Skip to main content

View endpoint rating

POST https://daas.digicert.com/apicontroller/v1/sslrating/getServerRating

Get the overall server security rating and and known risks and issues for an IP address found through CertCentral Discovery scans. This endpoint request allows an end user to drill into or cross-link to the security rating and all relevant elements that determine the overall rating.

Example requests and responses

Example 1. cURL
curl -X POST \
  https://daas.digicert.com/apicontroller/v1/sslrating/getServerRating \
  -H 'Content-Type: application/json' \
  -H 'X-DC-DEVKEY: {{api_key}}' \
  -d '{
    "ip": "digicert.com",
    "port": "443",
    "accountId": "126993",
    "divisionIds": [],
    "scanId": "",
    "source": null,
    "serverId": "{{SERVER_ID}}"
}'

Example 2. Python
import requests

url = "https://daas.digicert.com/apicontroller/v1/sslrating/getServerRating"

payload = "{\n    \"ip\": \"digicert.com\",\n    \"port\": \"443\",\n    \"accountId\": \"126993\",\n    \"divisionIds\": [],\n    \"scanId\": \"\",\n    \"source\": null,\n    \"serverId\": \"{{SERVER_ID}}\"\n}"
headers = {
    'X-DC-DEVKEY': "{{api_key}}",
    'Content-Type': "application/json",
    }

response = requests.request("POST", url, data=payload, headers=headers)

print(response.text)

Example 3. Go
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "https://daas.digicert.com/apicontroller/v1/sslrating/getServerRating"

	payload := strings.NewReader("{\n    \"ip\": \"digicert.com\",\n    \"port\": \"443\",\n    \"accountId\": \"\"126993\"\",\n    \"divisionIds\": [],\n    \"scanId\": \"\",\n    \"source\": null,\n    \"serverId\": \"{{SERVER_ID}}\"\n}")

	req, _ := http.NewRequest("POST", url, payload)

	req.Header.Add("X-DC-DEVKEY", "{{api_key}}")
	req.Header.Add("Content-Type", "application/json")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Example 4. NodeJS
var request = require("request");

var options = { method: 'POST',
  url: 'https://daas.digicert.com/apicontroller/v1/sslrating/getServerRating',
  headers: 
   { 'Content-Type': 'application/json',
     'X-DC-DEVKEY': '{{api_key}}' },
  body: '{"ip":digicert.com,"port":443,"accountId":"126993","divisionIds":[],"scanId":,"source":null,"serverId":{{SERVER_ID}}}' };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});

Request parameters

Name

Req/Opt

Type

Description

ip

required

string

IP address for the endpoint you want to get the rating for.

port

required

string

Port for the endpoint you want to get the rating for.

accountId

required

string

Account ID.

divisionIds

optional

array

Division IDs.

scanId

optional

string

Unique ID for the CertCentral Discovery scan that scanned and retrieved details for the endpoint.

Required when scanName filter is applied on an endpoint view or user is navigating to a certificate view from scan details.

source

optional

string

Scan name user is redirected from.

serverId

required

string

Server ID that uniquely identifies the record from list endpoint.

Response parameters

Name

Type

Description

data

object

Container.

.. categories

array

Container for assessment criteria that determines security rating.

.. .. name

string

Name of assessment category.

.. .. criteria

array

Container for details that determine security rating.

.. .. .. name

string

Assessment criteria.

.. .. .. value

string

Criteria value.

.. .. .. issues

bool

Whether known issues exist for this criteria.

.. .. .. colorCode

string

Warning level.

Possible values: 1=At risk (high), 2=Warning (medium), null.

.. .. .. message

string

Summary.

.. .. .. data

array

Container for subcategories.

.. .. .. .. name

string

Assessment criteria.

.. .. .. .. value

string

Criteria value.

.. .. .. .. issues

bool

Whether known issues exist for this criteria.

.. .. .. .. colorCode

string

Warning level.

Possible values: 1=At risk (high), 2=Warning (medium), null.

.. .. .. suggestion

string

Details and/or solution.

.. .. .. kbLink

string

Link to additional information.

.. rating

string

Server security rating, based on the endpoint's communication and security settings.

.. certChainInfo

object

Container for intermediate CA certificate information.

.. .. certChainId

string

Certificate chain ID.

.. .. noOfCertChainFound

int

Number of certificate chains found.

.. .. status

string

Chain status.

.. .. isSelfSigned

bool

Whether the chain is self-signed.

.. .. certChainDetails

object

Certificate chain details container.

.. .. .. certChainDetailsList

array

Certificate chain details container.

.. .. .. .. certDetailsList

array

Intermediate or root certificate details.

.. .. .. .. .. status

string

Certificate status.

.. .. .. .. .. expirationDate

integer

Expiration date.

Format: epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system.

Example: 1855828800000

.. .. .. .. .. keyAlgorithm

string

Encryption algorithm.

.. .. .. .. .. algorithmType

string

SHA type.

.. .. .. .. .. issueDate

string

Issuing date.

Format: epoch in millisecond.

Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system.

Example: 1382443200000

.. .. .. .. .. issuerDN

string

Issuer name.

.. .. .. .. .. subject

string

Certificate subject.

.. .. .. .. .. errors

array

Error messages.

.. .. .. .. overallStatus

string

Overall certificate chain status.

.. .. .. .. isAdditionalCertChain

bool

Whether a certificate other than the expected certificate chain is discovered.

.. .. .. .. isValidChain

bool

Whether chain is valid.

.. criticalTlsIssues

array

Critical issues related to TLS implementation on the endpoint.

.. nonCriticalTlsIssues

array

Non-critical issues related to TLS implementation on the endpoint.

.. protocolCiphersInfoList

array

Cipher suites present on the endpoint.

.. serverConfigList

object

Server's communication security settings.

.. .. protocol

string

Communication security protocol.

.. .. keySize

string

Encryption key size.

.. .. cipherAlgorithm

string

Encryption algorithm.

.. tlsIssuesFound

bool

Whether or not TLS issues exist on the endpoint.

.. vulnerabilityScanEnabled

bool

Whether or not vulnerability scanning is turned on for the endpoint.

In this section: