Link Search Menu Expand Document

Overview

Create a TLS/SSL Certificate in a user’s subscription. You must create a CsrInfo in the user’s subscription before a certificate can be created. In addition, you must create a Challenge for the certificate and complete the Challenge using the HTTP or DNS method before a certificate can be created

Authorization

Include an API Key as a query string parameter in the request URL

Request URL

https://rclapi.azure-api.net/v2/stand-alone/certificate?api-key={api key}

Method

POST

Request Parameters

Name In Required Type Description
api-key query true string The user’s API Key for the subscription

Request Body

Add the CertificateOrder object in the body of the request to validate the Challenge and create the certificate.

You will obtain the CertificateOrder object from the Challenge when you created the Challenge. The CertificateOrder MUST contain an orderUri generated by the Challenge. This URI is used to validate the challenge

You MUST complete the Challenge using the HTTP or DNS method before you can create a Certificate. If you do not complete the Challenge or if the domain ownership validation failed, the certificate creation will also fail.

For a failed Challenge, you will need to create a new Challenge to retry a failed validation. Only Challenges in the ‘pending’ state can be validated

Sample Request

{
    "hostname": "shopeneur.com",
    "domainroot": "shopeneur.com",
    "email": "rayconsultingtechservice@outlook.com",
    "password": "pwd1234",
    "challengeType": "DNS",
    "orderUri": "https://acme-staging-v02.api.letsencrypt.org/acme/order/24445658/427672928"
}

Response

Name Type Description
201 Created Certificate The response body contains the TLS/SSL Certificate and link to the relevant certificate files

Sample Response

201 Created

{
    "id": 233,
    "name": "shopeneur.com",
    "issueDate": "2021-08-31T12:11:51.9405833+00:00",
    "expiryDate": "2021-11-29T12:11:51.9405842+00:00",
    "remoteCreateDate": null,
    "remoteCreate": "",
    "target": "Stand ALone",
    "renewal": "Manual",
    "pemUri": "https://rclstrgdev.blob.core.windows.net/pem/cert%2F46217",
    "pfxUri": "https://rclstrgdev.blob.core.windows.net/pem/cert%2F46217",
    "crtUri": "https://rclstrgdev.blob.core.windows.net/pem/cert%2F46217",
    "cerUri": "https://rclstrgdev.blob.core.windows.net/pem/cert%2F46217",
    "privateKeyUri": "https://rclstrgdev.blob.core.windows.net/pem/cert%2F",
    "certificateUri": "https://rclstrgdev.blob.core.windows.net/pem/cert%2F",
    "intermediateCertificateUri": "https://rclstrgdev.blob.core.windows.net/pem/cert%2F",
    "fullChainCertificateUri": "https://rclstrgdev.blob.core.windows.net/pem/cert%2F462",
    "pfxpwd": "pwd1234"
}

You can use the various links to download the relevant certificate files. These links will only be valid for a few hours for security reasons.

Definitions

CertificateOrder

CertificateOrder Object

Name Type Required Description
hostname string yes The hostname for the certificate
domainroot string yes *The domain root for the hostname
email string yes Email contact for certificate creator
password string yes Password for the certificate
challengeType string yes The method you will use : “HTTP” or “DNS” to complete the challenge
orderUri string yes The URI used to validate the challenge

Certificate

Certificate Object

Name Type Required Description
id int yes The unique id of the Certificate
name string yes The name (hostname) of the Certificate
issueDate string yes The date the certificate was issued
expiryDate string yes The expiry date of the certificate
remoteCreateDate string yes The date the certificate was installed in a server
remoteCreate string yes The identifier for the server the certificate was installed in
target string yes The classification for the certificate : “Stand ALone”
renewal string yes The renewal type of the certificate : “Manual”
pemUri string yes The link to download the .pem certificate
pfxUri string yes The link to download the .pfx certificate
crtUri string yes The link to download the .crt certificate
cerUri string yes The link to download the .cer certificate
privateKeyUri string yes The link to download the certificate private key
certificateUri string yes The link to download the primary certificate (.crt) file
intermediateCertificateUri string yes The link to download the intermediate certificate (.crt) file
fullChainCertificateUri string yes The link to download the full chain certificate (.crt) file
pfxpwd string yes The password for the .pfx certificate

Error

Name Code Description
Bad Request 400 Error details will be included as a string in the body of the response

Test the API

Note: Authorization in the Header is not supported for this API. Leave the authorization blank when testing. Use the API Key in the url parameter instead.

Test the API in the Developer’s Portal