOMAIN&func=certificate.dns_verify&sok=ok&elid=ORDER_ID

Re-request for email validation

To get the data, send the following request:

https://api-eu.ispmanager.com/billmgr?func=certificate.domain_validation_email&sok=ok&elid=ORDER_ID&approver_email_1=EMAIL

Where:

  • ORDER_ID – certificate ID;
  • EMAIL – email address to confirm the certificate; this address must be one of the following:
    • admin@DOMAIN;
    • administrator@DOMAIN;
    • hostmaster@DOMAIN;
    • postmaster@DOMAIN;
    • webmaster@DOMAIN.