Get CT logs (order ID)
4 minute read
GET
Use this endpoint to get the CT logs for the domains on a Secure Site Pro certificate using the certificate’s order ID.https://www.digicert.com/services/v2/ctmonitor/{{order_id}}/details?filters[cn_san_search]=&filters[issuer_ca]={{name
Example requests and response
curl -X GET \
'https://www.digicert.com/services/v2/ctmonitor/{{order_id}}/details?filters[cn_san_search]=&filters[issuer_ca]={{name of certificate authority}}&filters[precert]=false&sort=-notbefore&offset=0&limit=1000' \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}'import requests
url = "https://www.digicert.com/services/v2/ctmonitor/{{order_id}}/details?filters[cn_san_search]=&filters[issuer_ca]={{name of certificate authority}}&filters[precert]=false&sort=-notbefore&offset=0&limit=1000"
payload = ""
headers = {
'X-DC-DEVKEY': "{{api_key}}",
'Content-Type': "application/json"
}
response = requests.request("GET", url, data=payload, headers=headers)
print(response.text)package main
import (
"fmt"
"net/http"
"io/ioutil"
)
func main() {
url := "https://www.digicert.com/services/v2/ctmonitor/{{order_id}}/details?filters[cn_san_search]=&filters[issuer_ca]={{name of certificate authority}}&filters[precert]=false&sort=-notbefore&offset=0&limit=1000"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("X-DC-DEVKEY", "{{api_key}}")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}var request = require("request");
var options = { method: 'GET',
url: 'https://www.digicert.com/services/v2/ctmonitor/{{order_id}}/details?filters[cn_san_search]=&filters[issuer_ca]={{name of certificate authority}}&filters[precert]=false&sort=-notbefore&offset=0&limit=1000',
headers:
{ 'Content-Type': 'application/json',
'X-DC-DEVKEY': '{{api_key}}' } };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});200 OK
{
"ct_certificates": [
{
"serial": "3aba0c39ed",
"digicert_issued": false,
"ctlogs": [
{
"logged_on": "2020 Apr 06 | 11:37:33",
"entry_no": 0,
"log_name": "Google 'Xenon2020' log",
"operated_by": "Google",
"log_url": "ct.googleapis.com/logs/xenon2020"
},
{
"logged_on": "2020 Apr 06 | 11:37:33",
"entry_no": 0,
"log_name": "Let's Encrypt 'Oak2020' log",
"operated_by": "Let's Encrypt",
"log_url": "oak.ct.letsencrypt.org/2020"
}
],
"not_after": "05 Jul 2020",
"not_before": "06 Apr 2020",
"subject": "digiqatest.in",
"issuer": "Let's Encrypt Authority X3",
"precert": false,
"hosts": {
"hosts_in_order": [
"digiqatest.in"
],
"hosts_not_in_order": []
},
"issuer_ca": "Let's Encrypt",
"trusted_ica": false,
"key_algorithm": "RSA",
"key_length": 3072,
"self_signed": false,
"signature_algorithm": "RSAwithSHA256",
"cert_type": "dv",
"wildcard": false
}
],
"page": {
"total": 1,
"limit": 1000,
"offset": 0
},
"issuer_ca_list": {
"General": [
"DigiCert",
"Non-DigiCert"
],
"Specific CAs": [
"IdenTrust Services, LLC",
"Let's Encrypt",
"Sectigo"
]
}
}
Filters and URL query parameters
This endpoint supports filters, sorting, and pagination. For general information and examples of the syntax to use when applying filters and sorting results, see Services API - Filters, sorting, and pagination parameters.
Example:
https://www.digicert.com/services/v2/ctmonitor/{{order_id}}/details?filters[cn_san_search]=&filters[issuer_ca]={{name of certificate authority}}&filters[precert]=false&sort=-notbefore&offset=0&limit=1000
| Name | Req/Opt | Type | Description |
|---|---|---|---|
filters[{{property_name}}] | optional | string | Filters results by the specified property. Replace {{property_name}} in your request with the property to use for filtering. This endpoint supports filtering by the following properties: |
| sort | optional | string | Sorts results by the value of one or more properties. By default, sorts results in ascending alphabetical order (0-9, A-Z). To sort in descending alphabetical order (9-0, Z-A), prefix the property name with a minus (-). To sort by multiple properties, separate the name of each property with a comma. Sort hierarchy matches the order of properties in this list. This endpoint supports sorting by the following properties: |
| offset | optional | int | Index of the first result to include in the response. Default: |
| 0 | |||
| limit | optional | int | Total number of results to include in the response. Max: |
| 1000 |
Response parameters
| Name | Type | Description |
|---|---|---|
| ct_certificates | array | Details about the certificate. |
| .. serial | string | Serial number assigned to the certificate on issuance. |
| .. ctlogs | array | Details from CT logs. |
| .. .. logged_on | string | Timestamp of when the certificate was logged to CT log. Format: UTC timezone and ISO 8601 date. |
| .. .. entry_no | string | Reference ID of CT log from the CT log server. |
| .. . log_name | string | Name of the CT log server. |
| .. .. operated_by | string | Owner of CT log server. |
| .. .. log_url | string | URL of CT log server. |
| .. digicert_issued | bool | If the certificate was issued by DigiCert. Possible values: |
| .. not_after | string | Timestamp of when certificate validity ends. Format: UTC timezone and ISO 8601 date. |
| .. not_before | string | Timestamp of when certificate validity begins. Format: UTC timezone and ISO 8601 date. |
| .. subject | string | Name secured by the certificate. |
| .. issuer | string | Name of certificate authority that issued the certificate. |
| .. precert | bool | Is the certificate in the CT log a precertificate. Possible values: Only returned if the precert request filter is used. |
| .. issuer_ca | string | Brand name of issuing certificate authority. Only returned if the issuer_ca request filter is used. |
| .. trusted_ica | bool | If the issuing certificate authority (ICA) is DigiCert or is whitelisted. Possible values: |
| .. key_algorithm | string | Type of encryption algorithm (e.g., RSA) |
| .. key_length | string | Number of bits used in the key. |
| .. self_signed | bool | If the certificate is self-signed. Possible values: |
| .. signature_algorithm | string | Signing algorithm used by the certificate. |
| .. cert_type | string | Type of certificate. Possible values: |
| .. wildcard | bool | If the certificate is a wildcard certificate. Possible values: |
| .. hosts | object | List of common name or subject alternative names in the order and not in the order Only returned if the ca_san_search request filter is used. |
| .. .. hosts_in_order | array | Common name or subject alternative names in the certificate order |
| .. .. host_not_in_order | array | Common name or subject alternative names not in the certificate order |
| page | object | Details about results. Modified using URL query strings. |
| .. total | int | Total number of records. |
| .. limit | int | Pagination record limit |
| .. offset | int | Pagination starting point |
| Issuer_ca_list | array | List of issuing certificate authorities (ICAs) |
| .. General | object | DigiCert and Non-DigiCert |
| .. Specified CAs | object | List of other certificate authorities present for the account. |
Was this page helpful?
Provide feedback