Get certificate chain details

3 minute read

POST https://daas.digicert.com/apicontroller/v1/certificate/getCertChainDetails

Get intermediate CA and other certificate chain information associated with a specific certificate.

Example requests and responses

curl -X POST \
  https://daas.digicert.com/apicontroller/v1/certificate/getCertChainDetails \
  -H 'Content-Type: application/json' \
  -H 'X-DC-DEVKEY: {{api_key}}' \
-d '{
    "accountId": "126993",
    "certChainId": "4852981",
    "divisionId": "69748"
}'

import requests

url = "https://daas.digicert.com/apicontroller/v1/certificate/getCertChainDetails"

payload = "{\n    \"accountId\": \"126993\",\n    \"certChainId\": \"4852981\",\n    \"divisionId\": \"69748\"\n}"
headers = {
    'X-DC-DEVKEY': "{{api_key}}",
    'Content-Type': "application/json",
    }

response = requests.request("POST", url, data=payload, headers=headers)

print(response.text)

package main

import (
	"fmt"
	"strings"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "https://daas.digicert.com/apicontroller/v1/certificate/getCertChainDetails"

	payload := strings.NewReader("{\n    \"accountId\": \"126993\",\n    \"certChainId\": \"4852981\",\n    \"divisionId\": \"69748\"\n}")

	req, _ := http.NewRequest("POST", url, payload)

	req.Header.Add("X-DC-DEVKEY", "{{api_key}}")
	req.Header.Add("Content-Type", "application/json")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

var request = require("request");

var options = { method: 'POST',
  url: 'https://daas.digicert.com/apicontroller/v1/certificate/getCertChainDetails',
  headers: 
   { 'Content-Type': 'application/json',
     'X-DC-DEVKEY': '{{api_key}}' },
  body: 
   { accountId: '126993',
     certChainId: '4852981',
     divisionId: 69748 },
  json: true };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});

200 OK

{
    "data": {
        "certChainDetailsList": [
            {
                "certDetailsList": [
                    {
                        "status": "Valid",
                        "expirationDate": 2145916799000,
                        "keyAlgorithm": "RSA2048",
                        "algorithmType": "SHA256withRSA",
                        "issueDate": 1251763200000,
                        "issuerDN": "CN=DigiCert Root Certificate Authority - G2, O=\"DigiCert Inc.\", L=Citytown, ST=Arizona, C=US",
                        "subject": "CN=DigiCert Root Certificate Authority - G2,O=DigiCert \\, Inc.,L=Citytown,ST=Arizona,C=US(root)",
                        "errors": null
                    },
                    {
                        "status": "Valid",
                        "expirationDate": 1935558000000,
                        "keyAlgorithm": "RSA2048",
                        "algorithmType": "SHA256withRSA",
                        "issueDate": 1304406000000,
                        "issuerDN": "CN=DigiCert Root Certificate Authority - G2, O=\"DigiCert Inc.\", L=Citytown, ST=Arizona, C=US",
                        "subject": "CN=DigiCert Secure Certificate Authority - G2,OU=http://certs.digi.com/repository/,O=DigiCert\\, Inc.,L=CitytownST=Arizona,C=US(intermediate)",
                        "errors": null
                    },
                    {
                        "status": "Valid",
                        "expirationDate": 1575457523000,
                        "keyAlgorithm": "RSA2048",
                        "algorithmType": "SHA256withRSA",
                        "issueDate": 1503317044000,
                        "issuerDN": "CN=DigiCert Secure Certificate Authority - G2, OU=http://certs.digi.com/repository/, O=\"DigiCert Inc.\", L=CitytownST=Arizona, C=US",
                        "subject": "CN=*.flipkart.com,OU=Domain Control Validated(end-entity)",
                        "errors": null
                    }
                ],
                "overallStatus": "Primary Chain (Valid)",
                "isAdditionalCertChain": null,
                "isValidChain": true
            }
        ]
    }
}

Request parameters

Name	Req/Opt	Type	Description
accountId	required	string	Account ID.
divisionIds	optional	array	Division IDs.
certChainId	required	string	Certificate chain ID. Get the certificate chain ID from the [View endpoint rating](/certcentral-apis/discovery-api/certificates/view-endpoint-rating.html) request.

Response parameters

Name	Type	Description
data	object	Container.
.. certChainDetailsList	array	Certificate chain details container.
.. .. certDetailsList	array	Certificate chain details container.
.. .. .. status	string	Status.
.. .. .. expirationDate	integer	Expiration date. Format:epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: `1855828800000`
.. .. .. keyAlgorithm	string	Encryption algorithm.
.. .. .. algorithmType	string	SHA type.
.. .. .. issueDate	integer	Issuing date. Format:epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: `1855828800000`
.. .. .. issuerDN	string	Issuer name.
.. .. .. subject	string	Certificate subject.
.. .. .. errors	array	Error messages.
.. .. overallStatus	string	Overall status.
.. .. isAdditionalCertChain	bool	Whether a certificate other than the expected certificate chain is discovered.
.. .. isValidChain	bool	Whether chain is valid.