Use this endpoint to get the CT logs for the domains on a Secure Site Pro certificate using the certificate's order ID.
curl -X GET \
'https://www.digicert.com/services/v2/ctmonitor/{{order_id}}/details?filters[cn_san_search]=&filters[issuer_ca]={{name of certificate authority}}&filters[precert]=false&sort=-notbefore&offset=0&limit=1000' \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}'import requests
url = "https://www.digicert.com/services/v2/ctmonitor/{{order_id}}/details?filters[cn_san_search]=&filters[issuer_ca]={{name of certificate authority}}&filters[precert]=false&sort=-notbefore&offset=0&limit=1000"
payload = ""
headers = {
'X-DC-DEVKEY': "{{api_key}}",
'Content-Type': "application/json"
}
response = requests.request("GET", url, data=payload, headers=headers)
print(response.text)package main
import (
"fmt"
"net/http"
"io/ioutil"
)
func main() {
url := "https://www.digicert.com/services/v2/ctmonitor/{{order_id}}/details?filters[cn_san_search]=&filters[issuer_ca]={{name of certificate authority}}&filters[precert]=false&sort=-notbefore&offset=0&limit=1000"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("X-DC-DEVKEY", "{{api_key}}")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}var request = require("request");
var options = { method: 'GET',
url: 'https://www.digicert.com/services/v2/ctmonitor/{{order_id}}/details?filters[cn_san_search]=&filters[issuer_ca]={{name of certificate authority}}&filters[precert]=false&sort=-notbefore&offset=0&limit=1000',
headers:
{ 'Content-Type': 'application/json',
'X-DC-DEVKEY': '{{api_key}}' } };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});{
"ct_certificates": [
{
"serial": "3aba0c39ed",
"digicert_issued": false,
"ctlogs": [
{
"logged_on": "2020 Apr 06 | 11:37:33",
"entry_no": 0,
"log_name": "Google 'Xenon2020' log",
"operated_by": "Google",
"log_url": "ct.googleapis.com/logs/xenon2020"
},
{
"logged_on": "2020 Apr 06 | 11:37:33",
"entry_no": 0,
"log_name": "Let's Encrypt 'Oak2020' log",
"operated_by": "Let's Encrypt",
"log_url": "oak.ct.letsencrypt.org/2020"
}
],
"not_after": "05 Jul 2020",
"not_before": "06 Apr 2020",
"subject": "digiqatest.in",
"issuer": "Let's Encrypt Authority X3",
"precert": false,
"hosts": {
"hosts_in_order": [
"digiqatest.in"
],
"hosts_not_in_order": []
},
"issuer_ca": "Let's Encrypt",
"trusted_ica": false,
"key_algorithm": "RSA",
"key_length": 3072,
"self_signed": false,
"signature_algorithm": "RSAwithSHA256",
"cert_type": "dv",
"wildcard": false
}
],
"page": {
"total": 1,
"limit": 1000,
"offset": 0
},
"issuer_ca_list": {
"General": [
"DigiCert",
"Non-DigiCert"
],
"Specific CAs": [
"IdenTrust Services, LLC",
"Let's Encrypt",
"Sectigo"
]
}
}This endpoint supports filters, sorting, and pagination. For general information and examples of the syntax to use when applying filters and sorting results, see Services API - Filters, sorting, and pagination parameters.
Example:
https://www.digicert.com/services/v2/ctmonitor/{{order_id}}/details?filters[cn_san_search]=&filters[issuer_ca]={{name of certificate authority}}&filters[precert]=false&sort=-notbefore&offset=0&limit=1000| Name | Req/Opt | Type | Description |
|---|---|---|---|
filters[{{property_name}}]
|
optional | string |
Filters results by the specified property. Replace {{property_name}} in your request with the property to use for filtering. This endpoint supports filtering by the following properties:
|
| sort | optional | string |
Sorts results by the value of one or more properties. By default, sorts results in ascending alphabetical order (0-9, A-Z). To sort in descending alphabetical order (9-0, Z-A), prefix the property name with a minus ( -).To sort by multiple properties, separate the name of each property with a comma. Sort hierarchy matches the order of properties in this list. This endpoint supports sorting by the following properties:
|
| offset | required | int |
Index of the first result to include in the response. Default: 0
|
| limit | required | int |
Total number of results to include in the response. Max: 1000
|
| Name | Type | Description |
|---|---|---|
| ct_certificates | array | Details about the certificate. |
| .. serial | string | Serial number assigned to the certificate on issuance. |
| .. ctlogs | array | Details from CT logs. |
| .. .. logged_on | string |
Timestamp of when the certificate was logged to CT log. Format: UTC timezone and ISO 8601 date. |
| .. .. entry_no | string | Reference ID of CT log from the CT log server. |
| .. :. log_name | string | Name of the CT log server. |
| .. .. operated_by | string | Owner of CT log server. |
| .. .. log_url | string | URL of CT log server. |
| .. digicert_issued | bool |
If the certificate was issued by DigiCert. Possible values:
|
| .. not_after | string |
Timestamp of when certificate validity ends. Format: UTC timezone and ISO 8601 date. |
| .. not_before | string |
Timestamp of when certificate validity begins. Format: UTC timezone and ISO 8601 date. |
| .. subject | string | Name secured by the certificate. |
| .. issuer | string | Name of certificate authority that issued the certificate. |
| .. precert | bool |
Is the certificate in the CT log a precertificate. Possible values:
precert request filter is used.
|
| .. issuer_ca | string |
Brand name of issuing certificate authority. Only returned if the issuer_ca request filter is used.
|
| .. trusted_ica | bool |
If the issuing certificate authority (ICA) is DigiCert or is whitelisted. Possible values:
|
| .. key_algorithm | string | Type of encryption algorithm (e.g., RSA) |
| .. key_length | string | Number of bits used in the key. |
| .. self_signed | bool |
If the certificate is self-signed. Possible values:
|
| .. signature_algorithm | string | Signing algorithm used by the certificate. |
| .. cert_type | string |
Type of certificate. Possible values:
|
| .. wildcard | bool |
If the certificate is a wildcard certificate. Possible values:
|
| .. hosts | object |
List of common name or subject alternative names in the order and not in the order Only returned if the ca_san_search request filter is used.
|
| .. .. hosts_in_order | array | Common name or subject alternative names in the certificate order |
| .. .. host_not_in_order | array | Common name or subject alternative names not in the certificate order |
| page | object |
Details about results. Modified using URL query strings. |
| .. total | int | Total number of records. |
| .. limit | int | Pagination record limit |
| .. offset | int | Pagination starting point |
| Issuer_ca_list | array | List of issuing certificate authorities (ICAs) |
| .. General | object | DigiCert and Non-DigiCert |
| .. Specified CAs | object | List of other certificate authorities present for the account. |