Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Webhosting24 Wiki
Search
Search
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
SSL
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Special pages
Page information
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Sidebar}} <div style="font-size: 150%;">'''SSL API'''</div><br/> <p> {{Warnbox|'''UPDATE 17-01-2019''': Comodo has been rebranded to Sectigo. Go to [https://wiki.hexonet.net/wiki/Comodo_is_now_Sectigo this page] to learn more about it.}} {{Warnbox|'''UPDATE 23-02-2023''': Symantec has been rebranded to DigiCert.}} == Features == * Order SSL certificates without having to provide contact data - given the domain name, we will retrieve the required contact information from the WHOIS * Order SSL certificates without having to create a CSR first - we take care of this for you * Order SSL certificates using contact handles - just like in domain commands * Use advanced validation methods - instead of confirming emails, you can prove that you have control over a domain by a simple DNS or web content modification * Have your SSL certificate orders validated automatically - using DNSZONE validation and HEXONET's DNS Services Additional information on purchasing and configuring SSL certificates may be found [[#Additional information|below]]. == List of all SSL Certificates == {| class="wikitable" style="width:100% !important" |- ! scope="col" style="text-align:left; border:1px solid darkgray" | Provider ! scope="col" style="text-align:left; border:1px solid darkgray" | Name ! scope="col" style="text-align:left; border:1px solid darkgray" | Class ! scope="col" style="text-align:left; border:1px solid darkgray" | Type ! scope="col" style="text-align:left; border:1px solid darkgray" | Additional Domains ! scope="col" style="text-align:left; border:1px solid darkgray" | Domain Control Validation (DCV) |- | style="text-align:left" | Sectigo || style="text-align:left" | Essential SSL || COMODO_ESSENTIALSSL || style="text-align:left" | Domain Validation (DV) || - || EMAIL,DNSZONE,URL |- | style="text-align:left" | Sectigo || style="text-align:left" | Essential SSL Wildcard || COMODO_ESSENTIALSSL_WILDCARD || style="text-align:left" | Domain Validation (DV) || - || EMAIL,DNSZONE,URL |- | style="text-align:left" | Sectigo || style="text-align:left" | EV SSL || COMODO_SSL_EV || style="text-align:left" | Extended Validation (EV) || - || EMAIL |- | style="text-align:left" | Sectigo || style="text-align:left" | Instant SSL || COMODO_INSTANTSSL || style="text-align:left" | Organization Validation (OV) || - || EMAIL |- | style="text-align:left" | Sectigo || style="text-align:left" | Instant SSL Premium || COMODO_INSTANTSSL_PREMIUM || style="text-align:left" | Organization Validation (OV) || - || EMAIL |- | style="text-align:left" | Sectigo || style="text-align:left" | Positive SSL || COMODO_POSITIVESSL || style="text-align:left" | Domain Validation (DV) || - || EMAIL,DNSZONE,URL |- | style="text-align:left" | Sectigo || style="text-align:left" | Premium SSL Wildcard || COMODO_PREMIUMSSL_WILDCARD || style="text-align:left" | Organization Validation (OV) || Wildcard || EMAIL |- | style="text-align:left" | Sectigo || style="text-align:left" | DV SSL || COMODO_SSL || style="text-align:left" | Domain Validation (DV) || - || EMAIL,DNSZONE,URL |- | style="text-align:left" | Sectigo || style="text-align:left" | DV SSL Wildcard || COMODO_SSL_WILDCARD || style="text-align:left" | Domain Validation (DV) || Wildcard || EMAIL,DNSZONE,URL |- | style="text-align:left" | GeoTrust || style="text-align:left" | Quick SSL || GEOTRUST_QUICKSSL || style="text-align:left" | Domain Validation (DV) || - || EMAIL,DNSZONE,URL |- | style="text-align:left" | GeoTrust || style="text-align:left" | Quick SSL Premium || GEOTRUST_QUICKSSLPREMIUM || style="text-align:left" | Domain Validation (DV) || - || EMAIL,DNSZONE,URL |- | style="text-align:left" | GeoTrust || style="text-align:left" | Quick SSL Premium || GEOTRUST_QUICKSSLPREMIUM || style="text-align:left" | Domain Validation (DV) || - || EMAIL,DNSZONE,URL |- | style="text-align:left" | GeoTrust || style="text-align:left" | Quick SSL Premium SAN Package || GEOTRUST_QUICKSSLPREMIUM_SAN || style="text-align:left" | Domain Validation (DV) || 4 subdomains || EMAIL,DNSZONE,URL |- | style="text-align:left" | GeoTrust || style="text-align:left" | Rapid SSL || GEOTRUST_RAPIDSSL || style="text-align:left" | Domain Validation (DV) || - || EMAIL,DNSZONE,URL |- | style="text-align:left" | GeoTrust || style="text-align:left" | Rapid SSL Wildcard || GEOTRUST_RAPIDSSL_WILDCARD || style="text-align:left" | Domain Validation (DV) || Wildcard || EMAIL,DNSZONE,URL |- | style="text-align:left" | GeoTrust || style="text-align:left" | True Business ID || GEOTRUST_TRUEBIZID || style="text-align:left" | Organization Validation (OV) || - || EMAIL |- | style="text-align:left" | GeoTrust || style="text-align:left" | True Business ID SAN Package || GEOTRUST_TRUEBIZID_SAN || style="text-align:left" | Organization Validation (OV) || 4 - 100 domains || EMAIL |- | style="text-align:left" | GeoTrust || style="text-align:left" | True Business ID EV || GEOTRUST_TRUEBIZID_EV || style="text-align:left" | Extended Validation (EV) || - || EMAIL |- | style="text-align:left" | GeoTrust || style="text-align:left" | True Business ID EV SAN Package || GEOTRUST_TRUEBIZID_EV_SAN || style="text-align:left" | Extended Validation (EV) || 4 - 100 domains || EMAIL |- | style="text-align:left" | GeoTrust || style="text-align:left" | True Business ID Wildcard || GEOTRUST_TRUEBIZID_WILDCARD || style="text-align:left" | Organization Validation (OV) || Wildcard || EMAIL |- | style="text-align:left" | DigiCert || style="text-align:left" | Secure Site || SYMANTEC_SECURESITE || style="text-align:left" | Organization Validation (OV) || up to 24 domains || EMAIL |- | style="text-align:left" | DigiCert || style="text-align:left" | Secure Site EV || SYMANTEC_SECURESITE_EV || style="text-align:left" | Extended Validation (EV) || up to 24 domains || EMAIL |- | style="text-align:left" | DigiCert || style="text-align:left" | Secure Site Pro || SYMANTEC_SECURESITE_PRO || style="text-align:left" | Organization Validation (OV) || up to 24 domains || EMAIL |- | style="text-align:left" | DigiCert || style="text-align:left" | Secure Site Pro EV || SYMANTEC_SECURESITE_PRO_EV || style="text-align:left" | Extended Validation (EV) || up to 24 domains || EMAIL |- | style="text-align:left" | thawte || style="text-align:left" | SSL 123 || THAWTE_SSL123 || style="text-align:left" | Domain Validation (DV) || - || EMAIL,DNSZONE,URL |- | style="text-align:left" | thawte || style="text-align:left" | SSL Webserver || THAWTE_SSLWEBSERVER || style="text-align:left" | Organization Validation (OV) || up to 24 domains || EMAIL |- | style="text-align:left" | thawte || style="text-align:left" | SSL Webserver EV || THAWTE_SSLWEBSERVER_EV || style="text-align:left" | Extended Validation (EV) || up to 24 domains || EMAIL |- | style="text-align:left" | thawte || style="text-align:left" | SSL Webserver Wildcard || THAWTE_SSLWEBSERVER_WILDCARD || style="text-align:left" | Organization Validation (OV) || Wildcard || EMAIL |- | style="text-align:left" | Trustwave || style="text-align:left" | Domain vetted SSL || TRUSTWAVE_DOMAINVETTEDSSL || style="text-align:left" | Domain Validation (DV) || - || EMAIL |- | style="text-align:left" | Trustwave || style="text-align:left" | Premium SSL || TRUSTWAVE_PREMIUMSSL || style="text-align:left" | Organization Validation (OV) || - || EMAIL |- | style="text-align:left" | Trustwave || style="text-align:left" | Premium SSL SAN Package || TRUSTWAVE_PREMIUMSSL_SAN || style="text-align:left" | Organization Validation (OV) || 5 domains || EMAIL |- | style="text-align:left" | Trustwave || style="text-align:left" | Premium SSL EV || TRUSTWAVE_PREMIUMSSL_EV || style="text-align:left" | Extended Validation (EV) || - || EMAIL |- | style="text-align:left" | Trustwave || style="text-align:left" | Premium SSL EV SAN Package || TRUSTWAVE_PREMIUMSSL_EV_SAN || style="text-align:left" | Extended Validation (EV) || 5 domains || EMAIL |- | style="text-align:left" | Trustwave || style="text-align:left" | Premium SSL Wildcard || TRUSTWAVE_PREMIUMSSL_WILDCARD || style="text-align:left" | Organization Validation (OV) || Wildcard || EMAIL |} == Using the SSL API == <br/><br/> = Order certificate (API) = '''Order certificate providing the domain name only''' <br> The contact data is [[SSL_Certificate_Contact_Data_Lookup|looked up in the WHOIS]]. The private key and CSR are [[Automatic_SSL_Certificate_CSR_Creation|created automatically]]. <pre> [COMMAND] command = CreateSSLCert sslcertclass = <CLASS> domain0 = <DOMAIN> EOF </pre> <br> '''Order certificate with your own CSR''' <br> The domain is retrieved from the provided CSR. The contact data is [[SSL_Certificate_Contact_Data_Lookup|looked up in the WHOIS]]. <pre> [COMMAND] command = CreateSSLCert sslcertclass = <CLASS> csr0 = -----BEGIN CERTIFICATE REQUEST----- csr1 = ... ... EOF </pre> <br> '''Order certificate with contact handles''' <br> The private key and CSR are [[Automatic_SSL_Certificate_CSR_Creation|created automatically]]. <pre> [COMMAND] command = CreateSSLCert sslcertclass = <CLASS> domain0 = <DOMAIN> ownercontact0 = <CONTACT> admincontact0 = <CONTACT> techcontact0 =< CONTACT> billingcontact0 = <CONTACT> EOF </pre> <br> '''Order certificate using DNSZONE validation''' <br> Prove domain control by setting the returned CNAME record. <pre> [COMMAND] command = CreateSSLCert sslcertclass = <CLASS> domain0 = <DOMAIN> validation0 = DNSZONE EOF </pre> <pre> [RESPONSE] CODE = 200 DESCRIPTION = Command completed successfully PROPERTY[VALIDATIONDNSRR][0] = abcde01234.<DOMAIN>. CNAME vwxyz56789.<DOMAIN>. EOF </pre> <br> '''Order certificate and have it validated automatically''' <br> This only works with the validation method DNSZONE and if HEXONET's DNS Services are used for the domain. Set INTERNALDNS=1 in order to have the returned CNAME record inserted into the DNS zone file automatically. Note that it will not be removed automatically after successful validation. <pre> [COMMAND] command = CreateSSLCert sslcertclass = <CLASS> domain0 = <DOMAIN> validation0 = DNSZONE internaldns = 1 EOF </pre> <pre> [RESPONSE] CODE = 200 DESCRIPTION = Command completed successfully PROPERTY[VALIDATIONDNSRR][0] = abcde01234.<DOMAIN>. CNAME vwxyz56789.<DOMAIN>. PROPERTY[INTERNALDNS][0] = 1 EOF </pre> <br> '''Order certificate using URL validation''' <br> Prove domain control by placing a file with a certain content at the root of the domain. The name and content of the file to be used are returned by the command. The file must be readable via an HTTP request. <pre> [COMMAND] command = CreateSSLCert sslcertclass = <CLASS> domain0 = <DOMAIN> validation0 = URL EOF </pre> <pre> [RESPONSE] CODE = 200 DESCRIPTION = Command completed successfully PROPERTY[VALIDATIONURL][0] = http://<DOMAIN>/abcde01234.txt PROPERTY[VALIDATIONURLCONTENT][0] = vwxyz56789 EOF </pre> <br> '''Order certificate using EMAIL validation and specifying explicitly the validation email addresses''' <br> By default, ''ownercontact0email'' is used as validation email address. Different validation email addresses can be specified by using the command parameter ''validationemail[0-N]''. This is particularly useful when a multi domain certificate is ordered. <pre> [COMMAND] command = CreateSSLCert sslcertclass = <CLASS> domain0 = example1.com domain1 = example2.com validationemail0 = admin@example1.com validationemail1 = hostmaster@example2.com EOF </pre> <br> '''Order certificate specifying explicitly what contact data to put into the CSR''' <br> The private key and CSR are [[Automatic_SSL_Certificate_CSR_Creation|created automatically]] using the contact data provided in ''csrcontact0''. <pre> [COMMAND] command = CreateSSLCert sslcertclass = <CLASS> domain0 = <DOMAIN> ownercontact0 = <CONTACT> admincontact0 = <CONTACT> techcontact0 = <CONTACT> billingcontact0 = <CONTACT> csrcontact0 = <CONTACT> EOF </pre> <br> '''Order certificate with plain contact data''' <br> This works just like for domain commands. The private key and CSR are [[Automatic_SSL_Certificate_CSR_Creation|created automatically]]. <pre> [COMMAND] command = CreateSSLCert sslcertclass = <CLASS> domain0 = <DOMAIN> ownercontact0organization = <TEXT> | <NULL> ownercontact0firstname = <TEXT> | <NULL> ownercontact0lastname = <TEXT> | <NULL> ownercontact0street = <TEXT> | <NULL> ownercontact0city = <TEXT> | <NULL> ownercontact0state = <TEXT> | <NULL> ownercontact0zip = <TEXT> | <NULL> ownercontact0country = <TEXT> | <NULL> ownercontact0phone = <TEXT> | <NULL> ownercontact0fax = <TEXT> | <NULL> ownercontact0email = <TEXT> | <NULL> ownercontact0title = <TEXT> | <NULL> EOF </pre> <br> '''Order certificate with your own private key''' <br> The CSR is [[Automatic_SSL_Certificate_CSR_Creation|created automatically]] using the provided private key. <pre> [COMMAND] command = CreateSSLCert sslcertclass = <CLASS> domain0 = <DOMAIN> ownercontact0 = <CONTACT> admincontact0 = <CONTACT> techcontact0 = <CONTACT> billingcontact0 = <CONTACT> pem0 = -----BEGIN RSA PRIVATE KEY----- pem1 = ... ... EOF </pre> <br> '''All parameters''' <pre> [COMMAND] command = CreateSSLCert sslcertclass = <CLASS> period = <INT> domain# = <DOMAIN> validation# = EMAIL | DNSZONE | URL validationemail# = <EMAIL> internaldns = 0 | 1 csr# = <TEXT> pem# = <TEXT> keylength = <INT> ownercontact0 = <CONTACT> ownercontact0organization = <TEXT> ownercontact0firstname = <TEXT> ownercontact0lastname = <TEXT> ownercontact0street = <TEXT> ownercontact0city = <TEXT> ownercontact0state = <TEXT> ownercontact0zip = <TEXT> ownercontact0country = <TEXT> ownercontact0phone = <TEXT> ownercontact0fax = <TEXT> ownercontact0email = <TEXT> ownercontact0title = <TEXT> admincontact0 = <CONTACT> admincontact0organization = <TEXT> admincontact0firstname = <TEXT> admincontact0lastname = <TEXT> admincontact0street = <TEXT> admincontact0city = <TEXT> admincontact0state = <TEXT> admincontact0zip = <TEXT> admincontact0country = <TEXT> admincontact0phone = <TEXT> admincontact0fax = <TEXT> admincontact0email = <TEXT> admincontact0title = <TEXT> techcontact0 = <CONTACT> techcontact0organization = <TEXT> techcontact0firstname = <TEXT> techcontact0lastname = <TEXT> techcontact0street = <TEXT> techcontact0city = <TEXT> techcontact0state = <TEXT> techcontact0zip = <TEXT> techcontact0country = <TEXT> techcontact0phone = <TEXT> techcontact0fax = <TEXT> techcontact0email = <TEXT> techcontact0title = <TEXT> billingcontact0 = <CONTACT> billingcontact0organization = <TEXT> billingcontact0firstname = <TEXT> billingcontact0lastname = <TEXT> billingcontact0street = <TEXT> billingcontact0city = <TEXT> billingcontact0state = <TEXT> billingcontact0zip = <TEXT> billingcontact0country = <TEXT> billingcontact0phone = <TEXT> billingcontact0fax = <TEXT> billingcontact0email = <TEXT> billingcontact0title = <TEXT> csrcontact0 = <CONTACT> csrcontact0organization = <TEXT> csrcontact0firstname = <TEXT> csrcontact0lastname = <TEXT> csrcontact0street = <TEXT> csrcontact0city = <TEXT> csrcontact0state = <TEXT> csrcontact0zip = <TEXT> csrcontact0country = <TEXT> csrcontact0phone = <TEXT> csrcontact0fax = <TEXT> csrcontact0email = <TEXT> csrcontact0title = <TEXT> EOF </pre> <pre> [RESPONSE] CODE = 200 DESCRIPTION = Command completed successfully PROPERTY[SSLCERTID][0] = <SSLCERTID> PROPERTY[SSLCERTCLASS][0] = <CLASS> PROPERTY[STATUS][0] = REQUESTEDCREATE PROPERTY[CREATEDDATE][0] = <DATE> PROPERTY[REGISTRATIONEXPIRATIONDATE][0] = <DATE> PROPERTY[DOMAIN][0] = <DOMAIN> PROPERTY[DOMAIN][1] = <DOMAIN> ... PROPERTY[VALIDATION][0] = EMAIL|DNSZONE|URL PROPERTY[VALIDATION][1] = EMAIL|DNSZONE|URL ... PROPERTY[VALIDATIONEMAIL][0] = <EMAIL> PROPERTY[VALIDATIONEMAIL][1] = <EMAIL> ... PROPERTY[VALIDATIONDNSRR][0] = <TEXT> PROPERTY[VALIDATIONDNSRR][1] = <TEXT> ... PROPERTY[VALIDATIONURL][0] = <TEXT> PROPERTY[VALIDATIONURL][1] = <TEXT> ... PROPERTY[VALIDATIONURLCONTENT][0] = <TEXT> PROPERTY[VALIDATIONURLCONTENT][1] = <TEXT> ... PROPERTY[INTERNALDNS][0] = 0 | 1 PROPERTY[CSR][0] = -----BEGIN CERTIFICATE REQUEST----- PROPERTY[CSR][1] = ... ... PROPERTY[PEM][0] = -----BEGIN RSA PRIVATE KEY----- PROPERTY[PEM][1] = ... ... PROPERTY[KEYLENGTH][0] = <INT> PROPERTY[OWNERCONTACT0ORGANIZATION][0] = <TEXT> PROPERTY[OWNERCONTACT0FIRSTNAME][0] = <TEXT> PROPERTY[OWNERCONTACT0LASTNAME][0] = <TEXT> PROPERTY[OWNERCONTACT0STREET][0] = <TEXT> PROPERTY[OWNERCONTACT0CITY][0] = <TEXT> PROPERTY[OWNERCONTACT0STATE][0] = <TEXT> PROPERTY[OWNERCONTACT0ZIP][0] = <TEXT> PROPERTY[OWNERCONTACT0COUNTRY][0] = <TEXT> PROPERTY[OWNERCONTACT0PHONE][0] = <TEXT> PROPERTY[OWNERCONTACT0FAX][0] = <TEXT> PROPERTY[OWNERCONTACT0EMAIL][0] = <TEXT> PROPERTY[OWNERCONTACT0TITLE][0] = <TEXT> PROPERTY[ADMINCONTACT0ORGANIZATION][0] = <TEXT> PROPERTY[ADMINCONTACT0FIRSTNAME][0] = <TEXT> PROPERTY[ADMINCONTACT0LASTNAME][0] = <TEXT> PROPERTY[ADMINCONTACT0STREET][0] = <TEXT> PROPERTY[ADMINCONTACT0CITY][0] = <TEXT> PROPERTY[ADMINCONTACT0STATE][0] = <TEXT> PROPERTY[ADMINCONTACT0ZIP][0] = <TEXT> PROPERTY[ADMINCONTACT0COUNTRY][0] = <TEXT> PROPERTY[ADMINCONTACT0PHONE][0] = <TEXT> PROPERTY[ADMINCONTACT0FAX][0] = <TEXT> PROPERTY[ADMINCONTACT0EMAIL][0] = <TEXT> PROPERTY[ADMINCONTACT0TITLE][0] = <TEXT> PROPERTY[TECHCONTACT0ORGANIZATION][0] = <TEXT> PROPERTY[TECHCONTACT0FIRSTNAME][0] = <TEXT> PROPERTY[TECHCONTACT0LASTNAME][0] = <TEXT> PROPERTY[TECHCONTACT0STREET][0] = <TEXT> PROPERTY[TECHCONTACT0CITY][0] = <TEXT> PROPERTY[TECHCONTACT0STATE][0] = <TEXT> PROPERTY[TECHCONTACT0ZIP][0] = <TEXT> PROPERTY[TECHCONTACT0COUNTRY][0] = <TEXT> PROPERTY[TECHCONTACT0PHONE][0] = <TEXT> PROPERTY[TECHCONTACT0FAX][0] = <TEXT> PROPERTY[TECHCONTACT0EMAIL][0] = <TEXT> PROPERTY[TECHCONTACT0TITLE][0] = <TEXT> PROPERTY[BILLINGCONTACT0ORGANIZATION][0] = <TEXT> PROPERTY[BILLINGCONTACT0FIRSTNAME][0] = <TEXT> PROPERTY[BILLINGCONTACT0LASTNAME][0] = <TEXT> PROPERTY[BILLINGCONTACT0STREET][0] = <TEXT> PROPERTY[BILLINGCONTACT0CITY][0] = <TEXT> PROPERTY[BILLINGCONTACT0STATE][0] = <TEXT> PROPERTY[BILLINGCONTACT0ZIP][0] = <TEXT> PROPERTY[BILLINGCONTACT0COUNTRY][0] = <TEXT> PROPERTY[BILLINGCONTACT0PHONE][0] = <TEXT> PROPERTY[BILLINGCONTACT0FAX][0] = <TEXT> PROPERTY[BILLINGCONTACT0EMAIL][0] = <TEXT> PROPERTY[BILLINGCONTACT0TITLE][0] = <TEXT> PROPERTY[CSRCONTACT0ORGANIZATION][0] = <TEXT> PROPERTY[CSRCONTACT0FIRSTNAME][0] = <TEXT> PROPERTY[CSRCONTACT0LASTNAME][0] = <TEXT> PROPERTY[CSRCONTACT0STREET][0] = <TEXT> PROPERTY[CSRCONTACT0CITY][0] = <TEXT> PROPERTY[CSRCONTACT0STATE][0] = <TEXT> PROPERTY[CSRCONTACT0ZIP][0] = <TEXT> PROPERTY[CSRCONTACT0COUNTRY][0] = <TEXT> PROPERTY[CSRCONTACT0PHONE][0] = <TEXT> PROPERTY[CSRCONTACT0FAX][0] = <TEXT> PROPERTY[CSRCONTACT0EMAIL][0] = <TEXT> PROPERTY[CSRCONTACT0TITLE][0] = <TEXT> EOF </pre> <br> = Order certificate (EPP) = '''Order certificate providing the domain name only''' <br> The contact data is [[SSL_Certificate_Contact_Data_Lookup|looked up in the WHOIS]]. The private key and CSR are [[Automatic_SSL_Certificate_CSR_Creation|created automatically]]. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='CreateSSLCert' /> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='DOMAIN0' value='<DOMAIN>' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Order certificate with your own CSR''' <br> The domain is retrieved from the provided CSR. The contact data is [[SSL_Certificate_Contact_Data_Lookup|looked up in the WHOIS]]. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='CreateSSLCert' /> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='CSR0' value='-----BEGIN CERTIFICATE REQUEST-----' /> <keyvalue:kv key='CSR1' value='...' /> ... </keyvalue:extension> </extension> </epp> </pre> <br> '''Order certificate with contact handles''' <br> The private key and CSR are [[Automatic_SSL_Certificate_CSR_Creation|created automatically]]. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='CreateSSLCert' /> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='DOMAIN0' value='<DOMAIN>' /> <keyvalue:kv key='OWNERCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='ADMINCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='TECHCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='BILLINGCONTACT0' value='<CONTACT>' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Order certificate using DNSZONE validation''' <br> Prove domain control by setting the returned CNAME record. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='CreateSSLCert' /> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='DOMAIN0' value='<DOMAIN>' /> <keyvalue:kv key='VALIDATION0' value='DNSZONE' /> </keyvalue:extension> </extension> </epp> </pre> RESPONSE: <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <response> <result code="1001"> <msg>Command completed successfully; action pending</msg> <extValue> <value xmlns:epp="urn:ietf:params:xml:ns:epp-1.0"> <epp:undef/> </value> <reason>200 Command completed successfully</reason> </extValue> </result> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key="VALIDATIONDNSRR" value="abcde01234.<DOMAIN>. CNAME vwxyz56789.<DOMAIN>."/> </keyvalue:extension> </extension> <trID> <svTRID>RW-XXXX-XXXXXXXXXXXXXXXX</svTRID> </trID> </response> </epp> </pre> <br> '''Order certificate and have it validated automatically''' <br> This only works with the validation method DNSZONE and if HEXONET's DNS Services are used for the domain. Set INTERNALDNS=1 in order to have the returned CNAME record inserted into the DNS zone file automatically. Note that it will not be removed automatically after successful validation. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='CreateSSLCert' /> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='DOMAIN0' value='<DOMAIN>' /> <keyvalue:kv key='VALIDATION0' value='DNSZONE' /> <keyvalue:kv key='INTERNALDNS' value='1' /> </keyvalue:extension> </extension> </epp> </pre> RESPONSE: <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <response> <result code="1001"> <msg>Command completed successfully; action pending</msg> <extValue> <value xmlns:epp="urn:ietf:params:xml:ns:epp-1.0"> <epp:undef/> </value> <reason>200 Command completed successfully</reason> </extValue> </result> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key="VALIDATIONDNSRR" value="abcde01234.<DOMAIN>. CNAME vwxyz56789.<DOMAIN>."/> <keyvalue:kv key="INTERNALDNS" value="1"/> </keyvalue:extension> </extension> <trID> <svTRID>RW-XXXX-XXXXXXXXXXXXXXXX</svTRID> </trID> </response> </epp> </pre> <br> '''Order certificate using URL validation''' <br> Prove domain control by placing a file with a certain content at the root of the domain. The name and content of the file to be used are returned by the command. The file must be readable via an HTTP request. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='CreateSSLCert' /> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='DOMAIN0' value='<DOMAIN>' /> <keyvalue:kv key='VALIDATION0' value='URL' /> </keyvalue:extension> </extension> </epp> </pre> RESPONSE: <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <response> <result code="1001"> <msg>Command completed successfully; action pending</msg> <extValue> <value xmlns:epp="urn:ietf:params:xml:ns:epp-1.0"> <epp:undef/> </value> <reason>200 Command completed successfully</reason> </extValue> </result> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key="VALIDATIONURL" value="http://<DOMAIN>/abcde01234.txt"/> <keyvalue:kv key="VALIDATIONURLCONTENT" value="vwxyz56789"/> </keyvalue:extension> </extension> <trID> <svTRID>RW-XXXX-XXXXXXXXXXXXXXXX</svTRID> </trID> </response> </epp> </pre> <br> '''Order certificate using EMAIL validation and specifying explicitly the validation email addresses''' <br> By default, ''ownercontact0email'' is used as validation email address. Different validation email addresses can be specified by using the command parameter ''validationemail[0-N]''. This is particularly useful when a multi domain certificate is ordered. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='CreateSSLCert' /> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='DOMAIN0' value='example1.com' /> <keyvalue:kv key='DOMAIN1' value='example2.com' /> <keyvalue:kv key='VALIDATIONEMAIL0' value='admin@example1.com' /> <keyvalue:kv key='VALIDATIONEMAIL1' value='hostmaster@example2.com' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Order certificate specifying explicitly what contact data to put into the CSR''' <br> The private key and CSR are [[Automatic_SSL_Certificate_CSR_Creation|created automatically]] using the contact data provided in ''csrcontact0''. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='CreateSSLCert' /> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='DOMAIN0' value='<DOMAIN>' /> <keyvalue:kv key='OWNERCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='ADMINCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='TECHCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='BILLINGCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='CSRCONTACT0' value='<CONTACT>' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Order certificate with plain contact data''' <br> This works just like for domain commands. The private key and CSR are [[Automatic_SSL_Certificate_CSR_Creation|created automatically]]. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='CreateSSLCert' /> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='DOMAIN0' value='<DOMAIN>' /> <keyvalue:kv key='OWNERCONTACT0ORGANIZATION' value='Organization' /> <keyvalue:kv key='OWNERCONTACT0FIRSTNAME' value='Firstname' /> <keyvalue:kv key='OWNERCONTACT0LASTNAME' value='Lastname' /> <keyvalue:kv key='OWNERCONTACT0STREET' value='Street' /> <keyvalue:kv key='OWNERCONTACT0CITY' value='City' /> <keyvalue:kv key='OWNERCONTACT0STATE' value='State' /> <keyvalue:kv key='OWNERCONTACT0ZIP' value='Zip' /> <keyvalue:kv key='OWNERCONTACT0COUNTRY' value='Country' /> <keyvalue:kv key='OWNERCONTACT0PHONE' value='Phone' /> <keyvalue:kv key='OWNERCONTACT0FAX' value='Fax' /> <keyvalue:kv key='OWNERCONTACT0EMAIL' value='Email' /> <keyvalue:kv key='OWNERCONTACT0TITLE' value='Title' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Order certificate with your own private key''' <br> The CSR is [[Automatic_SSL_Certificate_CSR_Creation|created automatically]] using the provided private key. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='CreateSSLCert' /> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='PEM0' value='-----BEGIN RSA PRIVATE KEY-----' /> <keyvalue:kv key='PEM1' value='...' /> ... </keyvalue:extension> </extension> </epp> </pre> <br> '''All parameters''' <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='CreateSSLCert' /> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='PERIOD' value='<INT>' /> <keyvalue:kv key='DOMAIN0' value='<DOMAIN>' /> <keyvalue:kv key='DOMAIN1' value='<DOMAIN>' /> ... <keyvalue:kv key='VALIDATION0' value='EMAIL | DNSZONE | URL' /> <keyvalue:kv key='VALIDATION1' value='EMAIL | DNSZONE | URL' /> ... <keyvalue:kv key='VALIDATIONEMAIL0' value='<EMAIL>' /> <keyvalue:kv key='VALIDATIONEMAIL1' value='<EMAIL>' /> ... <keyvalue:kv key='INTERNALDNS' value='0 | 1' /> <keyvalue:kv key='CSR0' value='-----BEGIN CERTIFICATE REQUEST-----' /> <keyvalue:kv key='CSR1' value='...' /> ... <keyvalue:kv key='PEM0' value='-----BEGIN RSA PRIVATE KEY-----' /> <keyvalue:kv key='PEM1' value='...' /> ... <keyvalue:kv key='KEYLENGTH' value='<INT>' /> <keyvalue:kv key='ownercontact0' value='<CONTACT>' /> <keyvalue:kv key='ownercontact0organization' value='<TEXT>' /> <keyvalue:kv key='ownercontact0firstname' value='<TEXT>' /> <keyvalue:kv key='ownercontact0lastname' value='<TEXT>' /> <keyvalue:kv key='ownercontact0street' value='<TEXT>' /> <keyvalue:kv key='ownercontact0city' value='<TEXT>' /> <keyvalue:kv key='ownercontact0state' value='<TEXT>' /> <keyvalue:kv key='ownercontact0zip' value='<TEXT>' /> <keyvalue:kv key='ownercontact0country' value='<TEXT>' /> <keyvalue:kv key='ownercontact0phone' value='<TEXT>' /> <keyvalue:kv key='ownercontact0fax' value='<TEXT>' /> <keyvalue:kv key='ownercontact0email' value='<TEXT>' /> <keyvalue:kv key='ownercontact0title' value='<TEXT>' /> <keyvalue:kv key='admincontact0' value='<CONTACT>' /> <keyvalue:kv key='admincontact0organization' value='<TEXT>' /> <keyvalue:kv key='admincontact0firstname' value='<TEXT>' /> <keyvalue:kv key='admincontact0lastname' value='<TEXT>' /> <keyvalue:kv key='admincontact0street' value='<TEXT>' /> <keyvalue:kv key='admincontact0city' value='<TEXT>' /> <keyvalue:kv key='admincontact0state' value='<TEXT>' /> <keyvalue:kv key='admincontact0zip' value='<TEXT>' /> <keyvalue:kv key='admincontact0country' value='<TEXT>' /> <keyvalue:kv key='admincontact0phone' value='<TEXT>' /> <keyvalue:kv key='admincontact0fax' value='<TEXT>' /> <keyvalue:kv key='admincontact0email' value='<TEXT>' /> <keyvalue:kv key='admincontact0title' value='<TEXT>' /> <keyvalue:kv key='techcontact0' value='<CONTACT>' /> <keyvalue:kv key='techcontact0organization' value='<TEXT>' /> <keyvalue:kv key='techcontact0firstname' value='<TEXT>' /> <keyvalue:kv key='techcontact0lastname' value='<TEXT>' /> <keyvalue:kv key='techcontact0street' value='<TEXT>' /> <keyvalue:kv key='techcontact0city' value='<TEXT>' /> <keyvalue:kv key='techcontact0state' value='<TEXT>' /> <keyvalue:kv key='techcontact0zip' value='<TEXT>' /> <keyvalue:kv key='techcontact0country' value='<TEXT>' /> <keyvalue:kv key='techcontact0phone' value='<TEXT>' /> <keyvalue:kv key='techcontact0fax' value='<TEXT>' /> <keyvalue:kv key='techcontact0email' value='<TEXT>' /> <keyvalue:kv key='techcontact0title' value='<TEXT>' /> <keyvalue:kv key='billingcontact0' value='<CONTACT>' /> <keyvalue:kv key='billingcontact0organization' value='<TEXT>' /> <keyvalue:kv key='billingcontact0firstname' value='<TEXT>' /> <keyvalue:kv key='billingcontact0lastname' value='<TEXT>' /> <keyvalue:kv key='billingcontact0street' value='<TEXT>' /> <keyvalue:kv key='billingcontact0city' value='<TEXT>' /> <keyvalue:kv key='billingcontact0state' value='<TEXT>' /> <keyvalue:kv key='billingcontact0zip' value='<TEXT>' /> <keyvalue:kv key='billingcontact0country' value='<TEXT>' /> <keyvalue:kv key='billingcontact0phone' value='<TEXT>' /> <keyvalue:kv key='billingcontact0fax' value='<TEXT>' /> <keyvalue:kv key='billingcontact0email' value='<TEXT>' /> <keyvalue:kv key='billingcontact0title' value='<TEXT>' /> <keyvalue:kv key='csrcontact0' value='<CONTACT>' /> <keyvalue:kv key='csrcontact0organization' value='<TEXT>' /> <keyvalue:kv key='csrcontact0firstname' value='<TEXT>' /> <keyvalue:kv key='csrcontact0lastname' value='<TEXT>' /> <keyvalue:kv key='csrcontact0street' value='<TEXT>' /> <keyvalue:kv key='csrcontact0city' value='<TEXT>' /> <keyvalue:kv key='csrcontact0state' value='<TEXT>' /> <keyvalue:kv key='csrcontact0zip' value='<TEXT>' /> <keyvalue:kv key='csrcontact0country' value='<TEXT>' /> <keyvalue:kv key='csrcontact0phone' value='<TEXT>' /> <keyvalue:kv key='csrcontact0fax' value='<TEXT>' /> <keyvalue:kv key='csrcontact0email' value='<TEXT>' /> <keyvalue:kv key='csrcontact0title' value='<TEXT>' /> </keyvalue:extension> </extension> </epp> </pre> RESPONSE: <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <response> <result code="1001"> <msg>Command completed successfully; action pending</msg> <extValue> <value xmlns:epp="urn:ietf:params:xml:ns:epp-1.0"> <epp:undef/> </value> <reason>200 Command completed successfully</reason> </extValue> </result> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key="SSLCERTID" value="<SSLCERTID>"/> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='STATUS' value='REQUESTEDCREATE' /> <keyvalue:kv key='CREATEDDATE' value='<DATE>' /> <keyvalue:kv key='REGISTRATIONEXPIRATIONDATE' value='<DATE>' /> <keyvalue:kv key='DOMAIN' value='<DOMAIN>' /> <keyvalue:kv key='DOMAIN1' value='<DOMAIN>' /> ... <keyvalue:kv key='VALIDATION' value='EMAIL|DNSZONE|URL' /> <keyvalue:kv key='VALIDATION1' value='EMAIL|DNSZONE|URL' /> ... <keyvalue:kv key='VALIDATIONEMAIL' value='<EMAIL>' /> <keyvalue:kv key='VALIDATIONEMAIL1' value='<EMAIL>' /> ... <keyvalue:kv key='VALIDATIONDNSRR' value='<TEXT>' /> <keyvalue:kv key='VALIDATIONDNSRR1' value='<TEXT>' /> ... <keyvalue:kv key='VALIDATIONURL' value='<TEXT>' /> <keyvalue:kv key='VALIDATIONURL1' value='<TEXT>' /> ... <keyvalue:kv key='VALIDATIONURLCONTENT' value='<TEXT>' /> <keyvalue:kv key='VALIDATIONURLCONTENT1' value='<TEXT>' /> ... <keyvalue:kv key='INTERNALDNS' value='0 | 1' /> <keyvalue:kv key='CSR' value='-----BEGIN CERTIFICATE REQUEST-----' /> <keyvalue:kv key='CSR1' value='...' /> ... <keyvalue:kv key='PEM' value='-----BEGIN RSA PRIVATE KEY-----' /> <keyvalue:kv key='PEM1' value='...' /> ... <keyvalue:kv key='KEYLENGTH' value='<INT>' /> <keyvalue:kv key='OWNERCONTACT0ORGANIZATION' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0FIRSTNAME' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0LASTNAME' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0STREET' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0CITY' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0STATE' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0ZIP' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0COUNTRY' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0PHONE' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0FAX' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0EMAIL' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0TITLE' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0ORGANIZATION' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0FIRSTNAME' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0LASTNAME' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0STREET' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0CITY' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0STATE' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0ZIP' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0COUNTRY' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0PHONE' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0FAX' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0EMAIL' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0TITLE' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0ORGANIZATION' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0FIRSTNAME' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0LASTNAME' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0STREET' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0CITY' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0STATE' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0ZIP' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0COUNTRY' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0PHONE' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0FAX' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0EMAIL' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0TITLE' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0ORGANIZATION' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0FIRSTNAME' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0LASTNAME' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0STREET' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0CITY' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0STATE' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0ZIP' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0COUNTRY' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0PHONE' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0FAX' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0EMAIL' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0TITLE' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0ORGANIZATION' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0FIRSTNAME' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0LASTNAME' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0STREET' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0CITY' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0STATE' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0ZIP' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0COUNTRY' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0PHONE' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0FAX' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0EMAIL' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0TITLE' value='<TEXT>' /> </keyvalue:extension> </extension> <trID> <svTRID>RW-XXXX-XXXXXXXXXXXXXXXX</svTRID> </trID> </response> </epp> </pre> = Renew certificate (API) = '''Renew certificate''' <br> When no additional command parameters are provided, the current data is used for the certificate renewal: CSR, contact information, validation methods, validation email addresses, internaldns <pre> [COMMAND] command = RenewSSLCert sslcertid = <SSLCERTID> EOF </pre> <br> '''Renew certificate with new contact data''' <br> When new contact data is provided, it will be used for the certificate renewal. Note that you have to provide all contact data for all contacts, not just the data that has changed. Also note that the current CSR will be re-used even if contact data has changed that is part of the CSR. See below to learn how to have a new CSR created. <pre> [COMMAND] command = RenewSSLCert sslcertid = <SSLCERTID> ownercontact0 = <CONTACT> admincontact0 = <CONTACT> techcontact0 = <CONTACT> billingcontact0 = <CONTACT> EOF </pre> <br> '''Renew certificate with new contact data and a newly created CSR (current private key)''' <br> In order have a [[Automatic_SSL_Certificate_CSR_Creation|new CSR created]], use the command parameter ''createcsr=1''. The current private key associated with the certificate is used for this (unless a new one is created or provided, see below). If no private key is associated with the certificate, the command will fail. Also be reminded that if the certificate is associated with a ''csrcontact0'', its contact data is the relevant data for the CSR creation and must also be updated. <pre> [COMMAND] command = RenewSSLCert sslcertid = <SSLCERTID> ownercontact0 = <CONTACT> admincontact0 = <CONTACT> techcontact0 = <CONTACT> billingcontact0 = <CONTACT> createcsr = 1 EOF </pre> <br> '''Renew certificate with new contact data and a newly created CSR (newly created private key)''' <br> In order have a [[Automatic_SSL_Certificate_CSR_Creation|new private key and a new CSR created]], use the command parameter ''createprivatekey=1''. <pre> [COMMAND] command = RenewSSLCert sslcertid = <SSLCERTID> ownercontact0 = <CONTACT> admincontact0 = <CONTACT> techcontact0 = <CONTACT> billingcontact0 = <CONTACT> createprivatekey = 1 EOF </pre> <br> '''Renew certificate with new contact data and a newly created CSR (provided private key)''' <br> This will [[Automatic_SSL_Certificate_CSR_Creation|create a new CSR]] using the provided private key. <pre> [COMMAND] command = RenewSSLCert sslcertid = <SSLCERTID> ownercontact0 = <CONTACT> admincontact0 = <CONTACT> techcontact0 = <CONTACT> billingcontact0 = <CONTACT> pem0 = -----BEGIN RSA PRIVATE KEY----- pem1 = ... ... EOF </pre> <br> '''Renew certificate with your own new CSR''' <br> <pre> [COMMAND] command = RenewSSLCert sslcertid = <SSLCERTID> csr0 = -----BEGIN CERTIFICATE REQUEST----- csr1 = ... ... EOF </pre> <br> '''Renew certificate choosing a different validation method''' <br> By default, the validation method chosen previously (when the certificate was created or renewed last time) will be used for the renewal. In order to specify a different validation method, the command parameter ''validation0'' must be used. <pre> [COMMAND] command = RenewSSLCert sslcertid = <SSLCERTID> validation0 = EMAIL EOF </pre> <br> '''Renew certificate using DNSZONE validation''' <br> Prove domain control by setting the returned CNAME record. <pre> [COMMAND] command = RenewSSLCert sslcertid = <SSLCERTID> validation0 = DNSZONE EOF </pre> <pre> [RESPONSE] CODE = 200 DESCRIPTION = Command completed successfully PROPERTY[SSLCERTID][0] = <SSLCERTID> PROPERTY[VALIDATIONDNSRR][0] = abcde01234.<DOMAIN>. CNAME vwxyz56789.<DOMAIN>. EOF </pre> <br> '''Renew certificate and have it validated automatically''' <br> This only works with the validation method DNSZONE and if HEXONET's DNS Services are used for the domain. Set INTERNALDNS=1 in order to have the returned CNAME record inserted into the DNS zone file automatically. Note that it will not be removed automatically after successful validation. <pre> [COMMAND] command = RenewSSLCert sslcertid = <SSLCERTID> validation0 = DNSZONE internaldns = 1 EOF </pre> <pre> [RESPONSE] CODE = 200 DESCRIPTION = Command completed successfully PROPERTY[SSLCERTID][0] = <SSLCERTID> PROPERTY[VALIDATIONDNSRR][0] = abcde01234.<DOMAIN>. CNAME vwxyz56789.<DOMAIN>. PROPERTY[INTERNALDNS][0] = 1 EOF </pre> <br> '''Renew certificate using URL validation''' <br> Prove domain control by placing a file with a certain content at the root of the domain. The name and content of the file to be used are returned by the command. The file must be readable via an HTTP request. <pre> [COMMAND] command = RenewSSLCert sslcertid = <SSLCERTID> validation0 = URL EOF </pre> <pre> [RESPONSE] CODE = 200 DESCRIPTION = Command completed successfully PROPERTY[SSLCERTID][0] = <SSLCERTID> PROPERTY[VALIDATIONURL][0] = http://<DOMAIN>/abcde01234.txt PROPERTY[VALIDATIONURLCONTENT][0] = vwxyz56789 EOF </pre> <br> '''Renew certificate using EMAIL validation and specifying explicitly the validation email address''' <br> If a specific validation email address (different from ''ownercontact0email'') was used previously (when the certificate was created or renewed last time) it will be used again for the certificate renewal. In order to choose a different email address, the command parameter ''validationemail0'' must be used. <pre> [COMMAND] command = RenewSSLCert sslcertid = <SSLCERTID> validation0 = EMAIL validationemail0 = <EMAIL> EOF </pre> <br> '''Renew certificate with new plain contact data''' <br> <pre> [COMMAND] command = RenewSSLCert sslcertid = <SSLCERTID> ownercontact0organization = <TEXT> | <NULL> ownercontact0firstname = <TEXT> | <NULL> ownercontact0lastname = <TEXT> | <NULL> ownercontact0street = <TEXT> | <NULL> ownercontact0city = <TEXT> | <NULL> ownercontact0state = <TEXT> | <NULL> ownercontact0zip = <TEXT> | <NULL> ownercontact0country = <TEXT> | <NULL> ownercontact0phone = <TEXT> | <NULL> ownercontact0fax = <TEXT> | <NULL> ownercontact0email = <TEXT> | <NULL> ownercontact0title = <TEXT> | <NULL> EOF </pre> <br> '''All parameters''' <pre> [COMMAND] command = RenewSSLCert sslcertid = <SSLCERTID> period = <INT> domain# = <DOMAIN> validation# = EMAIL | DNSZONE | URL validationemail# = <EMAIL> internaldns = 0 | 1 csr# = <TEXT> createcsr = 0 | 1 pem# = <TEXT> createprivatekey = 0 | 1 keylength = <INT> ownercontact0 = <CONTACT> ownercontact0organization = <TEXT> ownercontact0firstname = <TEXT> ownercontact0lastname = <TEXT> ownercontact0street = <TEXT> ownercontact0city = <TEXT> ownercontact0state = <TEXT> ownercontact0zip = <TEXT> ownercontact0country = <TEXT> ownercontact0phone = <TEXT> ownercontact0fax = <TEXT> ownercontact0email = <TEXT> ownercontact0title = <TEXT> admincontact0 = <CONTACT> admincontact0organization = <TEXT> admincontact0firstname = <TEXT> admincontact0lastname = <TEXT> admincontact0street = <TEXT> admincontact0city = <TEXT> admincontact0state = <TEXT> admincontact0zip = <TEXT> admincontact0country = <TEXT> admincontact0phone = <TEXT> admincontact0fax = <TEXT> admincontact0email = <TEXT> admincontact0title = <TEXT> techcontact0 = <CONTACT> techcontact0organization = <TEXT> techcontact0firstname = <TEXT> techcontact0lastname = <TEXT> techcontact0street = <TEXT> techcontact0city = <TEXT> techcontact0state = <TEXT> techcontact0zip = <TEXT> techcontact0country = <TEXT> techcontact0phone = <TEXT> techcontact0fax = <TEXT> techcontact0email = <TEXT> techcontact0title = <TEXT> billingcontact0 = <CONTACT> billingcontact0organization = <TEXT> billingcontact0firstname = <TEXT> billingcontact0lastname = <TEXT> billingcontact0street = <TEXT> billingcontact0city = <TEXT> billingcontact0state = <TEXT> billingcontact0zip = <TEXT> billingcontact0country = <TEXT> billingcontact0phone = <TEXT> billingcontact0fax = <TEXT> billingcontact0email = <TEXT> billingcontact0title = <TEXT> csrcontact0 = <CONTACT> csrcontact0organization = <TEXT> csrcontact0firstname = <TEXT> csrcontact0lastname = <TEXT> csrcontact0street = <TEXT> csrcontact0city = <TEXT> csrcontact0state = <TEXT> csrcontact0zip = <TEXT> csrcontact0country = <TEXT> csrcontact0phone = <TEXT> csrcontact0fax = <TEXT> csrcontact0email = <TEXT> csrcontact0title = <TEXT> EOF </pre> <pre> [RESPONSE] CODE = 200 DESCRIPTION = Command completed successfully PROPERTY[SSLCERTID][0] = <SSLCERTID> PROPERTY[SSLCERTCLASS][0] = <CLASS> PROPERTY[STATUS][0] = REQUESTEDCREATE PROPERTY[CREATEDDATE][0] = <DATE> PROPERTY[REGISTRATIONEXPIRATIONDATE][0] = <DATE> PROPERTY[DOMAIN][0] = <DOMAIN> PROPERTY[DOMAIN][1] = <DOMAIN> ... PROPERTY[VALIDATION][0] = EMAIL|DNSZONE|URL PROPERTY[VALIDATION][1] = EMAIL|DNSZONE|URL ... PROPERTY[VALIDATIONEMAIL][0] = <EMAIL> PROPERTY[VALIDATIONEMAIL][1] = <EMAIL> ... PROPERTY[VALIDATIONDNSRR][0] = <TEXT> PROPERTY[VALIDATIONDNSRR][1] = <TEXT> ... PROPERTY[VALIDATIONURL][0] = <TEXT> PROPERTY[VALIDATIONURL][1] = <TEXT> ... PROPERTY[VALIDATIONURLCONTENT][0] = <TEXT> PROPERTY[VALIDATIONURLCONTENT][1] = <TEXT> ... PROPERTY[INTERNALDNS][0] = 0 | 1 PROPERTY[CSR][0] = -----BEGIN CERTIFICATE REQUEST----- PROPERTY[CSR][1] = ... ... PROPERTY[PEM][0] = -----BEGIN RSA PRIVATE