SSL Certificates API Guide. Version 3.0 April 28, 2009



Similar documents
OpenSRS Trust Service API Command Reference

GoGetSSL API Guide Version: 2.5 (stable)

GeoCerts Reseller REST API

Software Version 4.5. SSL Web Service API Release Date: 12 th May, InCommon c/o Internet Oakbrook Drive, Suite 300 Ann Arbor MI, 48104

OpenSRS Trust Manager. May 7, 2013

SSL API Documentation. Version 1.2.1

OpenSRS Quickstart Guide April 15, 2011

Our partnerships. Our accreditations

OpenSRS SSL Certificate Plug-in

Comodo Certificate Manager Software Version 4.8

Comodo Certificate Manager Software Version 5.0

GeoTrust QuickSSL Manager. User Guide

Overview of Domain SSL

Comodo Certificate Manager Version 5.4

API Commands Reseller Partners

Manual for Registrars. Automated Interface. General Availability

Industry Leading Encryption Balanced Offerings from domain validated to secure EV certificates Mobile Device Capability Full Service and Support

MXSAVE XMLRPC Web Service Guide. Last Revision: 6/14/2012

Securing Your Apache Web Server With a Thawte Digital Certificate

RED HAT SECURE WEB SERVER 3.0 DEVELOPER EDITION FOR COBALT NETWORKS SERVERS

Merchant One Payment Systems Integration Resources. Direct Post API Documentation June 2007

Parallels Business Automation - Standard

Network Merchants Inc (NMI) Integration Resources. Direct Post API Documentation April 2010

SSL Certificates Quick Start. This document describes the steps you need to use to purchase and use SSL certificaters with the enom API.

Credomatic Integration Resources. Browser Redirect API Documentation June 2007

Gateway Direct Post API

SSL Certificates Enrollment, Collection, Installation and Renewal Release Date: May, 2015

IIS EPP v3. Create Certificate for IIS EPP v3. IIS Registry EPP Information. Last saved: November 17, 2015

OpenSRS Storefront Reseller Setup Guide

All rights reserved! [no] Copy, Edit, Alter, Share or Distribute See Licensing on last page. SSL Security. Alternate options for securing your sites

Secure Messaging Server Console... 2

OpenSRS Domain Transfers Guide. October 23, 2008

AutoInstall SSL FAQs for End Users

Software Requirement Specification For Flea Market System

Safeguard Ecommerce Integration / API

1. If there is a temporary SSL certificate in your /ServerRoot/ssl/certs/ directory, move or delete it. 2. Run the following command:

SSL Enablement of the DB2 Web Query for System i Server

DigiCert User Guide. Version 4.1

Displaying SSL Certificate and Key Pair Information

Adeptia Suite LDAP Integration Guide

Building Customer Confidence through SSL Certificates and SuperCerts

NYSP Web Service FAQ

Overview of Extended Validation (EV) SSL

VeriSign SSL Partner Program Guide

Cvent Web Services API. Version V June 2008

SSL GUIDE. Everything you need to know about SSL and securing your online business. For Control Panel based webservers. Published by FreeSSL.

BULK SMS APPLICATION USER MANUAL

Riverbed Cascade Shark Common REST API v1.0

4. Client-Level Administration

SSL GUIDE. Everything you need to know about SSL and securing your online business. For Apache Running Apache-SSL, mod_ssl, OpenSSL, ssleay

Registrar Ramp Up Process. Prepared by Afilias

User-ID Features. PAN-OS New Features Guide Version 6.0. Copyright Palo Alto Networks

Displaying SSL Certificate and Key Pair Information

It s an SSL. Revolution. AutoInstall SSL. Presented by: Harald Schoonbeek, Sales Manager. AutoInstall SSL - It s an SSL Revolution

Using ODBC with MDaemon 6.5

SSL Installing your new Certificate

API documentation - 1 -

A Proper Foundation: Extended Validation SSL

Implementing Secure Sockets Layer on iseries

e-filing Secure Web Service User Manual

Secure XML API Integration Guide - Periodic and Triggered add in

i2b2 Cell Messaging Project Management (PM) Cell

NetSure Certificate means any of the types of Certificates that are subject to this Plan, as listed in Appendix A, List of Covered Services.

Parallels Operations Automation 5.0 Public API Reference

Installing an SSL Certificate Provided by a Certificate Authority (CA) on the vwlan Appliance

Grandstream Networks, Inc.

Configuring Single Sign-on for WebVPN

Cyber Security Workshop Ethical Web Hacking

Integrate with Directory Sources

Configure Directory Integration

Renewing an SSL Certificate Provided by a Certificate Authority (CA) on the vwlan Appliance

By Jan De Clercq. Understanding. and Leveraging SSL-TLS. for Secure Communications

Qualtrics Single Sign-On Specification

GlobalSign Solutions

Equipment Room Database and Web-Based Inventory Management

THE CHALLENGE OF ADMINISTERING WEBSITES OR APPLICATIONS THAT REQUIRE 24/7 ACCESSIBILITY

GlobalSign Partners. Digital Certificate Reseller Quick Start Guide. Using your GCC Partner Account to Resell SSL & Client Certificates Effectively

Oracle Communications Cartridge Feature Specification for Broadsoft Broadworks Enterprise Services

Global Registry Services Registrar Frequently Asked Questions (FAQ) for TLDs using Afilias Technology

Sophos Mobile Control Network Access Control interface guide

SQL Injection Attack Lab Using Collabtive

ADT: Inventory Manager. Version 1.0

ivvy Events Software API

enom, Inc. API response codes

Configuring User Identification via Active Directory

Hosted Credit Card Forms Implementation Guide

Starter PKI Program. Get the timesaving convenience of a thawte. multiple digital certificate account What is the Starter PKI Program?

Transcription:

SSL Certificates API Guide Version 3.0 April 28, 2009

Table of Contents Introduction...3 The Order Item Object...4 Key Definitions for the create_items Associative Array...5 Key Definitions for the product_data Associative Array...8 Modification of Order Items...11 Create Order Examples...12 Request Perl...12 Response Perl...14 Request XML...16 Response XML...19 The Approver Object...22 The Query Operation...22 Query Product Examples...23 Query Approver Examples...24 The CSR Object...26 The Parse Operation...26 Parse CSR Examples...29 Resend Approver or Certificate Email...34 Renew SSL Certificate Command...42 Examples...42 SSL Certificate Error Codes...56 Revisions and Updates...58 2

Introduction The SSL Certificate service provides access to the provisioning of SSL Certificates. This document describes how the SSL Certificate service data is structured within TPP. For more information on TPP, refer to the OpenSRS TPP API Specification. OpenSRS offers 16 SSL Certificates from the three most trusted and most recognized certificate providers: VeriSign, GeoTrust, and thawte. Verisign The VeriSign SSL certificate brand resonates very well with large companies and corporations that want to obtain the highest levels of security possible. GeoTrust GeoTrust is one of the world's largest SSL certificate providers, with more than 100,000 customers in over 150 countries. Its product line is extremely popular with small businesses. thawte thawte is a leading provider of domain, business and extended validation SSL certificates. Its brand is particularly strong in Europe, and appeals to European businesses. The domain vetted certificates include QuickSSL and QuickSSL Premium. The organization vetted certificates include True BusinessID Wildcard, Secure Site, Secure Site Pro, Secure Site with EV, Secure Site Pro with EV, SGC SuperCerts, SSL Web Server Certificates, SSL Web Server Certificates Wildcard, SSL Web Server Certificates with EV, and two Code Signing Certificates. OpenSRS also offers two SSL Certificates that are both domain and organization vetted: True BusinessID with EV and SSL123. 3

The Order Item Object The TPP order contains a sub-object called an order item. SSL Certificates can be provisioned by adding an order item to the order object. The following is the general structure of the SSL Certificate service TPP order item: create_items => { service => 'cert', object_type => 'quickssl' 'quicksslpremium' 'truebizid' 'truebizidwildcard' 'truebizidev' 'securesite' 'securesitepro' 'securesiteev' 'securesiteproev' 'ssl123' sgcsupercerts 'sslwebserver' 'sslwebserverwildcard' 'sslwebserverev' 'thawtecsc' 'verisigncsc' orderitem_type => 'new', client_reference => '', product_data => { period => '', csr => '', server_type => '', cert_type_csc => '', # only required for code signing certificates approver_email => '', # only applicable to domain vetted certificates - quickssl, quicksslpremium, ssl123, and truebizidev }; contact_set => { } 4

The Order Item Object Key Definitions for the create_items Associative Array inventory_item_id Parameter inventory_item_id int The number of the order to be renewed. Required when orderitem_type = renewal. Allowed Values: This key can be located in the following associative arrays: orderitem, create_items and update_items. Must be cert ID #. service Parameter Allowed Values: service string The name of the SSL Certificate service. Required. This key can be located in the following associative arrays: orderitem, create_items and update_items. Must be cert. object_type Parameter object_type string The product type from the SSL Certificate inventory. The four product types are detailed in the allowed values section for this key. Required. This key can be located in the following associative arrays: orderitem, create_items and update_items. 5

SSL Certificates API Guide Allowed Values: QuickSSL = quickssl QuickSSLPremium = quicksslpremium TrueBusinessId = truebizid TrueBusinessId Wildcard = truebizidwildcard TrueBusinessID with EV = truebizidev Secure Site = securesite Secure Site Pro = securesitepro Secure Site with EV = securesiteev Secure Site Pro with EV = securesiteproev Verisign Code Signing Certificate = verisigncsc SSL123 = ssl123 SGC SuperCerts = sgcsupercerts SSL Web Server Certificates = sslwebserver SSL Web Server Certificates Wildcard = sslwebserverwildcard SSL Web Server Certificates with EV = sslwebserverev thawte Code Signing Certificate = thawtecsc orderitem_type Parameter Allowed Values: orderitem_type string The type of order as described in the generic TPP document. Order types are detailed in the allowed values section for this key. Required. This key can be located in the following associative arrays: orderitem, create_items and update_items. For new orders, use new. For renewal orders, use renewal. client_reference Parameter Allowed Values: client_reference string Standard order item client reference from TPP. Optional. This key is only present in the create_items associative array. 6

The Order Item Object contact_set Parameter Allowed Values: contact_set associative array The SSL Certificate contact information. See the TPP specifications for more information. Required. This key can be located in the following associative arrays: orderitem, create_items and update_items. All products require: admin, billing and tech contacts. Additional organization contact is required for all organization vetted certificates; title field for admin, tech, and billing contacts is required for thawte, VeriSign, and all EV certificates. For VeriSign certificates, organization, address, city, stat/province, postal code and country are required for admin and tech contacts. product_data Parameter Allowed Values: product_data associative array The data specific to an SSL Certificate. Required. This key can be located in the following associative arrays: orderitem, create_items and update_items. See table below. 7

SSL Certificates API Guide Key Definitions for the product_data Associative Array period Parameter period int The standard TPP order item period. The amount of time, in years, that the product should be valid for. The SSL Certificate service allows for registrations of 1 to 2 years for EV Certificates and thawte Code Signing Certificates, 1 to 3 years for Verisign Code Signing Certificates, and 1 to 5 years for all other types. Required. Allowed Values: 1, 2, 3, 4, or 5. This key is located in the product_data associative array. csr Parameter Allowed Values: csr string Certificate signing request. For more information on the CSR, please review the SSL Certificates RWI 2 User Guide. Optional. This key is located in the product_data associative array. A Certificate Signing Request for the required certificate. Note: For EV type certificates, the CSR must be 2048 bits. server_type Parameter server_type string The type of server software used to generate the CSR. Optional. This key is located in the product_data associative array. 8

The Order Item Object Allowed Values: Apache SSL = apachessl Apache Raven = apacheraven Apache SSLeay = apachesslay C2Net = c2net Cobalt Raq2 = cobaltraq2 Cobalt Raq3 = cobaltraq3 Cobalt Raq4 = cobaltraq4 IBM HTTP = ibmhttp iplanet = iplanet Domino Go 4625 = dominogo4625 Domino Go 4626 = dominogo4626 Domino = domino IIS4 = iis4 IIS5 = iis5 Netscape = netscape Webstar 4 = webstar4 Zeus v3 = zeusv3 approver_email Parameter Allowed Values: approver_email string One of the approver emails return by query approver call. Required for domain vetted certificates. This key is located in the product_data associative array. A valid email address. special_instructions Parameter Allowed Values: special_instructions string User defined instructions regarding the SSL Certificate purchase. Optional. product_data associative array string 9

SSL Certificates API Guide cert_type_csc Parameter cert_type_csc string Certificate type of code signing certificates. Allowed Values: Only required for Code Signing certificates. product_data associative array JAVASOFT, MS_AUTHENTICODE, VBA, or ADOBE_AIR Note: ADOBE_AIR is not supported for thawte Code Signing Certificates. 10

Modification of Order Items When updating existing SSL Certificate order items, many of the fields listed as required above become optional. The general rules for updates are: Include individual keys and values when you want to make a change to a value in the server. Include individual keys and empty/undefined values when you want to blank out values in the server. Omit individual keys when you do not wish to make changes to particular values in the server. For updates, the username and order item's ID are the only required fields. 11

Create Order Examples Request Perl { 'protocol' => 'TPP', 'action' => 'create', 'object' => 'order', 'requestor' => { 'password' => 'fetch', 'username' => 'tricks' 'attributes' => { 'contacts' => [ { 'country' => 'US', 'duns' => '150483782', 'address3' => '', 'org_name' => 'Acme Ltd.', 'phone' => '+1.4165551212', 'last_name' => 'Sanford', 'address2' => 'Suite 1200', 'state' => 'NY', 'email' => 'subq@example.com', 'city' => 'New York', 'postal_code' => '90210', 'fax' => '+1.4165551234', 'url' => 'www.example.com', 'address1' => '65 State St.', 'first_name' => 'Steven' } ], 'create_items' => [ { 'product_data' => { 'special_instructions' => 'special instructions', 'period' => '1', 'approver_email' => 'subq@example.com', 'server_type' => 'apachessl', 'csr' => ' -----BEGIN CERTIFICATE REQUEST----- MIIByzCCATQCAQAwgYoxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRAwDgYDVQQ HEwdUb 3JvbnRvMQ8wDQYDVQQKEwZUdWNvd3MxCzAJBgNVBAsTAlFBMRgwFgYDVQQDEw9jb3JlbG9n awmwlm luzm8xhzadbgkqhkig9w0bcqewehbhdmvsqhr1y293cy5jb20wgz8wdqyjkozihvcnaqebb QADgY0 AMIGJAoGBAOoJ2jUqcAmtlge2grSbh4LkuPWyi+bvOUV7UEAkTruVoeji8/Jqndyy0XWpMO VERitf 4RcC0t5fbu6YXbZk0xKxkJ+ztcxo8kQZiHtEMJROsRFiQpjqH623pdmE+ye24NSBUhICpga di4kgg QAYsxsxLo1yhSwdXaLjGuegPXcpAgMBAAGgADANBgkq9w0BAQQFAAOBgQA9BhFzNxPmNCgl fausgs Ve3vArA8Xpj0ab063seUGHQyp5cSsI9zxSqK+sQjkjLRwsywfWxRKpyvIhOwppCPNQAOFSS cfm0dy 9DmavPfAWM6t7zq7dBjDqBkITRohnO+o+el88j45aanbfbPym9uaEn3qZUCacgiBZKKYirc 12

Create order examples 0nTQ== -----END CERTIFICATE REQUEST----- ' 'object_type' => 'quickssl', 'contact_set' => { 'admin' => { 'country' => 'US', 'duns' => '150483782', 'address3' => '', 'org_name' => 'Acme Ltd.', 'phone' => '+1.4165551212', 'last_name' => 'Lastname', 'address2' => 'Suite 12--', 'state' => 'NY', 'email' => 'subq@example.com', 'city' => 'New York', 'postal_code' => '90210', 'fax' => '+1.4165551234', 'url' => 'www.example.com', 'address1' => '65 State St.', 'first_name' => 'Firstname' 'tech' => { 'country' => 'US', 'duns' => '150483782', 'address3' => '', 'org_name' => 'Acme Ltd.', 'phone' => '+1.4165551212', 'last_name' => 'Lastname', 'address2' => 'Suite 1200', 'state' => 'NY', 'email' => 'subq@example.com', 'city' => 'New York', 'postal_code' => '90210', 'fax' => '+1.4165551234', 'url' => 'www.example.com', 'address1' => '65 State St.', 'first_name' => 'Firstname' 'billing' => { 'country' => 'US', 'duns' => '150483782', 'address3' => '', 'org_name' => 'Acme Ltd.', 'phone' => '+1.4165551212', 'last_name' => 'Lastname', 'address2' => 'Suite 1200', 'state' => 'NY', 'email' => 'subq@example.com', 'city' => 'New York', 'postal_code' => '90210', 'fax' => '+1.4165350124', 'url' => 'www.example.com', 'address1' => '65 State St.', 'first_name' => 'Firstname' 'organization' => { 13

SSL Certificates API Guide 'country' => 'US', 'duns' => '150483782', 'address3' => '', 'org_name' => 'Acme Ltd.', 'phone' => '+1.4165551212', 'last_name' => 'Lastname', 'address2' => 'Suite 1200', 'state' => 'NY', 'email' => 'subq@example.com', 'city' => 'New York', 'postal_code' => '90210', 'fax' => '+1.4165551234', 'url' => 'www.example.com', 'address1' => '65 State St.', 'first_name' => 'Firstname' } 'orderitem_type' => 'new', 'service' => 'cert' } ], 'user_id' => '1003', 'handling' => 'process' }; } Response Perl { 'protocol' => 'TPP', 'session_id' => 'OSRS-359385', 'object' => 'ORDER', 'response_text' => 'Product requested', 'version' => '1.4.0', 'action' => 'CREATE:REPLY', 'response_code' => '300', 'attributes' => { 'contacts' => [ { 'duns' => '150483782', 'client_reference' => '', 'address3' => '', 'org_name' => 'Acme Ltd.', 'state' => 'NY', 'last_name' => 'Lastname', 'email' => 'subq@example.com', 'city' => 'New York', 'response_text' => 'Request completed successfully', 'postal_code' => '902105', 'fax' => '+1.4165551234', 'contact_id' => '53263', 'url' => 'www.example.com', 'country' => 'US', 'response_code' => '200', 'phone' => '+1.4165551212', 14

Create order examples 'address2' => 'Suite 1200', 'title' => '', 'address1' => '65 State St.', 'first_name' => 'Firstname' } ], 'client_reference' => '', 'create_items' => [ { 'client_reference' => '', 'status' => 'provisioning-requested', 'major_code' => '300', 'term' => '1', 'item_id' => '64037', 'product_item' => { 'product_data' => { 'special_instructions' => 'special instructions', 'approver_email' => 'subq@example.com', 'period' => '1', 'server_type' => 'apachessl'. 'csr' => ' -----BEGIN CERTIFICATE REQUEST----- MIIByzCCATQCAQAwgYoxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRAwDgYDVQQ HEwdUb 3JvbnRvMQ8wDQYDVQQKEwZUdWNvd3MxCzAJBgNVBAsTAlFBMRgwFgYDVQQDEw9jb3JlbG9n awmwlm luzm8xhzadbgkqhkig9w0bcqewehbhdmvsqhr1y293cy5jb20wgz8wdqyjkozihvcnaqebb QADgY0 AMIGJAoGBAOoJ2jUqcAmtlge2grSbh4LkuPWyi+bvOUV7UEAkTruVoeji8/Jqndyy0XWpMO VERitf 4RcC0t5fbu6YXbZk0xKxkJ+ztcxo8kQZiHtEMJROsRFiQpjqH623pdmE+ye24NSBUhICpga di4kgg QAYsxsxLo1yhSwdXaLjGuegPXcpAgMBAAGgADANBgkqhkiG9w0BAQQFAAOBgQA9BhFzNxPm NCglfA USGsVe3vArA8Xpj0ab063seUGHQyp5cSsI9zxSqK+sQjkjLRwsywfWxRKpyvIhOwppCPNQA OFSScF M0DY9DmavPfAWM6t7zq7dBjDqBkITRohnO+o+el88j45aanbfbPym9uaEUCacgiBZKKYirc 0nTQ== -----END CERTIFICATE REQUEST----- ' 'object_type' => 'quickssl', 'response_code' => '200', 'expiry_date' => '', 'service' => 'cert', 'description' => 'corelogic0.info', 'inventory_item_id' => '52410', 'state' => 'requested', 'response_text' => ' Request completed successfully ', 'contact_set' => { 'admin' => '53263', 'tech' => '53263', 'billing' => '53263', 'organization' => '53263' 'start_date' => '', 'owned_by' => '1003' 15

SSL Certificates API Guide 'contact_set' => { 'admin' => '53264', 'tech' => '53264', 'billing' => '53264', 'organization' => '53264' 'ancillary_price' => '0', 'price' => '6900', 'major_text' => 'Product requested' } ], 'status' => 'reserved', 'order_id' => '48970', 'price' => '6900' 'is_success' => '1' }; Request XML <?xml version='1.0' encoding='utf-8'?> <OPS_envelope> <header> <version>0.9</version> </header> <body> <data_block> <item key="protocol">tpp <item key="action">create <item key="object">order <item key="requestor"> <item key="password">fetch <item key="username">tricks <item key="attributes"> <item key="user_id">1003 <item key="handling">process <item key="contacts"> <dt_array> <item key="0"> <item key="address3"/> <item key="state">ny <item key="duns">150483782 <item key="address2">suite 1200 <item key="url">www.example.com <item key="address1">65 State St. <item key="country">us <item key="fax">+1.4165551234 <item key="org_name">acme Ltd. <item key="city">new York <item key="first_name">firstname 16

Create order examples <item key="phone">+1.4165551212 <item key="email">subq@example.com <item key="postal_code">90210 <item key="last_name">lastname </dt_array> <item key="create_items"> <dt_array> <item key="0"> <item key="service">cert <item key="product_data"> <item key="special_instructions">special <item key="server_type">apachessl <item key="approver_email">sunq@example.com <item key="csr"> -----BEGIN CERTIFICATE REQUEST----- MIIByzCCATQCAQAwgYoxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRAwDgYDVQQ HEwdUb 3JvbnRvMQ8wDQYDVQQKEwZUdWNvd3MxCzAJBgNVBAsTAlFBMRgwFgYDVQQDEw9jb3JlbG9n awmwlm luzm8xhzadbgkqhkig9w0bcqewehbhdmvsqhr1y293cy5jb20wgz8wdqyjkozihvcnaqebb QADgY0 AMIGJAoGBAOoJ2jUqcAmtlge2grSbh4LkuPWyi+bvOUV7UEAkTruVoeji8/Jqndyy0XWpMO VERitf 4RcC0t5fbu6YXbZk0xKxkJ+ztcxo8kQZiHtEMJROsRFiQpjqH623pdmE+ye24NSBUhICpga di4kgg QAYsxsxLo1yhSwdXaLjGuegPXcpAgMBAAGgADANBgkqhkiG9w0BAQQFAAOBgQA9BhFzNxPm NCglfA USGsVe3vArA8Xpj0ab06GHQyp5cSsI9zxSqK+sQjkjLRwsywfWxRKpyvIhOwppCPNQAOFSS cfm0dy 9DmavPfAWM6t7zq7dBjDqBkITRohnO+o+el88j45aanbfbPym9uaEn3qZUCacgiBZKKYirc 0nTQ== -----END CERTIFICATE REQUEST----- <item key="period">1 <item key="object_type">quickssl <item key="orderitem_type">new <item key="contact_set"> <item key="admin"> <item key="address3"/> <item key="state">ny <item key="duns">150483782 <item key="address2">suite 1200 <item key="url">www.example.com <item key="address1">65 State St. <item key="country">us <item key="fax">+1.4165551234 <item key="org_name">acme Ltd. 17

SSL Certificates API Guide <item key="city">new York <item key="first_name">firstname <item key="phone">+1.4165551212 <item key="email">subq@example.com <item key="postal_code">90210 <item key="last_name">lastname <item key="tech"> <item key="address3"/> <item key="state">ny <item key="duns">150483782 <item key="address2">suite 1200 <item key="url">www.example.com <item key="address1">65 State St. <item key="country">us <item key="fax">+1.4165551234 <item key="org_name">acme Ltd. <item key="city">new York <item key="first_name">firstname <item key="phone">+1.4165551212 <item key="email">subq@example.com <item key="postal_code">90210 <item key="last_name">lastname <item key="organization"> <item key="address3"/> <item key="state">ny <item key="duns">150483782 <item key="address2">suite 1200 <item key="url">www.example.com <item key="address1">65 State St. <item key="country">us <item key="fax">+1.4165551234 <item key="org_name">acme Ltd. <item key="city">new York <item key="first_name">firstname <item key="phone">+1.4165551212 <item key="email">subq@example.com <item key="postal_code">90210 <item key="last_name">lastname <item key="billing"> <item key="address3"/> <item key="state">ny <item key="duns">150483782 <item key="address2">suite 1200 <item key="url">www.example.com <item key="address1">65 State St. <item key="country">us <item key="fax">+1.4165551234 <item key="org_name">acme Ltd. 18

Create order examples <item key="city">new York <item key="first_name">firstname <item key="phone">+1.4165551212 <item key="email">subq@example.com <item key="postal_code">12345 <item key="last_name">lastname </dt_array> </data_block> </body> </OPS_envelope> Response XML <?xml version='1.0' encoding='utf-8'?> <OPS_envelope> <header> <version>0.9</version> </header> <body> <data_block> <item key="protocol">tpp <item key="version">1.4.0 <item key="action">create:reply <item key="object">order <item key="session_id">osrs-359385 <item key="is_success">1 <item key="response_code">300 <item key="response_text">product requested <item key="attributes"> <item key="status">reserved <item key="create_items"> <dt_array> <item key="0"> <item key="status">provisioning-requested <item key="contact_set"> <item key="organization">53264 <item key="tech">53264 <item key="admin">53264 <item key="billing">53264 <item key="major_code">300 19

SSL Certificates API Guide <item key="ancillary_price">0 <item key="item_id">64037 <item key="term">1 <item key="client_reference"/> <item key="price">6900 <item key="product_item"> <item key="state">requested <item key="description">corelogic0.info <item key="inventory_item_id">52410 <item key="service">cert <item key="expiry_date"/> <item key="product_data"> <item key="period">1 <item key="csr"> -----BEGIN CERTIFICATE REQUEST----- MIIByzCCATQCAQAwgYoxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRAwDgYDVQQ HEwdUb 3JvbnRvMQ8wDQYDVQQKEwZUdWNvd3MxCzAJBgNVBAsTAlFBMRgwFgYDVQQDEw9jb3JlbG9n awmwlm luzm8xhzadbgkqhkig9w0bcqewehbhdmvsqhr1y293cy5jb20wgz8wdqyjkozihvcnaqebb QADgY0 AMIGJAoGBAOoJ2jUqcAmtlge2grSbh4LkuPWyi+bvOUV7UEAkTruVoeji8/Jqndyy0XWpMO VERitf 4RcC0t5fbu6YXbZk0xKxkJ+ztcxo8kQZiHtEMJROsRFiQpjqH623pdmE+ye24NSBUhICpga di4kgg QAYsxsxLo1yhSwdXuegPXcpAgMBAAGgADANBgkqhkiG9w0BAQQFAAOBgQA9BhFzNxPmNCgl fausgs Ve3vArA8Xpj0ab063seUGHQyp5cSsI9zxSqK+sQjkjLRwsywfWxRKpyvIhOwppCPNQAOFSS cfm0dy 9DmavPfAWM6t7zq7dBjDqBkITRohnO+o+el88j45aanbfbPym9uaEn3qZUCacgiBZKKYirc 0nTQ== -----END CERTIFICATE REQUEST----- <item key="server_type">apachessl <item key="approver_email">subq@example.com <item key="special_instructions">special <item key="object_type">quickssl <item key="contact_set"> <item key="organization">53263 <item key="tech">53263 <item key="admin">53263 <item key="billing">53263 <item key="owned_by">1003 <item key="response_text"> Request completed successfully <item key="start_date"/> <item key="response_code">200 20

Create order examples <item key="major_text">product requested </dt_array> <item key="contacts"> <dt_array> <item key="0"> <item key="country">us <item key="last_name">lastname <item key="postal_code">90210 <item key="client_reference"/> <item key="duns">150483782 <item key="phone">+1.4165551212 <item key="org_name">acme Ltd. <item key="first_name">firstname <item key="state">ny <item key="title"/> <item key="address1">65 State St. <item key="address2">suite 1200 <item key="address3"/> <item key="city">new York <item key="fax">+1.41655512344 <item key="url">www.example.com <item key="contact_id">53263 <item key="response_text">request completed successfully <item key="response_code">200 <item key="email">subq@example.com </dt_array> <item key="order_id">48970 <item key="client_reference"/> <item key="price">6900 </data_block> </body> </OPS_envelope> 21

The Approver Object The Query Operation The query operation permits the client to obtain a list of valid approvers for a given domain. Request Key Definitions domain Parameter Allowed Values: domain string A domain name. Required. This key is located in the product_data associative array. The full domain name for which the SSL Certificate is being purchased. Response Key Definitions approver_list Parameter Allowed Values: approver_list associative array List of approver objects. Required. This key is located in the product_data associative array. Approver objects. approver_object Parameter Allowed Values: approver_object associative array Approver details, which are email, domain and approver type. Required. This key is located in the approver_list associative array. 22

The Approver Object email Parameter Allowed Values: email string Approver email address. Required. This key is located in the approver_object associative array. A valid email address. type Parameter Allowed Values: type string Approver type. Required. This key is located in the approver_object associative array. One of domain (parsed from the whois), generic (generated by pre-pending predefined list of prefixes to the domain name), or manual (supplier support address). Query Product Examples Request Perl The format of the approver query request is as follows: { protocol => 'TPP', action => 'query', object => 'product', requestor => { username => '', attributes => { service => 'cert', object_type => 'approver', product_data => { 23

SSL Certificates API Guide domain => '', } Response Perl The format of the query approver response is as follows: { protocol => 'TPP', action => 'query:reply', object => 'product', is_success => '1', response_code => '200', response_text => 'Request completed successfully', attributes => { service => 'cert', object_type => 'approver', product_data => { approver_list => [ { email => '', type => 'DOMAIN', } ] } } Query Approver Examples Request Perl { protocol => 'TPP', version => '1.1', action => 'query', object => 'approver', 24

The Approver Object attributes => { service => 'cert', product_data => { domain => 'domain.tld', } } Response Perl { protocol => 'TPP', action => 'query:reply', object => 'approver', is_success => 1, response_text => 'Request completed successfully', response_code => '200' attributes => { service => 'cert', object_type => 'approver', response_text => 'Request completed successfully', response_code => '200', product_data => { approver_list => [ { type => DOMAIN, email => user@domain.tld, { } } 25

The CSR Object The Parse Operation Once you ve generated a CSR (Certificate Signing Request), use this command to parse that CSR and identify its data elements. Request Keys csr Parameter Allowed Values: csr String Certificate signing request. For more information on the CSR, please review the SSL Certificates RWI 2 User Guide. Required. This key is located in the product_data associative array. A Certificate Signing Request for the required SSL Certificate. Note: For EV type certificates, the CSR must be 2048 bits. Response Keys csr_data Parameter Allowed Values: csr_data associative_array Contains data elements of the CSR. Required. Located in the product_data associative array. Valid CSR data attributes. See below. organization Parameter Allowed Values: organization String Value contained in the organization field of csr_data. Required. This key is located in the csr_data associative array. Organization name. 26

The CSR object organization_unit Parameter Allowed Values: organization_unit String Value contained in the organization_unit field of csr_data. Required. This key is located in the csr_data associative array. Organization name. domain Parameter Allowed Values: domain String Value contained in the domain field of csr_data. Required. This key is located in the csr_data associative array. Domain name. valid_quick_domain Parameter Allowed Values: valid_quick_domain Int Value contained in the valid_quick_domain field of csr_data. Conditional required for QuickSSL Certificates only. This key is located in the csr_data associative array. 1 0 valid_true_domain Parameter valid_true_domain Int Value contained in valid_true_domain field of csr_data. Conditional required for True BusinessID Certificates only. 27

SSL Certificates API Guide Allowed Values: This key is located in the csr_data associative array. 1 0 email Parameter Allowed Values: email String Value contained in the email field of csr_data. Required. This key is located in the scr_data associative array. Email address. country Parameter Allowed Values: country String Value contained in the country field of csr_data. Required. This key is located in the csr_data associative array. Country name. state Parameter Allowed Values: state String Value contained in the state field of csr_data. Required. This key is located in the csr_data associative array. State name. locality Parameter locality String Value contained in the locality field of csr_data. Required. 28

The CSR object Allowed Values: This key is located in the csr_data associative array. City name. has_bad_extensions Parameter Allowed Values has_bad_extensions Int When has_bad_extentions = 0, the CSR can be used. When has_bad_extentions = 1, regenerate the CSR without the unsupported extensions. Required. This key is located in the csr_data associative array. 1 0 Parse CSR Examples Request Perl { 'protocol' => 'TPP', 'version' => '1.2.0', 'action' => 'parse', 'object' => 'csr', 'requestor' => { 'username' => 'reseller_username', 'attributes' => { 'service' => 'cert', 'product_data' => { 'csr' => '-----BEGIN CERTIFICATE REQUEST----- MIIBrTCCAVcCAQAwga0xCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRAw woinxn2sz6rl+4uwyfyowlrgs9ar8zotkakn+l6jyhl4thmlsh+hyymej6sjmtxu XA== -----END CERTIFICATE REQUEST-----', 29

SSL Certificates API Guide }; } Response Perl { 'protocol' => 'TPP', 'version' => '1.2.0', 'action' => 'PARSE:REPLY', 'object' => 'CSR', 'response_text' => 'Request completed successfully', 'response_code' => '200', 'is_success' => '1', 'session_id' => 'OSRS-7103832' 'attributes' => { 'object_type' => 'csr', 'response_code' => '200', 'response_text' => 'Request completed successfully', 'service' => 'cert' 'product_data' => { 'csr_data' => { 'has_bad_extensions' => '0', 'organization' => 'Acme Ltd.', 'state' => 'NY', 'domain' => 'example.com', 'locality' => 'New York', 'email' => 'myemail@example.com', 'valid_true_domain' => '1', 'organization_unit' => 'Section C.', 'country' => 'US', 'valid_quick_domain' => '1' } }; 30

The CSR object Request XML <!DOCTYPE OPS_envelope SYSTEM "ops.dtd"> <OPS_envelope> <header> <version>0.9</version> </header> <body> <data_block> <item key="protocol">tpp <item key="version">1.2.0 <item key="action">parse <item key="object">csr <item key="requestor"> <item key="username">xxxxxxx <item key="attributes"> <item key="service">cert <item key="product_data"> <item key="csr"> -----BEGIN NEW CERTIFICATE REQUEST----- MIIDgjCCAusCAQAwgaYxGTAXBgNVBAMTEGFkZ2FuZy5hYXJodXMuZGsxQTA/BgNV YXJodXMxEDAOBgNVBAgTB0Rlbm1hcmsxCzAJBgNVBAYTAkRLMIGfMA0GCSqGSIb3...... DQEBAQUAA4GNADCBiQKBgQCkYcQFJW2SENfTEfA+4BVoM+/AubBX3HYY4uf/i/id bbtvgubmlj6uouxipgghivkep2iwf4gx+jkevh+8haougjjtbla= -----END NEW CERTIFICATE REQUEST----- 31

SSL Certificates API Guide </data_block> </body> </OPS_envelope> Response XML <?xml version='1.0' encoding='utf-8'?> <OPS_envelope> <header> <version>0.9</version> </header> <body> <data_block> <item key="protocol">tpp <item key="version">1.2.0 <item key="is_success">1 <item key="response_code">200 <item key="response_text">request completed successfully <item key="session_id">osrs-2576180 <item key="action">parse:reply <item key="object">csr <item key="attributes"> <item key="product_data"> <item key="csr_data"> <item key="state">xxxx <item key="organization">acme Ltd. <item key="valid_quick_domain">1 <item key="country">us <item key="has_bad_extensions">0 32

