For partners

/
/
/
/
Reselling SSL certificates

Reselling SSL certificates

This article contains API requests that allow you to work with certificates at https://api-eu.ispmanager.com

SSL certificate ID's
NameFor Russian clients (pricelist)For foreign clients (pricelist)
GlobalSign EV SSL5533055352
GlobalSign OrganizationSSL WildCard5532955351
GlobalSign OrganizationSSL5532855350
GlobalSign DomainSSL Wildcard5532755349
GlobalSign DomainSSL5532655348
AlphaSSL Wildcard5532555347
AlphaSSL5532455346
Comodo EV SSL certificate5515355153
Comodo PositiveSSL Wildcard2765027650
Comodo PositiveSSL Multi Domain (включено 3 домена)2764827648
Comodo Positive SSL30333033
Comodo Premium WildCard20282028
Comodo Essential SSL WildCard20272027
Comodo Instant SSL20262026
Comodo Essential SSL20252025
DigiСert Secure Site with EV20232023
DigiСert Secure Site20212021
GeoTrust True BusinessID WildCard20202020
GeoTrust True BusinessID20192019
GeoTrust DV SSL20182018
Thawte SSL Web Server with EV20152015
Thawte SSL Wildcard20142014
Thawte SSL Web Server20122012
GeoTrust True BusinessID with EV10321032
Thawte SSL12310131013
RapidSSL Wildcard10121012
RapidSSL10111011

Available actions:

  1. Order SSL-certificate
  2. Order SSL certificate with an existing CSR
  3. Issue an existing certificate
  4. Reissue certificate
  5. Delete certificate
  6. Get a list of countries with digital codes
  7. Receive data to confirm SSL certificate
  8. Re-request for DNS validation
  9. Re-request for email validation

API address of ispmanager billing system: https://api-eu.ispmanager.com.

Authorization in the system is performed using the parameter authinfo, which takes the value authinfo=EMAIL:PASSWORD, where:

To order certificates for multiple domains, you must pass additional domains written with a space in the altname and altname_input parameters.

Examples of ordering a secret key and SSL certificate for multiple domains. The remaining queries are generated in the same way as the examples.

For GET requests use "%20" instead of a space to correctly process the request; for POST-requests the space is kept.

Order SSL certificate

Ordering SSL-certificate consists of 2 steps:

  1. Get the secret key or Get the secret key for multiple domains.
  2. Order SSL certificate or Order an SSL certificate for multiple domains.

Get the secret key

To get the secret key, send the following request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.order.csr&sok=ok&snext=ok&crt_type=generate&field_country=COUNTRY&period=12&pricelist=PRICELIST&CN=DOMAIN&ST=REGION&L=CITY&O=ORGANIZATION&OU=ORG_UNIT&emailAddress=EMAIL

The order is made using the certificate.order.csr function, which has the parameters:

  • authinfo – billing access data in EMAIL:PASSWORD format;
  • field_country – country code (182 - Russia);
  • period – period in months (12 or 24);
  • pricelist – tariff plan ID (see Table of certificate ID's );
  • CN – domain;
  • ST – region;
  • L – city;
  • O – organization;
  • OU – department (optional);
  • emailAddress – e-mail (optional).

If the response is successful, the model.csr and model.key fields will contain the request and the key, which must be saved for future use.

Get the secret key for multiple domains

To get the secret key for multiple domains, you need to send the following request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.order.csr&sok=ok&snext=ok&crt_type=generate&field_country=COUNTRY&period=12&pricelist=PRICELIST&CN=DOMAIN&ST=REGION&L=CITY&O=ORGANIZATION&OU=ORG_UNIT&emailAddress=EMAIL&altname_input=example1.com%20example2.com&altname=example1.com%20example2.com

Order SSL certificate

To order an SSL certificate, you need to send the following request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.order.param&sok=ok&skipbasket=on&crt_type=generate&field_country=COUNTRY&period=12&pricelist=PRICELIST&CN=DOMAIN&ST=REGION&L=CITY&O=ORGANIZATION&OU=ORG_UNIT&emailAddress=EMAIL&adm_fname=NAME&adm_lname=LASTNAME&adm_jtitle=POSITION&adm_email=EMAIL&adm_phone=PHONE&tech_fname=NAME&tech_lname=LASTNAME&tech_jtitle=POSITION&tech_email=EMAIL&tech_phone=PHONE&approver_email_1=EMAIL&csr=CSR&key=KEY

The order is executed using the certificate.order.param function, which contains the following parameters:

  • authinfo – billing access data in EMAIL:PASSWORD format;
  • skipbasket – when passing the value on, adding to cart will be skipped, and the payment will be immediately debited from the personal account;
  • field_country – country code (182 - Russia);
  • period – period in months(12 или 24);
  • pricelist – tariff plan ID (see Table of certificate ID's);
  • CN – domain;
  • ST – region;
  • L – city;
  • O – organization;
  • OU – department (optional);
  • emailAddress – e-mail (optional);
  • adm_fname – the administrative contact name;
  • adm_lname – the administrative contact last name;
  • adm_jtitle – the administrative contact position;
  • adm_email – the administrative contact e-mail;
  • adm_phone – the administrative contact phone number;
  • tech_fname – the technical contact name;
  • tech_lname – the technical contact last name;
  • tech_jtitle – the technical contact position;
  • tech_email – the technical contact e-mail;
  • tech_phone – the technical contact phone number;
  • approver_email_1 – the email address for certificate confirmation; this e-mail must be one of the following, where DOMAIN - the domain, sent in the CN parameter:
    • admin@DOMAIN;
    • administrator@DOMAIN;
    • hostmaster@DOMAIN;
    • postmaster@DOMAIN;
    • webmaster@DOMAIN;
  • csr - the csr key received when getting a secret key;
  • key - the key received when getting a secret key.

Order SSL certificate for multiple domains

To order an SSL certificate for multiple domains, you need to send the following request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.order.param&sok=ok&skipbasket=on&crt_type=generate&field_country=COUNTRY&period=12&pricelist=PRICELIST&CN=DOMAIN&ST=REGION&L=CITY&O=ORGANIZATION&OU=ORG_UNIT&emailAddress=EMAIL&adm_fname=NAME&adm_lname=LASTNAME&adm_jtitle=POSITION&adm_email=EMAIL&adm_phone=PHONE&tech_fname=NAME&tech_lname=LASTNAME&tech_jtitle=POSITION&tech_email=EMAIL&tech_phone=PHONE&csr=CSR&key=KEY&altname_input=example1.com%20example2.com&altname=example1.com%20example2.com&approver_email_1=EMAIL&approver_email_2=EMAIL2&approver_email_3=EMAIL3&addon_55364=2

If the domain is verified by email, you need to pass the parameters approver_email_n with the value of email for verification, where n is the order of domains (1 is the main one, and 2, 3, etc. are the additional ones).

So, it is necessary to additionally pass approver_email_2 and approver_email_3 The rules for them are the same as for approver_email_1, but the domain must match the domain from the alt name parameter. For example, in the request above approver_email_2 could be admin@example1.com, administrator@example1.com, etc.

Also, in the addon_{SSL code} parameter, you must pass the number of domains that were recorded as additional.

In the example request above – addon_55364=2. where:
  • 55364 – means ordering a multi-domain certificate from GlobalSign DomainSSL;
  • 2 –2 additional domains in the certificate.

Order SSL certificate with an existing CSR

To order an SSL certificate, you need to send the following request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.order.param&sok=ok&skipbasket=on&crt_type=manual&period=12&pricelist=PRICELIST&adm_fname=NAME&adm_lname=LASTNAME&adm_jtitle=POSITION&adm_email=EMAIL&adm_phone=PHONE&tech_fname=NAME&tech_lname=LASTNAME&tech_jtitle=POSITION&tech_email=EMAIL&tech_phone=PHONE&approver_email_1=EMAIL&csr=CSR

The order is executed using the certificate.order.param function, which contains the following parameters:

  • authinfo – billing access data in EMAIL:PASSWORD format;
  • skipbasket – when passing the value on, adding to cart will be skipped, and the payment will be immediately debited from the personal account;
  • period – period in months (12 or 24);
  • pricelist – tariff plan (see Table of certificate ID's);
  • adm_fname – the administrative contact name;
  • adm_lname – the administrative contact last name;
  • adm_jtitle – the administrative contact position;
  • adm_email – the administrative contact e-mail;
  • adm_phone – the administrative contact phone number;
  • tech_fname – the technical contact name;
  • tech_lname – the technical contact last name;
  • tech_jtitle – the technical contact position;
  • tech_email – the technical contact e-mail;
  • tech_phone – the technical contact phone number;
  • approver_email_1 –the email address for certificate confirmation; this e-mail must be one of the following, where DOMAIN - the domain, sent in the CN parameter:
    • admin@DOMAIN;
    • administrator@DOMAIN;
    • hostmaster@DOMAIN;
    • postmaster@DOMAIN;
    • webmaster@DOMAIN;
  • csr - csr key.

Download an existing certificate

The existing SSL certificate download is performed with the certificate.file function. ORDER_ID is the certificate ID.

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&func=certificate.file&elid=ORDER_ID&type=crt

Reissue certificate

The SSL certificate reissue is performed with the certificate.reissue function. The elid parameter defines the certificate to be reissued

To reissue an SSL certificate, you need to send a request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.reissue.step2&elid={ID сертификата}&crt_type=oldrequest&approver_method=auth_email&sok=ok&approver_email_1={email to confirm main domain}&approver_email_{i}={email to confirm additional domain}
Explanation
approver_email_{domain index} — used to specify mail when reissuing a certificate with additional domains. The index of the main domain is 1, for additional domains the index starts from 2. On reissue crt_type=oldrequest, the order of the index for approver_email is determined based on the order of the additional domains in the altname node received in the response to the request func=certificate.edit&elid={certificate ID}.

To reissue an SSL certificate with a new CSR, you need to send a request:

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.reissue.step2&elid={certificate ID}&crt_type=manual&approver_method=auth_email&sok=ok&csr={urlencoded CSR}&approver_email_1={email to confirm main domain}&approver_email_{i}={email to confirm additional domain}
Explanation
approver_email_{domain index} — used to specify mail when reissuing a certificate with additional domains. The index of the main domain is 1, for additional domains the index starts from 2. On reissue crt_type=oldrequest, the order of the index for approver_email is determined based on the order of the additional domains in the altname node received in the response to the request func=certificate.edit&elid={certificate ID}.

To reissue an SSL certificate indicating new domains, you need to send a request: 

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.reissue.step2&elid={certificate ID}&crt_type=altname&approver_method=auth_email&sok=ok&altname={urlencoded list of additional domains with a space}&approver_email_1={email to confirm main domain}&approver_email_{i}={email to confirm additional domain}
Explanation
approver_email_{domain index} — used to specify mail when reissuing a certificate with additional domains. The index of the main domain is 1, for additional domains the index starts from 2. When reissuing with new domains, crt_type=altname, the index for approver_email is determined by the position of the additional domain in the altname parameter. For example, if altnames=ex1.com http://ex2.com, then approver_email_2 is the confirmation email http://ex1.com, approver_email_3 is the confirmation email http://ex2.com).

Delete certificate

The certificate is deleted using the certificate.delete. function. The elid parameter specifies the certificate to be deleted.

To delete an SSL certificate, you need to send the following request: 

https://api-eu.ispmanager.com/manager/billmgr?authinfo=USER:PASSWD&out=xml&func=certificate.delete&elid=<license code>&sok=ok

Get the list of countries with digital codes

It is possible to find out the current list of countries with their corresponding identifiers using the certificate.order.csr. function.

https://api-eu.ispmanager.com/billmgr?authinfo=EMAIL:PASSWORD&out=bjson&func=certificate.order.csr&period=12&pricelist=PRICELIST

A successful response will contain:

  • k – country ID;
  • v – country name.

Get data for SSL certificate validation

To get data for SSL certificate validation, you need to send the following request, where ORDER_ID – is the certificate ID:

https://api-eu.ispmanager.com/billmgr?func=certificate.edit&elid=ORDER_ID&out=text

Data for DNS TXT

The value will be specified in the auth_dnstxt_value parameter in the response to the request specified above.

Data for File

There are two possible ways:

  • in the response received to the query above, find the file name in the auth_file_name parameter, and the file content in the auth_file_value parameter
  • to get a file with the corresponding records by executing a request, where ORDER_ID is the ID of the certificate:
https://api-eu.ispmanager.com/billmgr?func=certificate.file&elid=ORDER_ID&type=auth_file

Data for CNAME

In the above query response, find the name in theauth_cname_name parameter and the value in the auth_cname_value parameter.

Re-request for DNS validation

To get the data, send a request where ORDER_ID is the certificate identifier:

https://api-eu.ispmanager.com/billmgr?domains=DOMAIN&func=certificate.dns_verify&sok=ok&elid=ORDER_ID

Re-request for email validation

To get the data, send the following request: 

https://api-eu.ispmanager.com/billmgr?func=certificate.domain_validation_email&sok=ok&elid=ORDER_ID&approver_email_1=EMAIL

Where:

  • ORDER_ID – certificate ID;
  • EMAIL – email address to confirm the certificate; this address must be one of the following:
    • admin@DOMAIN;
    • administrator@DOMAIN;
    • hostmaster@DOMAIN;
    • postmaster@DOMAIN;
    • webmaster@DOMAIN.

 

In this article