Use this endpoint to get a list of all the codesigning certificates available after you run a Discovery scan.
curl --location --request POST 'https://daas.digicert.com/apicontroller/v1/certificates/codesigning/list' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw
'{
"accountId": 5153184,
"searchCriteriaList": [{
"key": "status",
"operation": "EQUALS",
"value": ["EXPIRED"]
}],
"divisionIds": [],
"startIndex": 1,
"pageSize": 50,
"filterSelected": "thumbprint",
"sortedColumnId": "thumbprint",
"sortOrder": "ASC"
}'{
"error": null,
"data": {
"totalCount": 113,
"currentCount": 50,
"certificates": [{
"thumbprint": "0180ed75d6615415e4d6c6c217613b4134f5745e",
"serialNumber": "0f8ce162b26b70ae59d17a0b2a93ab3a",
"filePath": "C:\\Program Files\\DigiCert\\DigiCert sensor\\jre\\bin\\fontmanager.dll",
"signingTime": 0,
"validFrom": 1504483200000,
"expiryDate": 1599566400000,
"org": "London Jamocha Community CIC",
"cn": null,
"orgUnit": null,
"city": null,
"state": null,
"country": null,
"ca": "DigiCert",
"subject": "CN=London Jamocha Community CIC,O=London Jamocha Community CIC,L=London,C=GB",
"issuer": "CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
"firstDiscoveredDate": 1650256209720,
"lastDiscoveredDate": null,
"keyAlgo": "RSA",
"keyLength": 2048,
"sigAlgo": "SHA256withRSA",
"certStatus": "EXPIRED",
"certStatusError": "",
"tags": "",
"renewalEmailPreference": true,
"emailAddresses": "",
"source": "Agent",
"serverHost": "win97",
"binaryFilePath": null
}, {
"thumbprint": "62009aaabdae749fd47d19150958329bf6ff4b34",
"serialNumber": "33000001519e8d8f4071a30e41000000000151",
"filePath": "C:\\Program Files\\Java\\jre1.8.0_271\\bin\\plugin2\\vcruntime140.dll",
"signingTime": 0,
"validFrom": 1556833066000,
"expiryDate": 1588455466000,
"org": "Microsoft Corporation",
"cn": null,
"orgUnit": null,
"city": null,
"state": null,
"country": null,
"ca": "",
"subject": "CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US",
"issuer": "CN=Microsoft Code Signing PCA 2011, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US",
"firstDiscoveredDate": 1650259894018,
"lastDiscoveredDate": null,
"keyAlgo": "RSA",
"keyLength": 2048,
"sigAlgo": "SHA256withRSA",
"certStatus": "EXPIRED",
"certStatusError": "",
"tags": "",
"renewalEmailPreference": true,
"emailAddresses": "",
"source": "Agent",
"serverHost": "win97",
"binaryFilePath": null
}]
}
}| Name | Req/Opt | Type | Description |
|---|---|---|---|
| accountId | required | string | Account ID. |
| searchCriteriaList | optional | array |
Filter results by specified values. The array includes key, operation and value. For definitions, see the Filter options for searchCriteriaList table below.Example: searchCriteriaList:[{"key":"status","operation":"EQUALS","value":["EXPIRED"]}]
|
| divisionIds | required | array | User's division IDs. |
| startIndex | optional | integer |
Index of the first result. Default: 1
|
| pageSize | optional | integer |
Number of records per page. Allowed values: 0 to 512Default: 50
|
| filterSelected | required | string |
The value to show in the results for each codesigning certificate that meets the search criteria. Default: thumbprintAllowed values: thumbprint, username, ipAddress, divisionName, ipCountry.
|
| sortedColumnId | optional | string |
Sort results by specified parameter. Default: thumbprint
|
| sortOrder | optional | string |
Sort direction. Allowed values: DESC (descending: 9-0, Z-A), ASC (ascending: 0-9, A-Z)Default: DESC
|
| Name | Type | Description |
|---|---|---|
| error | object | Includes error codes, if any. |
| data | object | Object with information about the filter results. |
| ..totalCount | integer | Total number of certificates based on the filter criteria. |
| .. currentCount | integer | Number of records on current page. |
| .. certificates | array | Container for codesigning certificate details. |
| .. .. thumbprint | string | Thumbprint details associated with the certificate. |
| .. .. serialNumber | string | Serial number assigned to the certificate on issuance. |
| .. .. filePath | string | The file path from where the certificate is discovered. |
| .. .. signingTime | integer | Time when the certificate was signed. |
| .. .. validFrom | string |
Validity start date. Format: epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: 1596781119000
|
| .. .. expiryDate | integer |
Validity end date. Format: epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: 1596781119000
|
| .. .. org | string | Organization name on the certificate. |
| .. .. cn | string | Common name on the certificate. |
| .. .. orgunit | string | Organization unit on the certificate. |
| .. .. city | string | City on the certificate. |
| .. .. state | string | State on the certificate. |
| .. .. country | string | Country on the certificate. |
| .. .. ca | string | Certificate Authority that issued the certificate. |
| .. .. subject | string | Full certificate distinguished name. |
| .. .. issuer | string | Root certificate that the certificate was issued from. |
| .. .. firstDiscoveredDate | integer |
Date certificate was first found by CertCentral Discovery scan. Format: epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: 1855828800000
|
| .. .. lastDiscoveredDate | integer | Date certificate was last found by CertCentral Discovery scan. |
| .. .. keyAlgo | string | Encryption algorithm for the certificate's key. |
| .. .. keyLength | integer | Encryption key size for the certificate. |
| .. .. sigAlgo | string | Signing algorithm used. |
| .. .. certStatus | string |
Status of the certificate.
|
| .. .. certStatusError | string | Errors retrieving certificate status. |
| .. .. tags | string | Custom tags added by certificate owner, subscriber, or other admin. |
| .. .. renewalEmailPreference | boolean |
Whether renewal email preference is enabled or not. Default: true
|
| .. .. emailAddresses | string | Email address for the contact associated with the certificate. |
| .. .. source | string |
The scan used to identify the certificate. Possible values: sensor, agent.Note: Possible values are Manual Upload or Cloud scan for server certificates.
|
| .. .. serverHost | string |
The server host associated with the certificate. Values are comma-separated. |
| .. .. binaryFilePath | string |
Binary file path to the certificate. Values are comma-separated. |
The array includes key, operation and value.
| Key | Operation | Value |
|---|---|---|
scanName
|
EQUALS |
Name of the scan
|
status
|
EQUALS |
Status of the scan
|
org
|
EQUALS |
Organization name
|
serialNumber
|
EQUALS |
Certificate serial number
|
ca
|
EQUALS |
Certificate authority
|
source
|
EQUALS |
Source used for the scan
|
serverHost
|
EQUALS |
Server host associated with the certificate
|
filePath
|
EQUALS |
File path from where the certificate is discovered
|
thumbprint
|
EQUALS |
Certificate thumbprint
|