The CSR object <item key="organization_unit">xxxxxx <item key="domain">example.com <item key="valid_true_domain">1 <item key="email">svd@example.com <item key="locality">xxxxx <item key="service">cert <item key="response_text">request completed successfully <item key="object_type">csr <item key="response_code">200 </data_block> </body> </OPS_envelope> 33

Resend Approver or Certificate Email This command enables you to resend the Approver email or the email containing the SSL Certificate. Note: You cannot request both the Approver email and the SSL Certificate email for the same Certificate using the same, single command. In order to request the SSL Certificate email, the order must be completed. Request Keys manage_items Parameter Allowed Values: manage_items Associative array Associative array for managing an order item. Required. Within the attributes associative array. Values are variable. product_data Parameter Allowed Values: product_data Associative array Contains the parameters (for example, resend email-type) for each Certificate. Required. Within the manage_items associative array. Values are variable. subaction Parameter Allowed Values: subaction String action Required. Within the product_data associative array. resend_email 34

Resend Approver or Certificate Email param Parameter Allowed Values: param String Identifies which email (Approver or SSL Certificate) to resend. Required. Within the product_data associative array. ApproverEmail or FulfillmentEmail Request Perl { 'protocol' => 'TPP', 'action' => 'update', 'object' => 'order', 'requestor' => { 'password' => 'asecret', 'username' => 'stevenvand' 'attributes' => { 'object_type' => 'approver', 'order_id' => '14737', 'cancel_items' => [ {} ], 'service' => 'cert', 'create_items' => [ {} ], 'manage_items' => [ { 'product_data' => { 'subaction' => 'resend_email', 'param' => 'ApproverEmail' 35

SSL Certificates API Guide 'service' => 'cert', 'item_id' => '18464' } ], 'update_items' => [ {} ] } }; Response PERL { 'protocol' => 'TPP', 'version' => '1.4.0', 'session_id' => 'OSRS-5575809', 'action' => 'UPDATE:REPLY', 'object' => 'ORDER', 'response_code' => '200', 'is_success' => '1', 'response_text' => 'Request completed successfully', 'attributes' => { 'price' => '6900', 'update_items' => [], 'reverse_items' => [] 'contacts' => [], 'client_reference' => '', 'status' => 'reserved', 'order_id' => '14737', 'cancel_items' => [], 'create_items' => [], 'manage_items' => [ { 'product_item' => { 'product_data' => { 'subaction' => 'resend_email', 36

Resend Approver or Certificate Email 'param' => 'ApproverEmail' 'response_text' => 'Request completed successfully', 'response_code' => '200', 'service' => 'cert' 'client_reference' => '', 'status' => '', 'contact_set' => { 'price' => '0', 'major_code' => '200', 'major_text' => 'Request completed successfully', 'item_id' => '18464' } ], } }; Request XML <?xml version='1.0' encoding='utf-8'?> <OPS_envelope> <header> <version>0.9</version> </header> <body> <data_block> <item key="protocol">tpp <item key="action">update <item key="object">order <item key="requestor"> <item key="password">asecret <item key="username">stevenvand 37

SSL Certificates API Guide <item key="attributes"> <item key="service">cert <item key="object_type">approver <item key="order_id">14737 <item key="manage_items"> <dt_array> <item key="0"> <item key="service">cert <item key="product_data"> <item key="subaction">resend_email <item key="param">approveremail <item key="item_id">18464 </dt_array> <item key="cancel_items"> <dt_array> <item key="0"> <dt_assoc/> </dt_array> <item key="create_items"> <dt_array> <item key="0"> <dt_assoc/> </dt_array> 38

Resend Approver or Certificate Email <item key="update_items"> <dt_array> <item key="0"> <dt_assoc/> </dt_array> </data_block> </body> </OPS_envelope> Response XML <?xml version='1.0' encoding='utf-8' standalone='no'?> <OPS_envelope> <header> <version>0.9</version> </header> <body> <data_block> <item key="protocol">tpp <item key="version">1.4.0 <item key="action">update:reply <item key="object">order <item key="session_id">osrs-5575809 <item key="is_success">1 <item key="response_code">200 <item key="response_text">request completed successfully <item key="attributes"> <item key="order_id">14737 <item key="price">6900 39

SSL Certificates API Guide successfully <item key="client_reference"/> <item key="status">reserved <item key="manage_items"> <dt_array> <item key="0"> <item key="status"/> <item key="contact_set"> <dt_assoc/> <item key="major_code">200 <item key="item_id">18464 <item key="price">0 <item key="client_reference"/> <item key="product_item"> <item key="service">cert <item key="product_data"> <item key="subaction">resend_email successfully <item key="param">approveremail <item key="response_code">200 <item key="major_text">request completed </dt_array> <item key="create_items"> <dt_array/> 40

Resend Approver or Certificate Email <item key="reverse_items"> <dt_array/> <item key="update_items"> <dt_array/> <item key="contacts"> <dt_array/> <item key="cancel_items"> <dt_array/> </data_block> </body> </OPS_envelope> 41

Renew SSL Certificate Command A renewal order has the same format as a new order and parameter orderitem_type accepts a value for renewal as well as for new. Key Definitions for the create_items Associative Array inventory_item_id Parameter inventory_item_id int The inventory item ID of the SSL Certificate you want to renew. Required when orderitem_type = renewal. Allowed Values: create_items associative array Valid inventory item ID. orderitem_type Parameter Allowed Values: orderitem_type string The type of order, for example, renewal. Required. create_items associative array For renewal orders, use renewal. Examples Request Perl { 'protocol' => 'TPP', 'version' => '1.4.0', 'action' => 'CREATE', 'object' => 'ORDER', 'requestor' => { 'username' => 'robson' 'attributes' => { 42

Renew SSL Certificate Command 'contacts' => [ { 'id' => '102' { 'id' => '102' { 'id' => '102' } ], 'create_items' => [ { 'product_data' => { 'server_count' => '1', 'approver_email' => 'support_preprod@geotrust.com', 'period' => '1', 'csr' => ' -----BEGIN CERTIFICATE REQUEST----- MIIByzCCATQCAQAwgYoxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRAw DgYDVQQHEwdUb3JvbnRvMQ8wDQYDVQQKEwZUdWNvd3MxCzAJBgNVBAsTAlFBMRgw FgYDVQQDEw9jb3JlbG9naWMwLmluZm8xHzAdBgkqhkiG9w0BCQEWEHBhdmVsQHR1 Y293cy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALKNXdEUmJ2CpLLg 1Qf1A3OItIldstCjQxNwtojiqWOrzG49mKB0SDSV3ny+OOyv1BhshFlvHM9CSeqn wtcnpekguuw1+q0ucvgeuuolm0lu35ppprhiir4zmohctqq40uk+z4dth2nzq8dl /r53rtrrylwrccrxd0ns6ykvdqivagmbaaggadanbgkqhkig9w0baqqfaaobgqa6 kbfksh30bcev903hkbwmszhngkkkwhp3gz/hzumfdelr6zf3alab7wa4zctf0zz5 4b1r2txzHdf45gctJiL22hdZQQcJZ1q0ed2yMUyaPQHqOUYng9ZthZxmLmVzv7/N /yvbd0pjhv1omew1qtzxukbudbqubt+ce19ufwv5iw== -----END CERTIFICATE REQUEST----- ', 'server_type' => 'apacheopenssl' 'object_type' => 'starterssl', 43

SSL Certificates API Guide 'contact_set' => { 'admin' => '0', 'tech' => '2', 'billing' => '1' 'orderitem_type' => 'renewal', 'service' => 'cert', 'inventory_item_id' => '49653' } ], 'cancel_items' => [], 'update_items' => [], 'user_id' => '1003', 'handling' => 'save' } }; Response Perl { 'protocol' => 'TPP', 'version' => '1.4.0', 'action' => 'create:reply', 'object' => 'order', 'session_id' => 'OSRS-330325', 'is_success' => '1', 'response_code' => '200', 'response_text' => 'Request completed successfully', 'attributes' => { 'contacts' => [ { 'duns' => '150483782', 'client_reference' => '', 'address3' => '', 'org_name' => 'Acme Ltd.', 'state' => 'NY', 'last_name' => 'Sanford', 44

Renew SSL Certificate Command 'email' => 'svd@example.com', 'city' => 'New York', 'response_text' => 'Request completed successfully', 'postal_code' => '90210', 'fax' => '+1.4165551234', 'url' => 'www.example.com', 'contact_id' => '102', 'country' => 'US', 'phone' => '+1.4165551212', 'response_code' => '200', 'address2' => 'Suite 1200', 'address1' => '65 State St.', 'title' => 'Mr.', 'first_name' => 'Steven' { 'duns' => '150483782', 'client_reference' => '', 'address3' => '', 'org_name' => 'Acme Ltd.', 'state' => 'NY', 'last_name' => 'Sanford', 'email' => '', 'city' => 'New York', 'response_text' => 'Request completed successfully', 'postal_code' => '90210', 'fax' => '+1.4165551234', 'url' => 'www.example.com', 'contact_id' => '102', 'country' => 'US', 'phone' => '+1.4165551212', 'response_code' => '200', 'address2' => '', 'address1' => '65 State St.', 'title' => 'Mr.', 45

SSL Certificates API Guide 'first_name' => 'Steven' { 'duns' => '150483782', 'client_reference' => '', 'address3' => '', 'org_name' => '', 'state' => '', 'last_name' => '', 'email' => '', 'city' => '', 'response_text' => 'Request completed successfully', 'postal_code' => '', 'fax' => '', 'url' => '', 'contact_id' => '102', 'country' => '', 'phone' => '', 'response_code' => '200', 'address2' => '', 'address1' => '', 'title' => '', 'first_name' => '' } ], 'client_reference' => '', 'create_items' => [ { 'client_reference' => '', 'status' => 'validated', 'major_code' => '200', 'item_id' => '61824', 'term' => '1', 'product_item' => { 'product_data' => { 46

Renew SSL Certificate Command 'approver_email' => 'support_preprod@geotrust.com', 'server_count' => '1', 'period' => '1', 'csr' => ' -----BEGIN CERTIFICATE REQUEST----- MIIByzCCATQCAQAwgYoxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRAw DgYDVQQHEwdUb3JvbnRvMQ8wDQYDVQQKEwZUdWNvd3MxCzAJBgNVBAsTAlFBMRgw FgYDVQQDEw9jb3JlbG9naWMwLmluZm8xHzAdBgkqhkiG9w0BCQEWEHBhdmVsQHR1 Y293cy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALKNXdEUmJ2CpLLg 1Qf1A3OItIldstCjQxNwtojiqWOrzG49mKB0SDSV3ny+OOyv1BhshFlvHM9CSeqn wtcnpekguuw1+q0ucvgeuuolm0lu35ppprhiir4zmohctqq40uk+z4dth2nzq8dl /r53rtrrylwrccrxd0ns6ykvdqivagmbaaggadanbgkqhkig9w0baqqfaaobgqa6 kbfksh30bcev903hkbwmszhngkkkwhp3gz/hzumfdelr6zf3alab7wa4zctf0zz5 4b1r2txzHdf45gctJiL22hdZQQcJZ1q0ed2yMUyaPQHqOUYng9ZthZxmLmVzv7/N /yvbd0pjhv1omew1qtzxukbudbqubt+ce19ufwv5iw== -----END CERTIFICATE REQUEST----- ', 'server_type' => 'apacheopenssl' 'object_type' => 'starterssl', 'service' => 'cert' 'contact_set' => { 'admin' => '102', 'tech' => '102', 'billing' => '102' 'price' => '6900', 'ancillary_price' => '0', 'major_text' => 'Request completed successfully' } ], 'status' => 'pending-process', 'order_id' => '47156', 'price' => '6900' 47

SSL Certificates API Guide }; } Request XML <?xml version='1.0' encoding="utf-8" standalone="no"?> <OPS_envelope> <header> <version>0.9</version> </header> <body> <data_block> <item key="version">1.4.0 <item key="protocol">tpp <item key="action">create <item key="object">order <item key="attributes"> <item key="user_id">1003 <item key="create_items"> <dt_array> <item key="0"> <item key="contact_set"> <item key="tech">2 <item key="admin">0 <item key="billing">1 <item key="inventory_item_id">49653 <item key="service">cert <item key="product_data"> <item key="period">1 <item key="csr"> 48

Renew SSL Certificate Command -----BEGIN CERTIFICATE REQUEST----- MIIByzCCATQCAQAwgYoxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRAw DgYDVQQHEwdUb3JvbnRvMQ8wDQYDVQQKEwZUdWNvd3MxCzAJBgNVBAsTAlFBMRgw FgYDVQQDEw9jb3JlbG9naWMwLmluZm8xHzAdBgkqhkiG9w0BCQEWEHBhdmVsQHR1 Y293cy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALKNXdEUmJ2CpLLg 1Qf1A3OItIldstCjQxNwtojiqWOrzG49mKB0SDSV3ny+OOyv1BhshFlvHM9CSeqn wtcnpekguuw1+q0ucvgeuuolm0lu35ppprhiir4zmohctqq40uk+z4dth2nzq8dl /r53rtrrylwrccrxd0ns6ykvdqivagmbaaggadanbgkqhkig9w0baqqfaaobgqa6 kbfksh30bcev903hkbwmszhngkkkwhp3gz/hzumfdelr6zf3alab7wa4zctf0zz5 4b1r2txzHdf45gctJiL22hdZQQcJZ1q0ed2yMUyaPQHqOUYng9ZthZxmLmVzv7/N /yvbd0pjhv1omew1qtzxukbudbqubt+ce19ufwv5iw== -----END CERTIFICATE REQUEST----- <item key="approver_email">support_preprod@geotrust.com <item key="server_type">apacheopenssl <item key="server_count">1 <item key="orderitem_type">renewal <item key="object_type">starterssl </dt_array> <item key="update_items"> <dt_array/> <item key="contacts"> <dt_array> <item key="0"> <item key="id">102 49

SSL Certificates API Guide <item key="1"> <item key="id">102 <item key="2"> <item key="id">102 </dt_array> <item key="cancel_items"> <dt_array/> <item key="handling">save <item key="requestor"> <item key="username">orange </data_block> </body> </OPS_envelope> Response XML <?xml version='1.0' encoding='utf-8'?> <OPS_envelope> <header> <version>0.9</version> </header> <body> 50