KEY----- PROPERTY[PEM][1] = ... ... PROPERTY[KEYLENGTH][0] = <INT> PROPERTY[OWNERCONTACT0ORGANIZATION][0] = <TEXT> PROPERTY[OWNERCONTACT0FIRSTNAME][0] = <TEXT> PROPERTY[OWNERCONTACT0LASTNAME][0] = <TEXT> PROPERTY[OWNERCONTACT0STREET][0] = <TEXT> PROPERTY[OWNERCONTACT0CITY][0] = <TEXT> PROPERTY[OWNERCONTACT0STATE][0] = <TEXT> PROPERTY[OWNERCONTACT0ZIP][0] = <TEXT> PROPERTY[OWNERCONTACT0COUNTRY][0] = <TEXT> PROPERTY[OWNERCONTACT0PHONE][0] = <TEXT> PROPERTY[OWNERCONTACT0FAX][0] = <TEXT> PROPERTY[OWNERCONTACT0EMAIL][0] = <TEXT> PROPERTY[OWNERCONTACT0TITLE][0] = <TEXT> PROPERTY[ADMINCONTACT0ORGANIZATION][0] = <TEXT> PROPERTY[ADMINCONTACT0FIRSTNAME][0] = <TEXT> PROPERTY[ADMINCONTACT0LASTNAME][0] = <TEXT> PROPERTY[ADMINCONTACT0STREET][0] = <TEXT> PROPERTY[ADMINCONTACT0CITY][0] = <TEXT> PROPERTY[ADMINCONTACT0STATE][0] = <TEXT> PROPERTY[ADMINCONTACT0ZIP][0] = <TEXT> PROPERTY[ADMINCONTACT0COUNTRY][0] = <TEXT> PROPERTY[ADMINCONTACT0PHONE][0] = <TEXT> PROPERTY[ADMINCONTACT0FAX][0] = <TEXT> PROPERTY[ADMINCONTACT0EMAIL][0] = <TEXT> PROPERTY[ADMINCONTACT0TITLE][0] = <TEXT> PROPERTY[TECHCONTACT0ORGANIZATION][0] = <TEXT> PROPERTY[TECHCONTACT0FIRSTNAME][0] = <TEXT> PROPERTY[TECHCONTACT0LASTNAME][0] = <TEXT> PROPERTY[TECHCONTACT0STREET][0] = <TEXT> PROPERTY[TECHCONTACT0CITY][0] = <TEXT> PROPERTY[TECHCONTACT0STATE][0] = <TEXT> PROPERTY[TECHCONTACT0ZIP][0] = <TEXT> PROPERTY[TECHCONTACT0COUNTRY][0] = <TEXT> PROPERTY[TECHCONTACT0PHONE][0] = <TEXT> PROPERTY[TECHCONTACT0FAX][0] = <TEXT> PROPERTY[TECHCONTACT0EMAIL][0] = <TEXT> PROPERTY[TECHCONTACT0TITLE][0] = <TEXT> PROPERTY[BILLINGCONTACT0ORGANIZATION][0] = <TEXT> PROPERTY[BILLINGCONTACT0FIRSTNAME][0] = <TEXT> PROPERTY[BILLINGCONTACT0LASTNAME][0] = <TEXT> PROPERTY[BILLINGCONTACT0STREET][0] = <TEXT> PROPERTY[BILLINGCONTACT0CITY][0] = <TEXT> PROPERTY[BILLINGCONTACT0STATE][0] = <TEXT> PROPERTY[BILLINGCONTACT0ZIP][0] = <TEXT> PROPERTY[BILLINGCONTACT0COUNTRY][0] = <TEXT> PROPERTY[BILLINGCONTACT0PHONE][0] = <TEXT> PROPERTY[BILLINGCONTACT0FAX][0] = <TEXT> PROPERTY[BILLINGCONTACT0EMAIL][0] = <TEXT> PROPERTY[BILLINGCONTACT0TITLE][0] = <TEXT> PROPERTY[CSRCONTACT0ORGANIZATION][0] = <TEXT> PROPERTY[CSRCONTACT0FIRSTNAME][0] = <TEXT> PROPERTY[CSRCONTACT0LASTNAME][0] = <TEXT> PROPERTY[CSRCONTACT0STREET][0] = <TEXT> PROPERTY[CSRCONTACT0CITY][0] = <TEXT> PROPERTY[CSRCONTACT0STATE][0] = <TEXT> PROPERTY[CSRCONTACT0ZIP][0] = <TEXT> PROPERTY[CSRCONTACT0COUNTRY][0] = <TEXT> PROPERTY[CSRCONTACT0PHONE][0] = <TEXT> PROPERTY[CSRCONTACT0FAX][0] = <TEXT> PROPERTY[CSRCONTACT0EMAIL][0] = <TEXT> PROPERTY[CSRCONTACT0TITLE][0] = <TEXT> EOF </pre> <br> = Renew certificate (EPP) = '''Renew certificate''' <br> When no additional command parameters are provided, the current data is used for the certificate renewal: CSR, contact information, validation methods, validation email addresses, internaldns <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RenewSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Renew certificate with new contact data''' <br> When new contact data is provided, it will be used for the certificate renewal. Note that you have to provide all contact data for all contacts, not just the data that has changed. Also note that the current CSR will be re-used even if contact data has changed that is part of the CSR. See below to learn how to have a new CSR created. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RenewSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> <keyvalue:kv key='OWNERCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='ADMINCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='TECHCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='BILLINGCONTACT0' value='<CONTACT>' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Renew certificate with new contact data and a newly created CSR (current private key)''' <br> In order have a [[Automatic_SSL_Certificate_CSR_Creation|new CSR created]], use the command parameter ''createcsr=1''. The current private key associated with the certificate is used for this (unless a new one is created or provided, see below). If no private key is associated with the certificate, the command will fail. Also be reminded that if the certificate is associated with a ''csrcontact0'', its contact data is the relevant data for the CSR creation and must also be updated. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RenewSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> <keyvalue:kv key='OWNERCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='ADMINCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='TECHCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='BILLINGCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='CREATECSR' value='1' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Renew certificate with new contact data and a newly created CSR (newly created private key)''' <br> In order have a [[Automatic_SSL_Certificate_CSR_Creation|new private key and a new CSR created]], use the command parameter ''createprivatekey=1''. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RenewSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> <keyvalue:kv key='OWNERCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='ADMINCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='TECHCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='BILLINGCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='CREATEPRIVATEKEY' value='1' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Renew certificate with new contact data and a newly created CSR (provided private key)''' <br> This will [[Automatic_SSL_Certificate_CSR_Creation|create a new CSR]] using the provided private key. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RenewSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> <keyvalue:kv key='OWNERCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='ADMINCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='TECHCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='BILLINGCONTACT0' value='<CONTACT>' /> <keyvalue:kv key='PEM0' value='-----BEGIN RSA PRIVATE KEY-----' /> <keyvalue:kv key='PEM1' value='...' /> ... </keyvalue:extension> </extension> </epp> </pre> <br> '''Renew certificate with your own new CSR''' <br> <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RenewSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> <keyvalue:kv key='CSR0' value='-----BEGIN CERTIFICATE REQUEST-----' /> <keyvalue:kv key='CSR1' value='...' /> ... </keyvalue:extension> </extension> </epp> </pre> <br> '''Renew certificate choosing a different validation method''' <br> By default, the validation method chosen previously (when the certificate was created or renewed last time) will be used for the renewal. In order to specify a different validation method, the command parameter ''validation0'' must be used. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RenewSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> <keyvalue:kv key='VALIDATION0' value='EMAIL' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Renew certificate using DNSZONE validation''' <br> Prove domain control by setting the returned CNAME record. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RenewSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> <keyvalue:kv key='VALIDATION0' value='DNSZONE' /> </keyvalue:extension> </extension> </epp> </pre> RESPONSE: <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <response> <result code="1001"> <msg>Command completed successfully; action pending</msg> <extValue> <value xmlns:epp="urn:ietf:params:xml:ns:epp-1.0"> <epp:undef/> </value> <reason>200 Command completed successfully</reason> </extValue> </result> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key="SSLCERTID" value="<SSLCERTID>"/> <keyvalue:kv key="VALIDATIONDNSRR" value="abcde01234.<DOMAIN>. CNAME vwxyz56789.<DOMAIN>."/> </keyvalue:extension> </extension> <trID> <svTRID>RW-XXXX-XXXXXXXXXXXXXXXX</svTRID> </trID> </response> </epp> </pre> <br> '''Renew certificate and have it validated automatically''' <br> This only works with the validation method DNSZONE and if HEXONET's DNS Services are used for the domain. Set INTERNALDNS=1 in order to have the returned CNAME record inserted into the DNS zone file automatically. Note that it will not be removed automatically after successful validation. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RenewSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> <keyvalue:kv key='VALIDATION0' value='DNSZONE' /> <keyvalue:kv key='INTERNALDNS' value='1' /> </keyvalue:extension> </extension> </epp> </pre> RESPONSE: <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <response> <result code="1001"> <msg>Command completed successfully; action pending</msg> <extValue> <value xmlns:epp="urn:ietf:params:xml:ns:epp-1.0"> <epp:undef/> </value> <reason>200 Command completed successfully</reason> </extValue> </result> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key="SSLCERTID" value="<SSLCERTID>"/> <keyvalue:kv key="VALIDATIONDNSRR" value="abcde01234.<DOMAIN>. CNAME vwxyz56789.<DOMAIN>."/> </keyvalue:extension> </extension> <trID> <svTRID>RW-XXXX-XXXXXXXXXXXXXXXX</svTRID> </trID> </response> </epp> </pre> <br> '''Renew certificate using URL validation''' <br> Prove domain control by placing a file with a certain content at the root of the domain. The name and content of the file to be used are returned by the command. The file must be readable via an HTTP request. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RenewSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> <keyvalue:kv key='VALIDATION0' value='URL' /> </keyvalue:extension> </extension> </epp> </pre> RESPONSE: <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <response> <result code="1001"> <msg>Command completed successfully; action pending</msg> <extValue> <value xmlns:epp="urn:ietf:params:xml:ns:epp-1.0"> <epp:undef/> </value> <reason>200 Command completed successfully</reason> </extValue> </result> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key="SSLCERTID" value="<SSLCERTID>"/> <keyvalue:kv key="VALIDATIONURL" value="http://<DOMAIN>/abcde01234.txt"/> <keyvalue:kv key="VALIDATIONURLCONTENT" value="vwxyz56789"/> </keyvalue:extension> </extension> <trID> <svTRID>RW-XXXX-XXXXXXXXXXXXXXXX</svTRID> </trID> </response> </epp> </pre> <br> '''Renew certificate using EMAIL validation and specifying explicitly the validation email address''' <br> If a specific validation email address (different from ''ownercontact0email'') was used previously (when the certificate was created or renewed last time) it will be used again for the certificate renewal. In order to choose a different email address, the command parameter ''validationemail0'' must be used. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RenewSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> <keyvalue:kv key='VALIDATION0' value='EMAIL' /> <keyvalue:kv key='VALIDATIONEMAIL0' value='<EMAIL>' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Renew certificate with new plain contact data''' <br> <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RenewSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> <keyvalue:kv key='OWNERCONTACT0ORGANIZATION' value='Organization' /> <keyvalue:kv key='OWNERCONTACT0FIRSTNAME' value='Firstname' /> <keyvalue:kv key='OWNERCONTACT0LASTNAME' value='Lastname' /> <keyvalue:kv key='OWNERCONTACT0STREET' value='Street' /> <keyvalue:kv key='OWNERCONTACT0CITY' value='City' /> <keyvalue:kv key='OWNERCONTACT0STATE' value='State' /> <keyvalue:kv key='OWNERCONTACT0ZIP' value='Zip' /> <keyvalue:kv key='OWNERCONTACT0COUNTRY' value='Country' /> <keyvalue:kv key='OWNERCONTACT0PHONE' value='Phone' /> <keyvalue:kv key='OWNERCONTACT0FAX' value='Fax' /> <keyvalue:kv key='OWNERCONTACT0EMAIL' value='Email' /> <keyvalue:kv key='OWNERCONTACT0TITLE' value='Title' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''All parameters''' <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RenewSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> <keyvalue:kv key='PERIOD' value='<INT>' /> <keyvalue:kv key='DOMAIN0' value='<DOMAIN>' /> <keyvalue:kv key='DOMAIN1' value='<DOMAIN>' /> ... <keyvalue:kv key='VALIDATION0' value='EMAIL | DNSZONE | URL' /> <keyvalue:kv key='VALIDATION1' value='EMAIL | DNSZONE | URL' /> ... <keyvalue:kv key='VALIDATIONEMAIL0' value='<EMAIL>' /> <keyvalue:kv key='VALIDATIONEMAIL1' value='<EMAIL>' /> ... <keyvalue:kv key='INTERNALDNS' value='0 | 1' /> <keyvalue:kv key='CSR0' value='-----BEGIN CERTIFICATE REQUEST-----' /> <keyvalue:kv key='CSR1' value='...' /> ... <keyvalue:kv key='CREATECSR' value='0 | 1' /> <keyvalue:kv key='PEM0' value='-----BEGIN RSA PRIVATE KEY-----' /> <keyvalue:kv key='PEM1' value='...' /> ... <keyvalue:kv key='CREATEPRIVATEKEY' value='0 | 1' /> <keyvalue:kv key='KEYLENGTH' value='<INT>' /> <keyvalue:kv key='ownercontact0' value='<CONTACT>' /> <keyvalue:kv key='ownercontact0organization' value='<TEXT>' /> <keyvalue:kv key='ownercontact0firstname' value='<TEXT>' /> <keyvalue:kv key='ownercontact0lastname' value='<TEXT>' /> <keyvalue:kv key='ownercontact0street' value='<TEXT>' /> <keyvalue:kv key='ownercontact0city' value='<TEXT>' /> <keyvalue:kv key='ownercontact0state' value='<TEXT>' /> <keyvalue:kv key='ownercontact0zip' value='<TEXT>' /> <keyvalue:kv key='ownercontact0country' value='<TEXT>' /> <keyvalue:kv key='ownercontact0phone' value='<TEXT>' /> <keyvalue:kv key='ownercontact0fax' value='<TEXT>' /> <keyvalue:kv key='ownercontact0email' value='<TEXT>' /> <keyvalue:kv key='ownercontact0title' value='<TEXT>' /> <keyvalue:kv key='admincontact0' value='<CONTACT>' /> <keyvalue:kv key='admincontact0organization' value='<TEXT>' /> <keyvalue:kv key='admincontact0firstname' value='<TEXT>' /> <keyvalue:kv key='admincontact0lastname' value='<TEXT>' /> <keyvalue:kv key='admincontact0street' value='<TEXT>' /> <keyvalue:kv key='admincontact0city' value='<TEXT>' /> <keyvalue:kv key='admincontact0state' value='<TEXT>' /> <keyvalue:kv key='admincontact0zip' value='<TEXT>' /> <keyvalue:kv key='admincontact0country' value='<TEXT>' /> <keyvalue:kv key='admincontact0phone' value='<TEXT>' /> <keyvalue:kv key='admincontact0fax' value='<TEXT>' /> <keyvalue:kv key='admincontact0email' value='<TEXT>' /> <keyvalue:kv key='admincontact0title' value='<TEXT>' /> <keyvalue:kv key='techcontact0' value='<CONTACT>' /> <keyvalue:kv key='techcontact0organization' value='<TEXT>' /> <keyvalue:kv key='techcontact0firstname' value='<TEXT>' /> <keyvalue:kv key='techcontact0lastname' value='<TEXT>' /> <keyvalue:kv key='techcontact0street' value='<TEXT>' /> <keyvalue:kv key='techcontact0city' value='<TEXT>' /> <keyvalue:kv key='techcontact0state' value='<TEXT>' /> <keyvalue:kv key='techcontact0zip' value='<TEXT>' /> <keyvalue:kv key='techcontact0country' value='<TEXT>' /> <keyvalue:kv key='techcontact0phone' value='<TEXT>' /> <keyvalue:kv key='techcontact0fax' value='<TEXT>' /> <keyvalue:kv key='techcontact0email' value='<TEXT>' /> <keyvalue:kv key='techcontact0title' value='<TEXT>' /> <keyvalue:kv key='billingcontact0' value='<CONTACT>' /> <keyvalue:kv key='billingcontact0organization' value='<TEXT>' /> <keyvalue:kv key='billingcontact0firstname' value='<TEXT>' /> <keyvalue:kv key='billingcontact0lastname' value='<TEXT>' /> <keyvalue:kv key='billingcontact0street' value='<TEXT>' /> <keyvalue:kv key='billingcontact0city' value='<TEXT>' /> <keyvalue:kv key='billingcontact0state' value='<TEXT>' /> <keyvalue:kv key='billingcontact0zip' value='<TEXT>' /> <keyvalue:kv key='billingcontact0country' value='<TEXT>' /> <keyvalue:kv key='billingcontact0phone' value='<TEXT>' /> <keyvalue:kv key='billingcontact0fax' value='<TEXT>' /> <keyvalue:kv key='billingcontact0email' value='<TEXT>' /> <keyvalue:kv key='billingcontact0title' value='<TEXT>' /> <keyvalue:kv key='csrcontact0' value='<CONTACT>' /> <keyvalue:kv key='csrcontact0organization' value='<TEXT>' /> <keyvalue:kv key='csrcontact0firstname' value='<TEXT>' /> <keyvalue:kv key='csrcontact0lastname' value='<TEXT>' /> <keyvalue:kv key='csrcontact0street' value='<TEXT>' /> <keyvalue:kv key='csrcontact0city' value='<TEXT>' /> <keyvalue:kv key='csrcontact0state' value='<TEXT>' /> <keyvalue:kv key='csrcontact0zip' value='<TEXT>' /> <keyvalue:kv key='csrcontact0country' value='<TEXT>' /> <keyvalue:kv key='csrcontact0phone' value='<TEXT>' /> <keyvalue:kv key='csrcontact0fax' value='<TEXT>' /> <keyvalue:kv key='csrcontact0email' value='<TEXT>' /> <keyvalue:kv key='csrcontact0title' value='<TEXT>' /> </keyvalue:extension> </extension> </epp> </pre> RESPONSE: <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <response> <result code="1001"> <msg>Command completed successfully; action pending</msg> <extValue> <value xmlns:epp="urn:ietf:params:xml:ns:epp-1.0"> <epp:undef/> </value> <reason>200 Command completed successfully</reason> </extValue> </result> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key="SSLCERTID" value="<SSLCERTID>"/> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='STATUS' value='REQUESTEDCREATE' /> <keyvalue:kv key='CREATEDDATE' value='<DATE>' /> <keyvalue:kv key='REGISTRATIONEXPIRATIONDATE' value='<DATE>' /> <keyvalue:kv key='DOMAIN' value='<DOMAIN>' /> <keyvalue:kv key='DOMAIN1' value='<DOMAIN>' /> ... <keyvalue:kv key='VALIDATION' value='EMAIL|DNSZONE|URL' /> <keyvalue:kv key='VALIDATION1' value='EMAIL|DNSZONE|URL' /> ... <keyvalue:kv key='VALIDATIONEMAIL' value='<EMAIL>' /> <keyvalue:kv key='VALIDATIONEMAIL1' value='<EMAIL>' /> ... <keyvalue:kv key='VALIDATIONDNSRR' value='<TEXT>' /> <keyvalue:kv key='VALIDATIONDNSRR1' value='<TEXT>' /> ... <keyvalue:kv key='VALIDATIONURL' value='<TEXT>' /> <keyvalue:kv key='VALIDATIONURL1' value='<TEXT>' /> ... <keyvalue:kv key='VALIDATIONURLCONTENT' value='<TEXT>' /> <keyvalue:kv key='VALIDATIONURLCONTENT1' value='<TEXT>' /> ... <keyvalue:kv key='INTERNALDNS' value='0 | 1' /> <keyvalue:kv key='CSR' value='-----BEGIN CERTIFICATE REQUEST-----' /> <keyvalue:kv key='CSR1' value='...' /> ... <keyvalue:kv key='PEM' value='-----BEGIN RSA PRIVATE KEY-----' /> <keyvalue:kv key='PEM1' value='...' /> ... <keyvalue:kv key='KEYLENGTH' value='<INT>' /> <keyvalue:kv