View certificate details

4 minute read

POST https://daas.digicert.com/apicontroller/v1/certificate/getCertificateDetails

Get details for a specific certificate. Details include distinguished name information, CA information, validity period, encryption type, and more.

Example requests and responses

curl -X POST \
  https://daas.digicert.com/apicontroller/v1/certificate/getCertificateDetails \
  -H 'Content-Type: application/json' \
  -H 'X-DC-DEVKEY: {{api_key}}' \
-d '{
    "accountId": "126993",
    "certificateId": "fb92ee3a2fd0cb6549e58c252f8787f467bfbeff",
    "divisionId": "69748"
}'

import requests

url = "https://daas.digicert.com/apicontroller/v1/certificate/getCertificateDetails"

payload = "{\n    \"accountId\": \"126993\",\n    \"certificateId\": \"fb92ee3a2fd0cb6549e58c252f8787f467bfbeff\",\n    \"divisionId\": \"69748\"\n}"
headers = {
    'X-DC-DEVKEY': "{{api_key}}",
    'Content-Type': "application/json",
    }

response = requests.request("POST", url, data=payload, headers=headers)

print(response.text)

package main

import (
	"fmt"
	"strings"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "https://daas.digicert.com/apicontroller/v1/certificate/getCertificateDetails"

	payload := strings.NewReader("{\n    \"accountId\": \"126993\",\n    \"certificateId\": \"fb92ee3a2fd0cb6549e58c252f8787f467bfbeff\",\n    \"divisionId\": \"69748\"\n}")

	req, _ := http.NewRequest("POST", url, payload)

	req.Header.Add("X-DC-DEVKEY", "{{api_key}}")
	req.Header.Add("Content-Type", "application/json")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

var request = require("request");

var options = { method: 'POST',
  url: 'https://daas.digicert.com/apicontroller/v1/certificate/getCertificateDetails',
  headers: 
   { 'Content-Type': 'application/json',
     'X-DC-DEVKEY': '{{api_key}}' },
  body: 
   { accountId: '126993',
     certificateId: 'fb92ee3a2fd0cb6549e58c252f8787f467bfbeff',
     divisionId: 69748 },
  json: true };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});

200 OK

{
    "data": {
        "certId": "fb92ee3a2fd0cb6549e58c252f8787f467bfbeff",
        "serialNum": "2bf1c0d8a20fef721f67011d6231c16e",
        "validFrom": 1523318400000,
        "expiryDate": 1591660799000,
        "subject": "CN=*.aparat.com,OU=EssentialSSL Wildcard,OU=Domain Control Validated",
        "issuedBy": "CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB",
        "cn": "*.aparat.com",
        "ca": "Comodo",
        "lastDiscoveredDate": 1645007394721,
        "firstDiscoveredDate": 1561409074447,
        "keyLength": 2048,
        "algoType": "SHA256withRSA",
        "accountId": "126993",
        "certStatusString": "VALID",
        "owner": null,
        "org": null,
        "orgUnit": "Domain Control Validated",
        "city": null,
        "state": null,
        "country": null,
        "sanCount": 2,
        "publicKeyAlgo": "RSA",
        "san": "*.aparat.com,aparat.com",
        "certRating": "Secure",
        "tags": null,
        "certStatusError": null,
        "certIssues": "512",
        "renewalEmailPreference": true,
        "emailAddresses": "xyz@digicert.com, abc@digicert.com",
        "actions": null,
        "filePath": null,
        "source": "Sensor",
        "serverHost": null,
        "selfSignedCaOptIn": false,
	"systemCert": false
    }
}

Request parameters

Name	Req/Opt	Type	Description
accountId	required	string	Account ID.
divisionIds	optional	array	Division IDs.
certificateId	required	string	Unique DigiCert-generated ID for the certificate found on the endpoint. Get the certificate ID from the List certificates request.

Response parameters

Name	Type	Description
data	object	Container.
.. certId	string	Unique DigiCert-generated ID for the certificate found on the endpoint.
.. serialNum	string	Serial number assigned to the certificate on issuance.
.. validFrom	integer	Validity start date. Format:epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: `1855828800000`
.. expiryDate	integer	Validity end date. Format:epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: `1855828800000`
.. subject	string	Full certificate distinguished name.
.. issuedBy	string	Root certificate that the certificate was issued from.
.. cn	string	Common name on the certificate.
.. ca	string	Certificate Authority that issued the certificate.
.. lastDiscoveredDate	integer	Date certificate was last found by CertCentral Discovery scan.
.. firstDiscoveredDate	integer	Date certificate was first found by CertCentral Discovery scan. Format:epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: `1855828800000`
.. keyLength	string	Encryption key size for the certificate.
.. algoType	string	Encryption algorithm that the certificate uses.
.. accountId	string	Account ID.
.. certStatusString	string	Status of the certificate.
.. owner	string	Owner as defined in CertCentral Discovery.
.. org	string	Organization name on the certificate.
.. orgunit	string	Organization unit on the certificate.
.. city	string	City on the certificate.
.. state	string	State on the certificate.
.. country	string	Country on the certificate.
.. sanCount	string	Number of subject alternative names on the certificate.
.. publicKeyAlgo	string	Encryption algorithm for the certificate’s public key.
.. san	string	Subject alternative names on the certificate.
.. certRating	string	Certificate security rating, based on industry standards and the certificate’s settings.
.. tags	string	Custom tags added by certificate owner, subscriber, or other admin.
.. certStatusError	string	Errors retrieving certificate status.
.. certIssues	string	Chart data for certificate issues.
.. renewalEmailPreference	boolean	Whether renewal email preference is enabled or not.Default: `true`
.. emailAddresses	string	Email address for the contact associated with the certificate.
.. actions	object	Action performed on the certificate.
.. filePath	string	File path of the certificate. Values are comma-separated.
.. source	string	The scan used to identify the certificate. Possible values: `sensor`, `agent` Note:Possible values are`Manual Upload`, `Cloud scan` for server certificates.
.. serverHost	string	The server host associated with the certificate. Values are comma-separated.
.. selfSignedCaOptIn	boolean	Whether email preference enabled for the self-signed certificates.
.. systemCert	boolean	Whether any system certificates are available or not.