{"openapi":"3.0.0","servers":[{"url":"//api.ote-godaddy.com"}],"info":{"title":"","version":"1.0.0","x-apisguru-categories":["hosting"],"x-origin":[{"format":"swagger","url":"https://developer.godaddy.com/swagger/swagger_certificates.json","version":"2.0"}],"x-providerName":"ote-godaddy.com","x-serviceName":"certificates"},"tags":[{"description":"","name":"v1"},{"description":"","name":"v2"}],"paths":{"/v1/certificates":{"post":{"description":"

Creating a certificate order can be a long running asynchronous operation in the PKI workflow. The PKI API supports 2 options for getting the completion stateful actions for this asynchronous operations: 1) by polling operations -- see /v1/certificates/{certificateId}/actions 2) via WebHook style callback -- see '/v1/certificates/{certificateId}/callback'.

","operationId":"certificate_create","parameters":[{"description":"Setting locale for communications such as emails and error messages","in":"header","name":"X-Market-Id","required":false,"schema":{"default":"Default locale for shopper account","type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateCreate"}}},"description":"The certificate order information","required":true},"responses":{"202":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateIdentifier"}}},"description":"Request was successful"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate state does not allow renew"},"422":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"`email` is not empty
`csr` is invalid"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Create a pending order for certificate","tags":["v1"]}},"/v1/certificates/validate":{"post":{"operationId":"certificate_validate","parameters":[{"description":"Setting locale for communications such as emails and error messages","in":"header","name":"X-Market-Id","required":false,"schema":{"default":"Default locale for shopper account","type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateCreate"}}},"description":"The certificate order info","required":true},"responses":{"204":{"description":"Request validated successfully"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate state does not allow renew"},"422":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"`email` is not empty
`csr` is invalid"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Validate a pending order for certificate","tags":["v1"]}},"/v1/certificates/{certificateId}":{"get":{"description":"Once the certificate order has been created, this method can be used to check the status of the certificate. This method can also be used to retrieve details of the certificate.","operationId":"certificate_get","parameters":[{"description":"Certificate id to lookup","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Certificate"}}},"description":"Certificate details retrieved"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate id not found"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Retrieve certificate details","tags":["v1"]}},"/v1/certificates/{certificateId}/actions":{"get":{"description":"This method is used to retrieve all stateful actions relating to a certificate lifecycle.","operationId":"certificate_action_retrieve","parameters":[{"description":"Certificate id to register for callback","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ArrayOfCertificateAction"}}},"description":"Action retrieval successful"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate not found"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Retrieve all certificate actions","tags":["v1"]}},"/v1/certificates/{certificateId}/callback":{"delete":{"description":"Unregister the callback for a particular certificate.","operationId":"certificate_callback_delete","parameters":[{"description":"Certificate id to unregister callback","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Callback removed"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate id not found"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Unregister system callback","tags":["v1"]},"get":{"description":"This method is used to retrieve the registered callback url for a certificate.","operationId":"certificate_callback_get","parameters":[{"description":"Certificate id to register for stateful action callback","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateCallback"}}},"description":"Callback registered"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate id not found"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Retrieve system stateful action callback url","tags":["v1"]},"put":{"description":"This method is used to register/replace url for callbacks for stateful actions relating to a certificate lifecycle. The callback url is a Webhook style pattern and will receive POST http requests with json body defined in the CertificateAction model definition for each certificate action. Only one callback URL is allowed to be registered for each certificateId, so it will replace a previous registration.","operationId":"certificate_callback_replace","parameters":[{"description":"Certificate id to register/replace for callback","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}},{"description":"Callback url registered/replaced to receive stateful actions","in":"query","name":"callbackUrl","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Callback replaced/registered"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate id not found"},"422":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Callback url is missing
Callback url is malformed"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Register of certificate action callback","tags":["v1"]}},"/v1/certificates/{certificateId}/cancel":{"post":{"description":"Use the cancel call to cancel a pending certificate order.","operationId":"certificate_cancel","parameters":[{"description":"Certificate id to cancel","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Certificate order has been canceled"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate id not found"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate state does not allow cancel"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Cancel a pending certificate","tags":["v1"]}},"/v1/certificates/{certificateId}/download":{"get":{"operationId":"certificate_download","parameters":[{"description":"Certificate id to download","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateBundle"}}},"description":"Certificate retrieved"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate id not found"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate state does not allow download"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Download certificate","tags":["v1"]}},"/v1/certificates/{certificateId}/email/history":{"get":{"description":"This method can be used to retrieve all emails sent for a certificate.","operationId":"certificate_email_history","parameters":[{"description":"Certificate id to retrieve email history","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateEmailHistory"}}},"description":"Email history retrieval successful"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Email history not found"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Retrieve email history","tags":["v1"]}},"/v1/certificates/{certificateId}/email/resend/{emailAddress}":{"post":{"description":"This method adds an alternate email address to a certificate order and re-sends all existing request emails to that address.","operationId":"certificate_alternate_email_address","parameters":[{"description":"Certificate id to resend emails","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}},{"description":"Specific email address to resend email","in":"path","name":"emailAddress","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateEmailHistory"}}},"description":"Alternate email address added and emails re-sent"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate not found"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate state does not allow alternate email address"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Add alternate email address","tags":["v1"]}},"/v1/certificates/{certificateId}/email/{emailId}/resend":{"post":{"description":"This method can be used to resend emails by providing the certificate id and the email id","operationId":"certificate_resend_email","parameters":[{"description":"Certificate id to resend email","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}},{"description":"Email id for email to resend","in":"path","name":"emailId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Email sent successfully"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate not found"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Email Id not found"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Resend an email","tags":["v1"]}},"/v1/certificates/{certificateId}/email/{emailId}/resend/{emailAddress}":{"post":{"description":"This method can be used to resend emails by providing the certificate id, the email id, and the recipient email address","operationId":"certificate_resend_email_address","parameters":[{"description":"Certificate id to resend emails","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}},{"description":"Email id for email to resend","in":"path","name":"emailId","required":true,"schema":{"type":"string"}},{"description":"Specific email address to resend email","in":"path","name":"emailAddress","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Email sent successfully"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate not found"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Email Id not found"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Resend email to email address","tags":["v1"]}},"/v1/certificates/{certificateId}/reissue":{"post":{"description":"

Rekeying is the process by which the private and public key is changed for a certificate. It is a simplified reissue,where only the CSR is changed. Reissuing is the process by which domain names are added or removed from a certificate.Once a request is validated and approved, the certificate will be reissued with the new common name and sans specified. Unlimited reissues are available during the lifetime of the certificate.New names added to a certificate that do not share the base domain of the common name may take additional time to validate. If this API call is made before a previous pending reissue has been validated and issued, the previous reissue request is automatically rejected and replaced with the current request.