key='OWNERCONTACT0ORGANIZATION' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0FIRSTNAME' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0LASTNAME' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0STREET' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0CITY' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0STATE' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0ZIP' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0COUNTRY' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0PHONE' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0FAX' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0EMAIL' value='<TEXT>' /> <keyvalue:kv key='OWNERCONTACT0TITLE' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0ORGANIZATION' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0FIRSTNAME' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0LASTNAME' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0STREET' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0CITY' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0STATE' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0ZIP' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0COUNTRY' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0PHONE' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0FAX' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0EMAIL' value='<TEXT>' /> <keyvalue:kv key='ADMINCONTACT0TITLE' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0ORGANIZATION' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0FIRSTNAME' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0LASTNAME' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0STREET' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0CITY' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0STATE' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0ZIP' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0COUNTRY' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0PHONE' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0FAX' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0EMAIL' value='<TEXT>' /> <keyvalue:kv key='TECHCONTACT0TITLE' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0ORGANIZATION' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0FIRSTNAME' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0LASTNAME' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0STREET' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0CITY' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0STATE' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0ZIP' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0COUNTRY' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0PHONE' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0FAX' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0EMAIL' value='<TEXT>' /> <keyvalue:kv key='BILLINGCONTACT0TITLE' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0ORGANIZATION' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0FIRSTNAME' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0LASTNAME' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0STREET' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0CITY' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0STATE' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0ZIP' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0COUNTRY' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0PHONE' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0FAX' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0EMAIL' value='<TEXT>' /> <keyvalue:kv key='CSRCONTACT0TITLE' value='<TEXT>' /> </keyvalue:extension> </extension> <trID> <svTRID>RW-XXXX-XXXXXXXXXXXXXXXX</svTRID> </trID> </response> </epp> </pre> = Other commands (API) = '''Parse CSR''' <br> Have a CSR checked. <pre> [COMMAND] command = ParseSSLCertCSR csr# = <TEXT> EOF </pre> <br> '''Resend validation email''' <br> Have another validation email send to the validation email address. <pre> [COMMAND] command = ResendSSLCertEmail sslcertid = <SSLCERTID> EOF </pre> <br> '''Request list of possible validation email addresses''' <br> Find out all possible validation email addresses for a certain certificate class and a certain domain name. <pre> [COMMAND] command = QuerySSLCertDCVEMailAddressList sslcertclass = <CLASS> domain = <DOMAIN> EOF </pre> <br> '''Reissue SSL certificate''' <br> With this command you request to have an existing certificate replaced with a new one. This is useful when your private key got compromised, for example. A Reissue is free of charge, but note that you have to go through a validation process again. <pre> [COMMAND] command = ReissueSSLCert sslcertid = <SSLCERTID> csr# = <TEXT> EOF </pre> <br> '''Revoke SSL certificate''' <br> With this command you request that your certificate is being nullified. This is appropriate when your private key got compromised. <pre> [COMMAND] command = RevokeSSLCert sslcertid = <SSLCERTID> EOF </pre> <br> '''Get status of SSL certificate order''' <br> <pre> [COMMAND] command = StatusSSLCert sslcertid = <SSLCERTID> EOF </pre> <br> '''Status values:'''<br> <br> '''ACTIVE''' - certificate successfully issued '''REQUESTED / REQUESTEDCREATE''' - certificate has been requested at the certificate supplier '''PENDING / PENDINGCREATE''' - certificate order has been successfully transmitted to the certificate supplier '''FAILED''' - certificate order has failed '''REPLACED''' - certificate has been replaced by a new certificate '''REVOKED''' - certificate has been revoked '''REQUESTEDRENEW''' - certificate renewal has been requested at the certificate supplier '''PENDINGRENEW''' - certificate renewal request has been successfully transmitted to the certificate supplier '''REQUESTEDREISSUE''' - re-issue has been requested at the certificate supplier '''PENDINGREISSUE''' - re-issue request has been successfully transmitted to the certificate supplier = Other commands (EPP) = '''Parse CSR''' <br> Have a CSR checked. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='ParseSSLCertCSR' /> <keyvalue:kv key='CSR0' value='-----BEGIN CERTIFICATE REQUEST-----' /> <keyvalue:kv key='CSR1' value='...' /> ... </keyvalue:extension> </extension> </epp> </pre> <br> '''Resend validation email''' <br> Have another validation email send to the validation email address. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='ResendSSLCertEmail' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Request list of possible validation email addresses''' <br> Find out all possible validation email addresses for a certain certificate class and a certain domain name. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='QuerySSLCertDCVEMailAddressList' /> <keyvalue:kv key='SSLCERTCLASS' value='<CLASS>' /> <keyvalue:kv key='DOMAIN' value='<DOMAIN>' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Reissue SSL certificate''' <br> With this command you request to have an existing certificate replaced with a new one. This is useful when your private key got compromised, for example. A Reissue is free of charge, but note that you have to go through a validation process again. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='ReissueSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> <keyvalue:kv key='CSR0' value='-----BEGIN CERTIFICATE REQUEST-----' /> <keyvalue:kv key='CSR1' value='...' /> ... </keyvalue:extension> </extension> </epp> </pre> <br> '''Revoke SSL certificate''' <br> With this command you request that your certificate is being nullified. This is appropriate when your private key got compromised. <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='RevokeSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Get status of SSL certificate order''' <br> <pre> <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> <extension> <keyvalue:extension xmlns:keyvalue="http://schema.ispapi.net/epp/xml/keyvalue-1.0" xsi:schemaLocation="http://schema.ispapi.net/epp/xml/keyvalue-1.0 keyvalue-1.0.xsd"> <keyvalue:kv key='COMMAND' value='StatusSSLCert' /> <keyvalue:kv key='SSLCERTID' value='<SSLCERTID>' /> </keyvalue:extension> </extension> </epp> </pre> <br> '''Status values:'''<br> <br> '''ACTIVE''' - certificate successfully issued '''REQUESTED / REQUESTEDCREATE''' - certificate has been requested at the certificate supplier '''PENDING / PENDINGCREATE''' - certificate order has been successfully transmitted to the certificate supplier '''FAILED''' - certificate order has failed '''REPLACED''' - certificate has been replaced by a new certificate '''REVOKED''' - certificate has been revoked '''REQUESTEDRENEW''' - certificate renewal has been requested at the certificate supplier '''PENDINGRENEW''' - certificate renewal request has been successfully transmitted to the certificate supplier '''REQUESTEDREISSUE''' - re-issue has been requested at the certificate supplier '''PENDINGREISSUE''' - re-issue request has been successfully transmitted to the certificate supplier <headertabs/> == Additional information == [[How_to_create_a_CSR-file|How to create a CSR file]]<br> [[How_to_install_an_SSL_certificate|How to install an SSL certificate]]
Summary:
Please note that all contributions to Webhosting24 Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
My wiki:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Toggle limited content width