Renew SSL Certificate Command <data_block> <item key="protocol">tpp <item key="version">1.4.0 <item key="action">create:reply <item key="object">order <item key="response_text">request completed successfully successfully <item key="response_code">200 <item key="is_success">1 <item key="session_id">osrs-330325 <item key="attributes"> <item key="contacts"> <dt_array> <item key="0"> <item key="phone"/> <item key="response_text">request completed <item key="contact_id">102 <item key="title"/> <item key="postal_code"/> <item key="org_name"/> <item key="address1"/> <item key="last_name"/> <item key="fax"/> <item key="duns">150483782 <item key="address2"/> <item key="country"/> <item key="response_code">200 <item key="client_reference"/> <item key="url"/> <item key="email"/> <item key="address3"/> <item key="state"/> 51

SSL Certificates API Guide <item key="first_name"/> <item key="city"/> <item key="1"> <item key="phone"/> <item key="response_text">request completed successfully <item key="contact_id">102 <item key="title"/> <item key="postal_code"/> <item key="org_name"/> <item key="address1"/> <item key="last_name"/> <item key="fax"/> <item key="duns">150483782 <item key="address2"/> <item key="country"/> <item key="response_code">200 <item key="client_reference"/> <item key="url"/> <item key="email"/> <item key="address3"/> <item key="state"/> <item key="first_name"/> <item key="city"/> <item key="2"> <item key="phone"/> <item key="response_text">request completed successfully <item key="contact_id">102 <item key="title"/> 52

Renew SSL Certificate Command <item key="postal_code"/> <item key="org_name"/> <item key="address1"/> <item key="last_name"/> <item key="fax"/> <item key="duns">150483782 <item key="address2"/> <item key="country"/> <item key="response_code">200 <item key="client_reference"/> <item key="url"/> <item key="email"/> <item key="address3"/> <item key="state"/> <item key="first_name"/> <item key="city"/> </dt_array> <item key="create_items"> <dt_array> <item key="0"> <item key="term">1 <item key="price">6900 <item key="major_code">200 <item key="client_reference"/> <item key="major_text">request completed successfully <item key="ancillary_price">0 <item key="status">validated <item key="item_id">61824 <item key="product_item"> <item key="service">cert 53

SSL Certificates API Guide <item key="object_type">starterssl <item key="product_data"> <item key="csr"> -----BEGIN CERTIFICATE REQUEST----- MIIByzCCATQCAQAwgYoxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRAw DgYDVQQHEwdUb3JvbnRvMQ8wDQYDVQQKEwZUdWNvd3MxCzAJBgNVBAsTAlFBMRgw FgYDVQQDEw9jb3JlbG9naWMwLmluZm8xHzAdBgkqhkiG9w0BCQEWEHBhdmVsQHR1 Y293cy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALKNXdEUmJ2CpLLg 1Qf1A3OItIldstCjQxNwtojiqWOrzG49mKB0SDSV3ny+OOyv1BhshFlvHM9CSeqn wtcnpekguuw1+q0ucvgeuuolm0lu35ppprhiir4zmohctqq40uk+z4dth2nzq8dl /r53rtrrylwrccrxd0ns6ykvdqivagmbaaggadanbgkqhkig9w0baqqfaaobgqa6 kbfksh30bcev903hkbwmszhngkkkwhp3gz/hzumfdelr6zf3alab7wa4zctf0zz5 4b1r2txzHdf45gctJiL22hdZQQcJZ1q0ed2yMUyaPQHqOUYng9ZthZxmLmVzv7/N /yvbd0pjhv1omew1qtzxukbudbqubt+ce19ufwv5iw== -----END CERTIFICATE REQUEST----- <item key="period">1 <item key="server_count">1 <item key="approver_email">support_preprod@geotrust.com <item key="server_type">apacheopenssl <item key="contact_set"> <item key="billing">102 <item key="tech">102 <item key="admin">102 54

Renew SSL Certificate Command </dt_array> <item key="price">6900 <item key="client_reference"/> <item key="status">pending-process <item key="order_id">47156 </data_block> </body> </OPS_envelope> 55

SSL Certificate Error Codes The following table lists the SSL Certificates error codes with an explanation of the error. Error code Corresponding error message SSL Certificate 20004 Can't get supplier client from pool 20008 Database error occurred 20005 Invalid data 20006 Data is missing 20007 Validation Failed 20019 CSR Invalid 20020 CSR can not be parsed 20021 CSR signature invalid 20022 CSR Country code invalid 20023 Contains unsupported extensions 20024 CSR Invalid CN - Invalid characters 20025 CSR Invalid CN - Appears to be an IP address 20026 CSR Invalid CN - Does not contain at least one period 20027 CSR Invalid CN - Wildcard not supported 20028 CSR restricted string found 20029 Invalid field in CSR 20030 Required field missing in CSR 20031 CSR Invalid - CN ends with dot 20032 CSR Invalid CN - CN is too short 20033 CSR Invalid - maximum length exceeded Contact 10545 Contact not found 11002 Field(s) too long 11001 Missing required field(s) 11003 Syntax Error General 200 Command completed successfully 56

SSL Certificate Error Codes Error code Corresponding error message 300 Async Request has been sent 500 Internal Server Error 9000 Invalid Contact Id 9001 Missing mandatory contact list 9002 The action is not supported 9003 The object is not supported 9004 Communication Error during mutable operation 9005 Communication Error during immutable operation 9006 Integrity/Inconsistency in DB found 9007 Request not accepted by supplier 9008 Unsupported custom action 9009 Required attribute is missing 9010 Invalid attribute value 10501 Invalid reseller 10508 Action not implemented 10509 Invalid order item 10510 Database Inconsistent 10511 Object not found 57

Revisions and Updates April 28,2009 Added the following SSL types to the object_type parameter: "truebizidev", "securesite", "securesitepro", "securesiteev", "securesiteproev", "ssl123", "sgcsupercerts", "sslwebserver", "sslwebserverwildcard", "sslwebserverev", "verisigncsc", and "thawtecsc". Incremented version number to 3.0. February 29, 2008 Replaced the term Digital Certificates with SSL Certificates. September 5, 2006 Incremented document version number to 2.9.6. Updated Modification of Order Items section to indicate that, for updates, username is required. This functionality is available on the Horizon system on August 29, 2006, and will be live on September 5, 2006. Updated Key Definitions for the contact-set Associative Array to indicate that the fax number is optional for True Business ID. This functionality is available on the Horizon system on August 29, 2006, and will be live on September 5, 2006. June 5, 2006 Incremented document version number to 2.9.5. Added examples for Create Order command, and added definition for special_instructions parameter. January 26, 2006 Incremented document version number to 2.9.4. Added command Renew Certificate with examples. June 20, 2005 Incremented document version number to 2.9.0. May 10, 2004 Revised document versioning system, whereby the version number of all documents is incremented to match the version number of the OpenSRS Client Code. The version number of this document may not increment sequentially. 58

Revisions and Updates Character limit for RWI 2 username and respective password has changed. Usernames must be 1 256 characters; passwords must be 3 256. RWI 2 user passwords cannot contain special characters. Creation of a new user will fail if you attempt to submit "!", "@", or "#" in the password. Added new command, Resend Approver or Certificate Email, which resends the Approver email or the email containing the Digital Certificate, sent by GeoTrust. Updated Error Codes section to include CSR error codes. October 29, 2003 Implemented document versioning system, whereby version number changed to 2.1.9. This is the starting number for the new versioning system and does not indicate any major changes to the documentation or the product. Future version number changes will indicate a change to the product. October 22, 2003 Added new command, The Parse Operation, which enables the parsing of CSRs. September 23, 2003 Added error codes. 59

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information