","operationId":"certificate_reissue","parameters":[{"description":"Certificate id to reissue","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateReissue"}}},"description":"The reissue request info","required":true},"responses":{"202":{"description":"Reissue request created"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate id not found"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate state does not allow reissue"},"422":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"`csr` is invalid
Delay revocation exceeds maximum"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Reissue active certificate","tags":["v1"]}},"/v1/certificates/{certificateId}/renew":{"post":{"description":"Renewal is the process by which the validity of a certificate is extended. Renewal is only available 60 days prior to expiration of the previous certificate and 30 days after the expiration of the previous certificate. The renewal supports modifying a set of the original certificate order information. Once a request is validated and approved, the certificate will be issued with extended validity. Since subject alternative names can be removed during a renewal, we require that you provide the subject alternative names you expect in the renewed certificate. New names added to a certificate that do not share the base domain of the common name may take additional time to validate.

","operationId":"certificate_renew","parameters":[{"description":"Certificate id to renew","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateRenew"}}},"description":"The renew request info","required":true},"responses":{"202":{"description":"Renew request created"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate id not found"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate state does not allow renew"},"422":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"`csr` is invalid"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Renew active certificate","tags":["v1"]}},"/v1/certificates/{certificateId}/revoke":{"post":{"description":"Use revoke call to revoke an active certificate, if the certificate has not been issued a 404 response will be returned.","operationId":"certificate_revoke","parameters":[{"description":"Certificate id to revoke","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateRevoke"}}},"description":"The certificate revocation request","required":true},"responses":{"204":{"description":"Certificate Revoked"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate id not found"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate state does not allow revoke"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Revoke active certificate","tags":["v1"]}},"/v1/certificates/{certificateId}/siteSeal":{"get":{"description":"

This method is used to obtain the site seal information for an issued certificate. A site seal is a graphic that the certificate purchaser can embed on their web site to show their visitors information about their SSL certificate. If a web site visitor clicks on the site seal image, a pop-up page is displayed that contains detailed information about the SSL certificate. The site seal token is used to link the site seal graphic image to the appropriate certificate details pop-up page display when a user clicks on the site seal. The site seal images are expected to be static images and hosted on the reseller's website, to minimize delays for customer page load times.

","operationId":"certificate_siteseal_get","parameters":[{"description":"Certificate id","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}},{"description":"This value represents the visual theme of the seal. If seal doesn't exist, default values are used if params not present. If seal does exist, default values will not be used to update unless params present.","in":"query","name":"theme","required":false,"schema":{"default":"LIGHT","enum":["DARK","LIGHT"],"type":"string"}},{"description":"Determine locale for text displayed in seal image and verification page. If seal doesn't exist, default values are used if params not present. If seal does exist, default values will not be used to update unless params present.","in":"query","name":"locale","required":false,"schema":{"default":"en","type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateSiteSeal"}}},"description":"Site seal retrieved"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate id not found"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate state does not allow seal"},"422":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"'locale' is invalid"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Get Site seal","tags":["v1"]}},"/v1/certificates/{certificateId}/verifyDomainControl":{"post":{"description":"Domain control is a means for verifying the domain included in the certificate order. This resource is useful for resellers that control the domains for their customers, and can expedite the verification process. See https://www.godaddy.com/help/verifying-your-domain-ownership-for-ssl-certificate-requests-html-or-dns-7452","operationId":"certificate_verifydomaincontrol","parameters":[{"description":"Certificate id to lookup","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Domain control was successful"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate id not found"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Domain control was not successful
Certificate state does not allow domain control"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Check Domain Control","tags":["v1"]}},"/v2/certificates":{"get":{"description":"Once the certificate order has been created, this method can be used to check the status of the certificate. This method can also be used to retrieve details of the certificates associated to an entitlement.","operationId":"certificate_get_entitlement","parameters":[{"description":"Entitlement id to lookup","in":"query","name":"entitlementId","required":true,"schema":{"type":"string"}},{"description":"Fetch only the most recent certificate","in":"query","name":"latest","required":false,"schema":{"default":true,"type":"boolean"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/Certificate"},"type":"array"}}},"description":"Certificate details retrieved"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"422":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Entitlement id not provided"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Search for certificate details by entitlement","tags":["v1"]}},"/v2/certificates/download":{"get":{"operationId":"certificate_download_entitlement","parameters":[{"description":"Entitlement id to download","in":"query","name":"entitlementId","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateBundle"}}},"description":"Certificate retrieved"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Request was malformed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or invalid"},"403":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Entitlement id not found"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Certificate state does not allow download"},"422":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Entitlement id not provided"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error"}},"summary":"Download certificate by entitlement","tags":["v1"]}},"/v2/customers/{customerId}/certificates":{"get":{"description":"This method can be used to retrieve a list of certificates for a specified customer. ","operationId":"getCustomerCertificatesByCustomerId","parameters":[{"$ref":"#/components/parameters/customerId"},{"$ref":"#/components/parameters/offset"},{"$ref":"#/components/parameters/limit"}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateSummariesV2"}}},"description":"Customer certificate information retrieved."},"401":{"$ref":"#/components/responses/401"},"403":{"$ref":"#/components/responses/403"},"422":{"$ref":"#/components/responses/422"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"}},"summary":"Retrieve customer's certificates","tags":["v2"]}},"/v2/customers/{customerId}/certificates/acme/externalAccountBinding":{"get":{"description":"Use this endpoint to retrieve a key identifier and Hash-based Message Authentication Code (HMAC) key for Automated Certificate Management Environment (ACME) External Account Binding (EAB). These credentials can be used with an ACME client that supports EAB (ex. CertBot) to automate the issuance request and deployment of DV SSL certificates","operationId":"getAcmeExternalAccountBinding","parameters":[{"$ref":"#/components/parameters/customerId"}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ExternalAccountBinding"}}},"description":"Acme key identifier and HMAC key for the external account binding. Directory URI is also provided for making ACME requests."},"401":{"$ref":"#/components/responses/401"},"403":{"$ref":"#/components/responses/403"},"404":{"$ref":"#/components/responses/404"},"422":{"$ref":"#/components/responses/422"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"}},"summary":"Retrieves the external account binding for the specified customer","tags":["v2"]}},"/v2/customers/{customerId}/certificates/{certificateId}":{"get":{"description":"Once the certificate order has been created, this method can be used to check the status of the certificate. This method can also be used to retrieve details of the certificate. ","operationId":"getCertificateDetailByCertIdentifier","parameters":[{"$ref":"#/components/parameters/customerId"},{"$ref":"#/components/parameters/certificateId"}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CertificateDetailV2"}}},"description":"Certificate details retrieved"},"401":{"$ref":"#/components/responses/401"},"403":{"$ref":"#/components/responses/403"},"404":{"$ref":"#/components/responses/404"},"422":{"$ref":"#/components/responses/422"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"}},"summary":"Retrieve individual certificate details","tags":["v2"]}},"/v2/customers/{customerId}/certificates/{certificateId}/domainVerifications":{"get":{"description":"This method can be used to retrieve the domain verification status for a certificate request.\"","operationId":"getDomainInformationByCertificateId","parameters":[{"$ref":"#/components/parameters/customerId"},{"$ref":"#/components/parameters/certificateId"}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/DomainVerificationSummary"},"type":"array"}}},"description":"Domain verification status list for specified certificateId."},"401":{"$ref":"#/components/responses/401"},"403":{"$ref":"#/components/responses/403"},"404":{"$ref":"#/components/responses/404"},"422":{"$ref":"#/components/responses/422"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"}},"summary":"Retrieve domain verification status","tags":["v2"]}},"/v2/customers/{customerId}/certificates/{certificateId}/domainVerifications/{domain}":{"get":{"description":"Retrieve detailed information for supplied domain, including domain verification details and Certificate Authority Authorization (CAA) verification details. ","operationId":"getDomainDetailsByDomain","parameters":[{"$ref":"#/components/parameters/customerId"},{"$ref":"#/components/parameters/certificateId"},{"$ref":"#/components/parameters/domain"}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/DomainVerificationDetail"}}},"description":"Retrieve detailed information for supplied domain, including domain verification details and Certificate Authority Authorization (CAA) verification details."},"401":{"$ref":"#/components/responses/401"},"403":{"$ref":"#/components/responses/403"},"404":{"$ref":"#/components/responses/404"},"422":{"$ref":"#/components/responses/422"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"}},"summary":"Retrieve detailed information for supplied domain","tags":["v2"]}}},"components":{"parameters":{"certificateId":{"description":"Certificate id to lookup","in":"path","name":"certificateId","required":true,"schema":{"type":"string"}},"customerId":{"description":"An identifier for a customer","in":"path","name":"customerId","required":true,"schema":{"type":"string"}},"domain":{"description":"A valid domain name in the certificate request","in":"path","name":"domain","required":true,"schema":{"format":"domain","type":"string"}},"limit":{"description":"Maximum number of items to return","in":"query","name":"limit","required":false,"schema":{"format":"integer-positive","pattern":"^[0-9]+$","type":"integer"}},"offset":{"description":"Number of results to skip for pagination","in":"query","name":"offset","required":false,"schema":{"format":"integer-positive","pattern":"^[0-9]+$","type":"integer"}}},"responses":{"401":{"content":{"*/*":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authentication info not sent or is invalid","x-error-codes":["UNAUTHORIZED"]},"403":{"content":{"*/*":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Authenticated user is not allowed access","x-error-codes":["ACCESS_DENIED"]},"404":{"content":{"*/*":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Resource not found","x-error-codes":["NOT_FOUND"]},"422":{"content":{"*/*":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Application-specific request error","x-error-codes":["INVALID_INPUT"]},"429":{"content":{"*/*":{"schema":{"$ref":"#/components/schemas/ErrorLimit"}}},"description":"Too many requests received within interval","x-error-codes":["RATE_LIMITED"]},"500":{"content":{"*/*":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Internal server error","x-error-codes":["INTERNAL_SERVER_ERROR"]}},"schemas":{"ArrayOfCertificateAction":{"items":{"$ref":"#/components/schemas/CertificateAction"},"type":"array"},"Certificate":{"properties":{"certificateId":{"description":"The unique identifier of the certificate request. Only present if no errors returned","type":"string"},"commonName":{"description":"Common name of certificate","type":"string"},"contact":{"$ref":"#/components/schemas/CertificateContact"},"createdAt":{"description":"The date the certificate was ordered.","format":"iso-datetime","type":"string"},"deniedReason":{"description":"Only present if certificate order has been denied","type":"string"},"organization":{"$ref":"#/components/schemas/CertificateOrganization"},"period":{"description":"Validity period of order. Specified in years","type":"integer"},"productType":{"description":"Certificate product type","enum":["DV_SSL","DV_WILDCARD_SSL","EV_SSL","OV_CS","OV_DS","OV_SSL","OV_WILDCARD_SSL","UCC_DV_SSL","UCC_EV_SSL","UCC_OV_SSL"],"type":"string"},"progress":{"description":"Percentage of completion for certificate vetting","type":"integer"},"revokedAt":{"description":"The revocation date of certificate (if revoked).","format":"iso-datetime","type":"string"},"rootType":{"description":"Root Type","enum":["GODADDY_SHA_1","GODADDY_SHA_2","STARFIELD_SHA_1","STARFIELD_SHA_2"],"type":"string"},"serialNumber":{"description":"Serial number of certificate (if issued or revoked)","type":"string"},"serialNumberHex":{"description":"Hexadecmial format for Serial number of certificate(if issued or revoked)","type":"string"},"slotSize":{"description":"Number of subject alternative names(SAN) to be included in certificate ","enum":["FIVE","TEN","FIFTEEN","TWENTY","THIRTY","FOURTY","FIFTY","ONE_HUNDRED"],"type":"string"},"status":{"description":"Status of certificate","enum":["PENDING_ISSUANCE","ISSUED","REVOKED","CANCELED","DENIED","PENDING_REVOCATION","PENDING_REKEY","UNUSED","EXPIRED"],"type":"string"},"subjectAlternativeNames":{"description":"Contains subject alternative names set","items":{"$ref":"#/components/schemas/SubjectAlternativeNameDetails"},"type":"array"},"validEnd":{"description":"The end date of the certificate's validity (if issued or revoked).","format":"iso-datetime","type":"string"},"validStart":{"description":"The start date of the certificate's validity (if issued or revoked).","format":"iso-datetime","type":"string"}},"required":["certificateId","status","contact","period","createdAt","productType"]},"CertificateAction":{"properties":{"createdAt":{"description":"Date action created","format":"iso-datetime","type":"string"},"type":{"enum":["CERTIFICATE_ISSUED","CERTIFICATE_ORDER_CANCELED","CERTIFICATE_ORDER_CREATED","CERTIFICATE_REVOKED","DOMAIN_VALIDATION_COMPLETE","FRAUD_DETECTED","ORG_NAME_CHANGE","ORG_VALIDATION_COMPLETE","SAN_DROP"],"type":"string"}},"required":["type","createdAt"]},"CertificateAddress":{"properties":{"address1":{"description":"Address line 1 of organization address","type":"string"},"address2":{"description":"Address line 2 of organization address","type":"string"},"city":{"description":"City/Locality of organization address","type":"string"},"country":{"description":"Two character country code of organization","enum":["AC","AD","AE","AF","AG","AI","AL","AM","AN","AO","AQ","AR","AS","AT","AU","AW","AZ","BA","BB","BD","BE","BF","BG","BH","BI","BJ","BM","BN","BO","BR","BS","BT","BV","BW","BY","BZ","CA","CC","CD","CF","CG","CH","CI","CK","CL","CM","CN","CO","CR","CV","CX","CY","CZ","DE","DJ","DK","DM","DO","DZ","EC","EE","EG","EH","ER","ES","ET","FI","FJ","FK","FM","FO","FR","GA","GB","GD","GE","GF","GG","GH","GI","GL","GM","GN","GP","GQ","GR","GS","GT","GU","GW","GY","HK","HM","HN","HR","HT","HU","ID","IE","IL","IM","IN","IO","IQ","IS","IT","JE","JM","JO","JP","KE","KG","KH","KI","KM","KN","KR","KW","KY","KZ","LA","LB","LC","LI","LK","LR","LS","LT","LU","LV","LY","MA","MC","MD","ME","MG","MH","ML","MM","MN","MO","MP","MQ","MR","MS","MT","MU","MV","MW","MX","MY","MZ","NA","NC","NE","NF","NG","NI","NL","NO","NP","NR","NU","NZ","OM","PA","PE","PF","PG","PH","PK","PL","PM","PN","PR","PS","PT","PW","PY","QA","RE","RO","RS","RU","RW","SA","SB","SC","SE","SG","SH","SI","SJ","SK","SL","SM","SN","SO","SR","ST","SV","SZ","TC","TD","TF","TG","TH","TJ","TK","TL","TM","TN","TO","TP","TR","TT","TV","TW","TZ","UA","UG","UM","US","UY","UZ","VA","VC","VE","VG","VI","VN","VU","WF","WS","YE","YT","YU","ZA","ZM","ZW"],"format":"iso-country-code","type":"string"},"postalCode":{"description":"Postal code of organization address","type":"string"},"state":{"description":"Full name of State/Province/Territory of organization address","type":"string"}},"required":["address1","country"]},"CertificateBundle":{"properties":{"pems":{"$ref":"#/components/schemas/PEMCertificates"},"serialNumber":{"description":"Serial number of certificate requested","type":"string"}},"required":["serialNumber","pems"]},"CertificateCallback":{"properties":{"callbackUrl":{"description":"Callback url registered to receive stateful actions","type":"string"}},"required":["callbackUrl"]},"CertificateContact":{"properties":{"email":{"description":"Email address of requestor contact","type":"string"},"jobTitle":{"description":"Only used for EVSSL. Job title of requestor contact","type":"string"},"nameFirst":{"description":"First name of requestor contact","type":"string"},"nameLast":{"description":"Last name of requestor contact","type":"string"},"nameMiddle":{"description":"Middle initial of requestor contact","type":"string"},"phone":{"description":"Phone number for requestor contact","type":"string"},"suffix":{"description":"Suffix of requestor contact","type":"string"}},"required":["nameFirst","nameLast","email","phone"]},"CertificateCreate":{"properties":{"callbackUrl":{"description":"Required if client would like to receive stateful actions via callback during certificate lifecyle","type":"string"},"commonName":{"description":"Name to be secured in certificate. If provided, CN field in CSR will be ignored.","type":"string"},"contact":{"$ref":"#/components/schemas/CertificateContact"},"csr":{"description":"Certificate Signing Request","type":"string"},"intelVPro":{"default":false,"description":"Only used for OV","type":"boolean"},"organization":{"$ref":"#/components/schemas/CertificateOrganizationCreate"},"period":{"description":"Number of years for certificate validity period","type":"integer"},"productType":{"description":"Type of product requesting a certificate. Only required non-renewal","enum":["DV_SSL","DV_WILDCARD_SSL","EV_SSL","OV_CS","OV_DS","OV_SSL","OV_WILDCARD_SSL","UCC_DV_SSL","UCC_EV_SSL","UCC_OV_SSL"],"type":"string"},"rootType":{"default":"STARFIELD_SHA_2","description":"Root Type. Depending on certificate expiration date, SHA_1 not be allowed. Will default to SHA_2 if expiration date exceeds sha1 allowed date","enum":["GODADDY_SHA_1","GODADDY_SHA_2","STARFIELD_SHA_1","STARFIELD_SHA_2"],"type":"string"},"slotSize":{"description":"Number of subject alternative names(SAN) to be included in certificate ","enum":["FIVE","TEN","FIFTEEN","TWENTY","THIRTY","FOURTY","FIFTY","ONE_HUNDRED"],"type":"string"},"subjectAlternativeNames":{"description":"Subject Alternative names. Collection of subjectAlternativeNames to be included in certificate.","items":{"type":"string"},"type":"array","uniqueItems":true}},"required":["csr","productType","period","contact"]},"CertificateDetailV2":{"properties":{"certificateId":{"description":"The unique identifier of the certificate request. Only present if no errors returned","type":"string"},"commonName":{"description":"Common name of certificate","format":"domain","type":"string"},"completedAt":{"description":"The date the certificate request completed processing.","format":"iso-datetime","type":"string"},"contact":{"$ref":"#/components/schemas/CertificateContact"},"createdAt":{"description":"The date the certificate was ordered.","format":"iso-datetime","type":"string"},"csr":{"description":"Certificate signing request (if present) in PEM format","type":"string"},"deniedReason":{"description":"Only present if certificate order has been denied","type":"string"},"organization":{"$ref":"#/components/schemas/CertificateOrganization"},"period":{"description":"Validity period of order. Specified in years","type":"integer"},"progress":{"description":"Percentage of completion for certificate vetting","type":"integer"},"renewalAvailable":{"description":"Only returned when a renewal is available.","type":"boolean"},"revokedAt":{"description":"The revocation date of certificate (if revoked).","format":"iso-datetime","type":"string"},"rootType":{"description":"Root type: \n * `GODADDY_SHA_1` - GoDaddy (Secure Hash Algorithm 1) SHA-1 root type\n * `GODADDY_SHA_2` - GoDaddy (Secure Hash Algorithm 2) SHA-2 root type\n * `STARFIELD_SHA_1` - Starfield SHA-1 root type\n * `STARFIELD_SHA_2` - Starfield SHA-2 root type\n","enum":["GODADDY_SHA_1","GODADDY_SHA_2","STARFIELD_SHA_1","STARFIELD_SHA_2"],"type":"string"},"serialNumber":{"description":"Serial number of certificate (if issued or revoked)","type":"string"},"serialNumberHex":{"description":"Hexadecmial format for Serial number of certificate(if issued or revoked)","type":"string"},"slotSize":{"description":"Number of subject alternative names (SAN) to be included in certificate (if UCC): \n * `FIVE` - Five slot UCC request\n * `TEN` - Ten slot UCC request\n * `FIFTEEN` - Fifteen slot UCC request\n * `TWENTY` - Twenty slot UCC request\n * `THIRTY` - Thirty slot UCC request\n * `FOURTY` - Fourty slot UCC request\n * `FIFTY` - Fifty slot UCC request\n * `ONE_HUNDRED` - One hundred slot UCC request\n","enum":["FIVE","TEN","FIFTEEN","TWENTY","THIRTY","FOURTY","FIFTY","ONE_HUNDRED"],"type":"string"},"status":{"description":"Certificate status (if issued or revoked): \n * `CANCELED` - Certificate request was canceled by customer\n * `DENIED` - Certificate request was denied by customer\\n * `EXPIRED` - Issued certificate has exceeded the valid end date\n * `ISSUED` - Certificate has been issued and is within validity period\n * `PENDING_ISSUANCE` - Certificate request has completed domain verification and is in the process of being issued\n * `PENDING_REKEY` - Previously issued certificate was rekeyed by customer and is in the process of being reissued\n * `PENDING_REVOCATION` - Previously issued certificate is in the process of being revoked\n * `REVOKED` - Issued certificate has been revoked\\n * `UNUSED` - Certificate in an error state\n","enum":["PENDING_ISSUANCE","ISSUED","REVOKED","CANCELED","DENIED","PENDING_REVOCATION","PENDING_REKEY","UNUSED","EXPIRED"],"type":"string"},"subjectAlternativeNames":{"description":"Subject Alternative names. Collection of subjectAlternativeNames to be included in certificate.","items":{"format":"domain","type":"string"},"type":"array","uniqueItems":true},"type":{"description":"Certificate type: \n * `DV_SSL` - (Domain Validated Secure Sockets Layer) SSL certificate validated using domain name only\n * `DV_WILDCARD_SSL` - SSL certificate containing subdomains which is validated using domain name only\n * `EV_SSL` - (Extended Validation) SSL certificate validated using organization information, domain name, business legal status, and other factors\n * `OV_CODE_SIGNING` - Code signing SSL certificate used by software developers to digitally sign apps. Validated using organization information\n * `OV_DRIVER_SIGNING` - Driver signing SSL certificate request used by software developers to digitally sign secure code for Windows hardware drivers. Validated using organization information\n * `OV_SSL` - SSL certificate validated using organization information and domain name\n * `OV_WILDCARD_SSL` - SSL certificate containing subdomains which is validated using organization information and domain name\n * `UCC_DV_SSL` - (Unified Communication Certificate) Multi domain SSL certificate validated using domain name only\n * `UCC_EV_SSL` - Multi domain SSL certificate validated using organization information, domain name, business legal status, and other factors\n * `UCC_OV_SSL` - Multi domain SSL certificate validated using organization information and domain name\n","enum":["DV_SSL","DV_WILDCARD_SSL","EV_SSL","OV_CODE_SIGNING","OV_DRIVER_SIGNING","OV_SSL","OV_WILDCARD_SSL","UCC_DV_SSL","UCC_EV_SSL","UCC_OV_SSL"],"type":"string"},"validEndAt":{"description":"The end date of the certificate's validity (if issued or revoked).","format":"iso-datetime","type":"string"},"validStartAt":{"description":"The start date of the certificate's validity (if issued or revoked).","format":"iso-datetime","type":"string"}},"required":["certificateId","commonName","period","type","status","createdAt","contact"]},"CertificateEmailHistory":{"properties":{"accountId":{"description":"Shopper Id requested certificate","type":"integer"},"body":{"description":"Email message","type":"string"},"dateEntered":{"description":"Date email sent","format":"iso-datetime","type":"string"},"fromType":{"description":"Email from address","type":"string"},"id":{"description":"Email Id","type":"integer"},"recipients":{"description":"Email address email was sent","type":"string"},"subject":{"description":"Email subject","type":"string"},"templateType":{"description":"Email template type name","type":"string"}},"required":["id","accountId","templateType","fromType","recipients","body","dateEntered","subject"]},"CertificateIdentifier":{"properties":{"certificateId":{"description":"The unique identifier of the certificate request. Only present if verified.","type":"string"}},"required":["certificateId"]},"CertificateOrganization":{"properties":{"address":{"$ref":"#/components/schemas/CertificateAddress"},"assumedName":{"description":"Only for EVSSL. The DBA(does business as) name for the organization.","type":"string"},"jurisdictionOfIncorporation":{"$ref":"#/components/schemas/JurisdictionOfIncorporation"},"name":{"description":"Name of organization that owns common name","type":"string"},"phone":{"description":"Phone number for organization","type":"string"},"registrationAgent":{"description":"Only for EVSSL.","type":"string"},"registrationNumber":{"description":"Only for EVSSL.","type":"string"}},"required":["name","phone","address"]},"CertificateOrganizationCreate":{"properties":{"address":{"$ref":"#/components/schemas/CertificateAddress"},"assumedName":{"description":"Only for EVSSL. The DBA(does business as) name for the organization.","type":"string"},"name":{"description":"Name of organization that owns common name","type":"string"},"phone":{"description":"Phone number for organization","type":"string"},"registrationAgent":{"description":"Only for EVSSL.","type":"string"},"registrationNumber":{"description":"Only for EVSSL.","type":"string"}},"required":["name","phone"]},"CertificateReissue":{"properties":{"callbackUrl":{"description":"Required if client would like to receive stateful action via callback during certificate lifecyle","type":"string"},"commonName":{"default":"Existing common name","description":"The common name of certificate to be secured","type":"string"},"csr":{"default":"Existing CSR","description":"Certificate Signing Request.","type":"string"},"delayExistingRevoke":{"default":72,"description":"In hours, time to delay revoking existing certificate after issuance of new certificate. If revokeExistingCertOnIssuance is enabled, this value will be ignored","maximum":168,"type":"integer"},"forceDomainRevetting":{"description":"Optional field. Domain verification will be required for each domain listed here. Specify a value of * to indicate that all domains associated with the request should have their domain information reverified.","items":{"type":"string"},"type":"array","uniqueItems":true},"rootType":{"default":"GODADDY_SHA_1","description":"Root Type. Depending on certificate expiration date, SHA_1 not be allowed. Will default to SHA_2 if expiration date exceeds sha1 allowed date","enum":["GODADDY_SHA_1","GODADDY_SHA_2","STARFIELD_SHA_1","STARFIELD_SHA_2"],"type":"string"},"subjectAlternativeNames":{"description":"Only used for UCC products. An array of subject alternative names to include in certificate.","items":{"type":"string"},"type":"array","uniqueItems":true}}},"CertificateRenew":{"properties":{"callbackUrl":{"description":"Required if client would like to receive stateful actions via callback during certificate lifecyle","type":"string"},"commonName":{"default":"Existing common name","description":"The common name of certificate to be secured","type":"string"},"csr":{"default":"Existing CSR","description":"Certificate Signing Request.","type":"string"},"period":{"default":0,"description":"Number of years for certificate validity period, if different from previous certificate","type":"integer"},"rootType":{"default":"GODADDY_SHA_1","description":"Root Type. Depending on certificate expiration date, SHA_1 not be allowed. Will default to SHA_2 if expiration date exceeds sha1 allowed date","enum":["GODADDY_SHA_1","GODADDY_SHA_2","STARFIELD_SHA_1","STARFIELD_SHA_2"],"type":"string"},"subjectAlternativeNames":{"description":"Only used for UCC products. An array of subject alternative names to include in certificate. Not including a subject alternative name that was in the previous certificate will remove it from the renewed certificate.","items":{"type":"string"},"type":"array","uniqueItems":true}}},"CertificateRevoke":{"properties":{"reason":{"description":"Reason for revocation","enum":["AFFILIATION_CHANGED","CESSATION_OF_OPERATION","KEY_COMPROMISE","PRIVILEGE_WITHDRAWN","SUPERSEDED"],"type":"string"}},"required":["reason"]},"CertificateSiteSeal":{"properties":{"html":{"description":"Certificate Seal HTML","type":"string"}},"required":["html"]},"CertificateSummariesV2":{"properties":{"certificates":{"description":"List of certificates for a specified customer.","items":{"$ref":"#/components/schemas/CertificateSummaryV2"},"type":"array"},"pagination":{"$ref":"#/components/schemas/Pagination"}},"required":["certificates","pagination"]},"CertificateSummaryV2":{"properties":{"certificateId":{"description":"The unique identifier of the certificate request.","type":"string"},"commonName":{"description":"Common name for the certificate request.","format":"domain","type":"string"},"completedAt":{"description":"The date the certificate request completed processing (if issued or revoked).","format":"iso-datetime","type":"string"},"createdAt":{"description":"Date that the certificate request was received.","format":"iso-datetime","type":"string"},"period":{"description":"Validity period of order. Specified in years.","type":"integer"},"renewalAvailable":{"description":"Only returned when a renewal is available.","type":"boolean"},"revokedAt":{"description":"The revocation date of certificate (if revoked).","format":"iso-datetime","type":"string"},"serialNumber":{"description":"Serial number of certificate (if issued or revoked).","type":"string"},"slotSize":{"description":"Number of subject alternative names (SAN) to be included in certificate (if UCC): \n * `FIVE` - Five slot UCC request\n * `TEN` - Ten slot UCC request\n * `FIFTEEN` - Fifteen slot UCC request\n * `TWENTY` - Twenty slot UCC request\n * `THIRTY` - Thirty slot UCC request\n * `FOURTY` - Fourty slot UCC request\n * `FIFTY` - Fifty slot UCC request\n * `ONE_HUNDRED` - One hundred slot UCC request\n","enum":["FIVE","TEN","FIFTEEN","TWENTY","THIRTY","FOURTY","FIFTY","ONE_HUNDRED"],"type":"string"},"status":{"description":"Certificate status (if issued or revoked): \n * `CANCELED` - Certificate request was canceled by customer\n * `DENIED` - Certificate request was denied by customer\n * `EXPIRED` - Issued certificate has exceeded the valid end date\n * `ISSUED` - Certificate has been issued and is within validity period\n * `PENDING_ISSUANCE` - Certificate request has completed domain verification and is in the process of being issued\n * `PENDING_REKEY` - Previously issued certificate was rekeyed by customer and is in the process of being reissued\n * `PENDING_REVOCATION` - Previously issued certificate is in the process of being revoked\n * `REVOKED` - Issued certificate has been revoked\n * `UNUSED` - Certificate in an error state\n","enum":["ISSUED","CANCELED","DENIED","EXPIRED","PENDING_ISSUANCE","PENDING_REKEY","PENDING_REVOCATION","REVOKED","UNUSED"],"type":"string"},"subjectAlternativeNames":{"description":"Subject Alternative names (if UCC). Collection of subjectAlternativeNames to be included in certificate.","format":"domain","items":{"type":"string"},"type":"array","uniqueItems":true},"type":{"description":"Certificate type: \n * `DV_SSL` - (Domain Validated Secure Sockets Layer) SSL certificate validated using domain name only\n * `DV_WILDCARD_SSL` - SSL certificate containing subdomains which is validated using domain name only\n * `EV_SSL` - (Extended Validation) SSL certificate validated using organization information, domain name, business legal status, and other factors\n * `OV_CODE_SIGNING` - Code signing SSL certificate used by software developers to digitally sign apps. Validated using organization information\n * `OV_DRIVER_SIGNING` - Driver signing SSL certificate request used by software developers to digitally sign secure code for Windows hardware drivers. Validated using organization information\n * `OV_SSL` - SSL certificate validated using organization information and domain name\n * `OV_WILDCARD_SSL` - SSL certificate containing subdomains which is validated using organization information and domain name\n * `UCC_DV_SSL` - (Unified Communication Certificate) Multi domain SSL certificate validated using domain name only\n * `UCC_EV_SSL` - Multi domain SSL certificate validated using organization information, domain name, business legal status, and other factors\n * `UCC_OV_SSL` - Multi domain SSL certificate validated using organization information and domain name\n","enum":["DV_SSL","DV_WILDCARD_SSL","EV_SSL","OV_CODE_SIGNING","OV_DRIVER_SIGNING","OV_SSL","OV_WILDCARD_SSL","UCC_DV_SSL","UCC_EV_SSL","UCC_OV_SSL"],"type":"string"},"validEndAt":{"description":"The end date of the certificate's validity (if issued or revoked).","format":"iso-datetime","type":"string"},"validStartAt":{"description":"The start date of the certificate's validity (if issued or revoked).","format":"iso-datetime","type":"string"}},"required":["certificateId","commonName","period","type","createdAt","status"]},"DomainVerificationDetail":{"allOf":[{"$ref":"#/components/schemas/DomainVerificationSummary"},{"properties":{"certificateAuthorityAuthorization":{"description":"Contains information about the last Certificate Authority Authorization (CAA) Lookup details for the specified domain.\n\nIn order for a domain to be eligible to be included in the certificate, the entire domain hierarchy must be scanned for DNS CAA records, as outlined by RFC 6844.\n\nThe absence of any CAA records found in the domain hierarchy indicates that the domain may be included in the certificate. Alternatively, if CAA records are found when scanning the domain hierarchy, the domain may be included in the certificate as long as `godaddy.com` or `starfieldtech.com` is found in the DNS record value. However, if CAA records are found, yet `godaddy.com` or `starfieldtech.com` is not found in any CAA record's value, then we must drop the domain from the certificate request.\n\nIn the case where there are repeated DNS errors when scanning the domain hierarchy for CAA records, thus ending in an unsuccessful scan, then the domain can still be included in the certificate provided the primary domain is not setup with DNSSEC. Conversely, if DNSSEC is found to be setup on the primary domain when scanning following repeated CAA failures, the domain must be dropped from the certificate request. Finally, if DNS errors persist to the point where a successful DNSSEC query could not be obtained, then the domain must be dropped from the certificate request.\n","properties":{"completedAt":{"description":"The date the certificate request completed processing.","format":"iso-datetime","type":"string"},"queryPaths":{"description":"Details all the individual DNS paths that were scanned for CAA records for this domain, as detailed by RFC 6844. This element not only contains the parts determined from parsing the domain, but also any CNAME or DNAME targets specified by any of those individual parts.","items":{"type":"string"},"type":"array"},"recommendations":{"description":"Returns a list of fix recommendations if the query was unsuccessful, or if the domain was dropped from the certificate request, so that a subsequent certificate request with the specified domain will successfully pass its CAA scan.","items":{"description":"* `ADD_CA_TO_CAA` - The system found a CAA record in the domain hierarchy, but it did not find our CA in the record's values. Add `godaddy.com` or `starfieldtech.com` to the CAA record's values.\n* `CREATE_TARGET_DOMAIN_CAA` - Create a CAA record on the specified domain with `godaddy.com` or `starfieldtech.com` as the value. If the system finds a CAA record in the specified domain, it will stop scanning the domain hierarchy, thereby preventing potentially problematic parent domain paths from being scanned.\n* `DISABLE_DNSSEC` - Disable DNSSEC on the domain if CAA lookups fail and a DNSSEC scan is being used as the method for determining if the specified domain can remain in the certificate request.\n* `FIX_CRITICAL_TAG` - When setting the critical flag in a CAA record, you must ensure you're using a well-known tag, per RFC 6844.\n* `VALIDATE_SOA` - Make sure all queryPaths for the specified domain have an SOA record pointing to a valid publicly-accessible nameserver and respond in a timely fashion.\n","enum":["ADD_CA_TO_CAA","CREATE_TARGET_DOMAIN_CAA","DISABLE_DNSSEC","FIX_CRITICAL_TAG","VALIDATE_SOA"],"type":"string"},"type":"array"},"status":{"description":"Returns the status of the CAA Lookup for the specified domain:\n* `PENDING` - The CAA lookup has not yet been attempted for the specified domain.\n* `REMOVED_DNS_ERROR` - Repeated errors occurred while scanning for CAA records, thereby resulting in a DNSSEC scan. DNS errors then prevented the system from determining if DNSSEC was enabled for the specified domain, and it had to be removed from the certificate request.\n* `REMOVED_DNSSEC_ENABLED` - Repeated errors occurred while scanning for CAA records, thereby resulting in a DNSSEC scan. DNSSEC was determined to be enabled for the specified domain, and it had to be removed from the certificate request.\n* `REMOVED_NOT_FOUND_CA` - CAA records were found during the CAA lookup for the speicified domain, but `godaddy.com` or `starfieldtech.com` was not listed as a value, thereby not allowing us to issue a certificate with this domain. The specified domain was removed from the certificate request.