証明書の全体セキュリティ評価と既知のリスクおよび問題を取得します。このエンドポイント申請では、エンドユーザーは、全体評価を確定するのに使用する単一証明書のセキュリティ評価およびすべての要素に教示またはクロスリンクできます。
curl -X POST \
https://daas.digicert.com/apicontroller/v1/sslrating/getCertificateRating \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}' \
-d '{
"certId": "fb92ee3a2fd0cb6549e58c252f8787f467bfbeff",
"accountId": "126993",
"divisionIds": []
}'
import requests
url = "https://daas.digicert.com/apicontroller/v1/sslrating/getCertificateRating"
payload = "{\n \"certId\": \"fb92ee3a2fd0cb6549e58c252f8787f467bfbeff\",\n \"accountId\": \"126993\",\n \"divisionIds\": []\n}"
headers = {
'X-DC-DEVKEY': "{{api_key}}",
'Content-Type': "application/json",
}
response = requests.request("POST", url, data=payload, headers=headers)
print(response.text)
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://daas.digicert.com/apicontroller/v1/sslrating/getCertificateRating"
payload := strings.NewReader("{\n \"certId\": \"fb92ee3a2fd0cb6549e58c252f8787f467bfbeff\",\n \"accountId\": \"126993\",\n \"divisionIds\": []\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("X-DC-DEVKEY", "{{api_key}}")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}
var request = require("request");
var options = { method: 'POST',
url: 'https://daas.digicert.com/apicontroller/v1/sslrating/getCertificateRating',
headers:
{ 'Content-Type': 'application/json',
'X-DC-DEVKEY': '{{api_key}}' },
body:
{ certId: 'fb92ee3a2fd0cb6549e58c252f8787f467bfbeff',
accountId: '126993',
divisionIds: [] },
json: true };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
{
"data": {
"categories": [
{
"name": "CabForumCategory",
"criteria": [
{
"name": "AuthorityInfoAccess",
"value": "",
"issues": null,
"colorCode": null,
"message": null,
"data": [
{
"name": "OCSP",
"value": "http://ocsp.ca.com",
"issues": null,
"colorCode": null
},
{
"name": "CaIssuers",
"value": "http://crt.url.com/RSADomainValidationSecureServerCA.crx",
"issues": null,
"colorCode": null
}
],
"suggestion": null,
"kbLink": null
},
{
"name": "CRLDistributionPoints",
"value": "http://crl.url.com/RSADomainValidationSecureServerCA.crx",
"issues": "null",
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
},
{
"name": "BasicConstraint",
"value": "Certificate Authority : No",
"issues": null,
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
},
{
"name": "ExtendedKeyUsage",
"value": "TLS Web Client Authentication,TLS Web Server Authentication",
"issues": null,
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
},
{
"name": "KeyUsage",
"value": "digitalSignature,keyEncipherment",
"issues": null,
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
},
{
"name": "CertPolicies",
"value": "Policy ID #1 : 1.3.6.1.4.1.6449.1.2.2.7,CPS URI : https://secure.url.com/CPS,Policy ID #2 : 2.23.140.1.2.1",
"issues": null,
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
},
{
"name": "InternalNames",
"value": "No",
"issues": null,
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
}
]
},
{
"name": "CertStatusCategory",
"criteria": [
{
"name": "IsCertValid",
"value": "Yes",
"issues": null,
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
}
]
},
{
"name": "CertAttributeCategory",
"criteria": [
{
"name": "EndEntityCertHashAlgorithmStrength",
"value": "SHA2 family",
"issues": null,
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
},
{
"name": "EndEntityCertKeyStrength",
"value": "RSA 2048",
"issues": null,
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
},
{
"name": "IsAliasMatchSAN",
"value": "Yes",
"issues": null,
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
},
{
"name": "CertType",
"value": "Domain Validation (DV)",
"issues": "true",
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
}
]
},
{
"name": "KnownRisksCategory",
"criteria": [
{
"name": "NoNullCharacterInCN",
"value": "Yes",
"issues": null,
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
},
{
"name": "SameKeyNotUsedInChain",
"value": "Yes",
"issues": null,
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
},
{
"name": "SingleCNInDN",
"value": "Yes",
"issues": null,
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
},
{
"name": "ValidCertContent",
"value": "Yes",
"issues": null,
"colorCode": null,
"message": null,
"data": null,
"suggestion": null,
"kbLink": null
}
]
}
],
"rating": "Secure",
“ratingNotice”: “Restricted to Secure because of DV certificate. Upgrade to OV or EV certificate to improve the rating.”,
"isPrivateCert": false,
"cn": "*.aparat.com",
"certStatus": "Valid",
"caType": "PUBLIC"
}
}
名前 | 申請/オプション | 種別 | 説明 |
---|---|---|---|
accountId | 必須 | string | アカウント ID |
divisionIds | 任意 | array | 管理グループ ID |
certId | 必須 | string | エンドポイントで確認された証明書用の一意 DigiCert 生成 ID証明書チェーン ID を 「証明書を一覧表示する」 申請から取得します。 |
名前 | 種別 | 説明 |
---|---|---|
data | object | コンテナ |
.. categories | array | セキュリティ評価を確定する査定基準用のコンテナ |
.. .. name | string | 査定カテゴリ名 |
.. .. criteria | array | セキュリティ評価を確定する詳細用のコンテナ |
.. .. .. name | string | 査定基準 |
.. .. .. value | string | 基準値 |
.. .. .. issues | string | セキュリティリスクが存在するかどうか |
.. .. .. colorCode | string |
警告レベル 可能な値: 1 =危険がある (高)、2 =警告 (中程度)、null
|
.. .. .. message | string | 要約 |
.. .. .. data | array | サブカテゴリ用のコンテナ |
.. .. .. .. name | string | 査定基準 |
.. .. .. .. value | string | 基準値 |
.. .. .. .. issues | string | セキュリティリスクが存在するかどうか |
.. .. .. .. colorCode | string |
警告レベル 可能な値: 1 =危険がある (高)、2 =警告 (中程度)、null
|
.. .. .. suggestion | string | 詳細および/または解決方法 |
.. .. .. kbLink | string | 追加情報へのリンク |
.. rating | string |
証明書セキュリティ評価 ,業界基準と証明書の設定がベース
|
.. ratingNotice | string | 証明書のセキュリティ評価に関する追加注記 |
.. isPrivateCert | bool | 証明書がプライベートルート CA から発行されているかどうか |
.. cn | string | コモンネーム: |
.. certStatus | string |
ステータス 証明書の
|
.. caType | string | パブリックまたはプライベートなど、認証局ソースのタイプ |