Enable scanning

PUT https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/scan

Use this endpoint to enable vulnerability assessments for an order.

Replace {{order_id}} in the URL with the ID of the order. To get the ID values for orders in your account, use the List orders endpoint.

When you enable vulnerability assessments for an order, the scanning service automatically queues eligible domains on the certificate to be scanned. When the scan is complete, use the Download results endpoint to download a PDF with the assessment results.

Example requests and responses

Example 1. cURL

curl -X PUT \
https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/scan \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}'

Example 2. Python

import requests

url = "https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/scan"

payload = {}
headers = {
  'Content-Type': 'application/json',
  'X-DC-DEVKEY': '{{api_key}}'
}

response = requests.request("PUT", url, headers=headers, data = payload)

print(response.text.encode('utf8'))

Example 3. Go

package main

import (
  "fmt"
  "net/http"
  "io/ioutil"
)

func main() {

  url := "https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/scan"
  method := "PUT"

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, nil)

  if err != nil {
    fmt.Println(err)
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("X-DC-DEVKEY", "api_key")

  res, err := client.Do(req)
  defer res.Body.Close()
  body, err := ioutil.ReadAll(res.Body)

  fmt.Println(string(body))
}

Example 4. NodeJS

var request = require('request');
var options = {
  'method': 'PUT',
  'url': 'https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/scan',
  'headers': {
    'Content-Type': 'application/json',
    'X-DC-DEVKEY': '{{api_key}}'
  }
};
request(options, function (error, response) { 
  if (error) throw new Error(error);
  console.log(response.body);
});

Example 5. 204 No Content

// empty

Example 6. 404 Not Found

{
  "errors": [
    {
      "code": "not_found|route",
      "message": "The specified route was not found."
    }
  ]
}

Example 7. 403 Forbidden (Access permission)

{
  "errors": [
    {
      "code": "access_denied",
      "message": "You do not have permission to manage this request."
    }
  ]
}

Example 8. 400 Bad Request (Invalid order status)

{
  "errors": [
    {
      "code": "va_not_eligible_order",
      "message": "Invalid order status. Order must be issued, not revoked, expired, or pending."
    }
  ]
}

Example 9. 400 Bad Request (Invalid product type)

{
  "errors": [
    {
      "code": "va_not_eligible_product",
      "message": "Invalid certificate type. Vulnerability assessment is only available for Secure Site EV and Secure Site Pro certificates."
    }
  ]
}

In this section: