# Global Certificate Management

# Create a Global Certificate

# Description

Create a Global Certificate

# URI

POST /admin-api/global/1/certs

# URI Parameters

  • label:

    type: string

    required: no

    description: label for the certificate

  • server_cert

    type: string

    required: no (when attempting to manually upload a certificate, it's required)

    description: end-entity certificate in pem format

  • priv_key

    type: string

    required: no (when attempting to manually upload a certificate, it's required)

    description: private key in pem format

  • cert_chain:

    type: string

    required: no

    description: certificate chain, usually no need to upload

  • client_verify

    type: boolean

    required: no

    description: Whether the certificate is used for client certificate validation, the default value is false.

  • ca_cert

    type: string

    required: no (when attempting to enable client_verify, it's required)

    description: the field is required when using client certificate verification. The client certificate is signed using this ca

  • acme_host

    type: string

    required: no (when attempting to issue certificate via ACME, it's required)

    description: signing a certificate using acme, only wildcard domain name can be signed here.

  • acme_providers

    type: integer

    required: no

    description: use the certificate issuer that supports ACME as defined in the global configuration. If not specified, Let's Encrypt will be used

# Example Request

# Shell

curl -X POST \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  http://{admin-site}/admin-api/global/1/certs \
  -d '{"acme_host":"*.example.com"}'

# Example Response

Status: 200 OK
{
  "data": {"id": 1},
  "status": 0
}

# Get the global certificate list

# Description

Get the global certificate list

# URI

GET /admin-api/global/1/certs

# Example Request

# Shell

curl \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  http://{admin-site}/admin-api/global/1/certs

# Example Response

Status: 200 OK
{
  "data": [
    {
      "client_verify": false,
      "id": 1,
      "server_cert": "-----BEGIN CERTIFICATE----- xxxx",
      "acme_host": "*.example.com",
      "expdate": 123456789
    }
  ],
  "status": 0
}

# Update the Global certificate

# Description

Update the Global certificate

# URI

PUT /admin-api/global/1/certs/{cert_id}

# Example Request

# Shell

curl -X PUT \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  http://{admin-site}/admin-api/global/1/certs/1 \
  -d '{"acme_host": "*.test.com"}'

# Example Response

Status: 200 OK
{"status":0}

# Delete the certificate from global

# Description

Delete the certificate from global

# URI

DELETE /admin-api/global/1/certs/{cert_id}

# Example Request

# Shell

curl -X DELETE \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  http://{admin-site}/admin-api/global/1/certs/1 \

# Example Response

Status: 200 OK
{ "status": 0 }

# Create ACME Provider

# Description

Create ACME Provider

# URI

POST /admin-api/global/1/acme_providers

# URI Parameters

  • name

    type: string

    required: yes

    description: name of ACME Provider

  • endpoint

    type: string

    required: yes

    description: endpoint(URI) of ACME Provider

  • eab_kid

    type: string

    required: yes

    description: EAB_KEY_ID field of ACME Provider

  • eab_hmac_key

    type: string

    required: yes

    description: EAB_HMAC_KEY field of ACME Provider

  • email

    type: string

    required: no

    description: email address

# Example Request

# Shell

curl -X POST \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  http://{admin-site}/admin-api/global/1/acme_providers \
  -d '{"name":"ZeroSSL","endpoint": "https://acme.zerossl.com/v2/DV90","eab_kid":"EAB_KEY_ID","eab_hmac_key":"EAB_HMAC_KEY"}'

# Example Response

Status: 200 OK
{
  "data": {"id": 1},
  "status": 0
}

# Get the ACME Provider list

# Description

Get the ACME Provider list

# URI

GET /admin-api/global/1/acme_providers

# Example Request

# Shell

curl \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  http://{admin-site}/admin-api/global/1/acme_providers

# Example Response

Status: 200 OK
{
  "data": [
    {
      "id": 1,
      "name": "ZeroSSL",
      "endpoint": "https://acme.zerossl.com/v2/DV90",
      "eab_kid": "EAB_KEY_ID",
      "eab_hmac_key": "EAB_HMAC_KEY"
    }
  ],
  "status": 0
}

# Update the ACME Provider

# Description

Update the ACME Provider

# URI

PUT /admin-api/global/1/acme_providers/{provider_id}

# Example Request

# Shell

curl -X PUT \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  http://{admin-site}/admin-api/global/1/acme_providers/1 \
  -d '{"eab_kid":"EAB_KEY_ID_2"}'

# Example Response

Status: 200 OK
{"status":0}

# Delete the ACME Provider

# Description

Delete the ACME Provider

# URI

DELETE /admin-api/global/1/acme_providers/{provider_id}

# Example Request

# Shell

curl -X DELETE \
  -H "API-Token: 1df87165-3593-4eca-a910-9ac20005e6ec" \
  http://{admin-site}/admin-api/global/1/acme_providers/1 \

# Example Response

Status: 200 OK
{"status": 0}