\n* `REMOVED_UNKNOWN_CRITICAL_TAG` - A CAA record was found during the CAA lookup with its Critical bit set, as outlined by RFC 6844, yet the Tag of the CAA record was not understood (as outlined by RFC 6844). The specified domain was removed from the certificate request.\n* `SUCCESS_CAA` - The CAA lookup was successful for the specified domain, and the domain can remain in the certificate request.\n* `SUCCESS_DNSSEC` - Repeated errors occurred while scanning for CAA records, thereby resulting in a DNSSEC scan. The system detemined that DNSSEC was not enabled for the specified domain, so the domain is allowed to remain in the certificate request.\n","enum":["PENDING","REMOVED_DNS_ERROR","REMOVED_DNSSEC_ENABLED","REMOVED_NOT_FOUND_CA","REMOVED_UNKNOWN_CRITICAL_TAG","SUCCESS_CAA","SUCCESS_DNSSEC"],"type":"string"}},"type":"object"}},"type":"object"}]},"DomainVerificationSummary":{"properties":{"createdAt":{"description":"Timestamp indicating when the domain verification process was started","format":"iso-datetime","type":"string"},"dceToken":{"description":"DCE verification type token (if DCE verification type).","type":"string"},"domain":{"description":"Domain name","format":"domain","type":"string"},"domainEntityId":{"description":"A unique identifier that can be leveraged for retrieving domain verification related information. Primarily used when troubleshooting a request","type":"integer"},"modifiedAt":{"description":"Timestamp indicating when the domain verification process was last updated","format":"iso-datetime","type":"string"},"status":{"description":"Domain verification status: \n * `AWAITING` - Verification pending customer input\n * `INVALID` - SAN connected to a cancelled request\n * `COMPLETED` - Verification completed\n * `FAILED_VERIFICATION` - Verification failed\n * `PENDING_POSSIBLE_FRAUD` - Flagged for a system level fraud review\n * `VERIFIED_POSSIBLE_FRAUD` - Fraud detection reviewed but verified\n * `DROPPED` - SAN dropped from request\n * `REVOKED_CERT` - Certificate revoked\n * `DROPPED_GOOGLE_SAFE_BROWSING` - SAN dropped from request due to Google Safe Browsing check\n * `DROPPED_CERTIFICATE_AUTHORITY_AUTHORIZATION` - SAN dropped from request due to Certificate Authorization Authority DNS record check\n","enum":["COMPLETED","FAILED_VERIFICATION","VERIFIED_POSSIBLE_FRAUD","DROPPED","DROPPED_CERTIFICATE_AUTHORITY_AUTHORIZATION","DROPPED_GOOGLE_SAFE_BROWSING","INVALID","AWAITING","PENDING_POSSIBLE_FRAUD","REVOKED_CERTIFICATE"],"type":"string"},"type":{"description":"Domain verification type: \n * `AUTO_GENERATED_DOMAIN_ACCESS_EMAIL_ADMIN` - Domain verified using domain control verification email sent to admin@\n * `AUTO_GENERATED_DOMAIN_ACCESS_EMAIL_ADMINSTRATOR` - Domain verified using domain control verification email sent to administrator@\n * `AUTO_GENERATED_DOMAIN_ACCESS_EMAIL_HOST_MASTER` - Domain verified using domain control verification email sent to hostmaster@\n * `AUTO_GENERATED_DOMAIN_ACCESS_EMAIL_POST_MASTER` - Domain verified using domain control verification email sent to postmaster@\n * `AUTO_GENERATED_DOMAIN_ACCESS_EMAIL_WEB_MASTER` - Domain verified using domain control verification email sent to webmaster@\n * `DOMAIN_ACCESS_EMAIL` - Domain verified using a domain access email\n * `DOMAIN_ACCESS_LETTER` - Customer completed a domain access letter which was used for domain verification\n * `DOMAIN_CONTROL_EMAIL` - Domain verified using HTML file or DNS zone file text value\n * `DOMAIN_ZONE_CONTROL` - DNS zone file containing a pre-generated text value used for domain verification\n * `MANUAL_DOMAIN_ACCESS_EMAIL` - DAE sent to an email address manually entered by a rep\n * `PREVIOUS_DOMAIN_ACCESS_EMAIL` - Customers domain access email for a prior certificate request was used for domain verification\n * `REGISTRATION_AUTHORITY_DOMAIN_ACCESS_LETTER` - Representative reviewed a customer provided domain access letter and verified domain\n * `REGISTRATION_AUTHORITY_DOMAIN_ZONE_CONTROL` - Representative verified domain using a manual domain zone control check\n * `REGISTRATION_AUTHORITY_OVERRIDE` - Representative verified domain using alternative methods\n * `REGISTRATION_AUTHORITY_WEBSITE_CONTROL` - Representative verified domain using a manual website control check\n * `CUSTOMER_OWNED` - Validated customer account information used for domain control verification\n * `WEBSITE_CONTROL` - HTML file in root website directory containing pre-generated value used for domain control verification\n","enum":["DOMAIN_CONTROL_EMAIL","AUTO_GENERATED_DOMAIN_ACCESS_EMAIL_ADMIN","AUTO_GENERATED_DOMAIN_ACCESS_EMAIL_ADMINSTRATOR","AUTO_GENERATED_DOMAIN_ACCESS_EMAIL_HOST_MASTER","AUTO_GENERATED_DOMAIN_ACCESS_EMAIL_POST_MASTER","AUTO_GENERATED_DOMAIN_ACCESS_EMAIL_WEB_MASTER","DOMAIN_ACCESS_EMAIL","DOMAIN_ACCESS_LETTER","DOMAIN_ZONE_CONTROL","MANUAL_DOMAIN_ACCESS_EMAIL","PREVIOUS_DOMAIN_ACCESS_EMAIL","REGISTRATION_AUTHORITY_DOMAIN_ACCESS_LETTER","REGISTRATION_AUTHORITY_DOMAIN_ZONE_CONTROL","REGISTRATION_AUTHORITY_OVERRIDE","REGISTRATION_AUTHORITY_WEBSITE_CONTROL","CUSTOMER_OWNED","WEBSITE_CONTROL"],"type":"string"},"usage":{"description":"Type of domain name used for domain verification","enum":["COMMON_NAME","SUBJECT_ALTERNATIVE_NAME"],"type":"string"}},"required":["domain","domainEntityId","status","createdAt","modifiedAt","type","usage"]},"Error":{"properties":{"code":{"description":"Short identifier for the error, suitable for indicating the specific error within client code","format":"constant","type":"string"},"fields":{"description":"List of the specific fields, and the errors found with their contents","items":{"$ref":"#/components/schemas/ErrorField"},"type":"array"},"message":{"description":"Description of the error","type":"string"}},"required":["code"]},"ErrorField":{"properties":{"code":{"description":"Short identifier for the error, suitable for indicating the specific error within client code","format":"constant","type":"string"},"message":{"description":"Description of the problem with the contents of the field","type":"string"},"path":{"description":"JSONPath referring to the field within the submitted data containing an error","format":"json-path","type":"string"}},"required":["path","code"]},"ErrorLimit":{"additionalProperties":false,"allOf":[{"properties":{"retryAfterSec":{"description":"Number of seconds to wait before attempting a similar request","format":"integer-positive","type":"integer"}},"required":["retryAfterSec"],"type":"object"},{"$ref":"#/components/schemas/Error"}],"x-error-model":true},"ExternalAccountBinding":{"properties":{"directoryUrl":{"description":"ACME directory resource URL.","format":"url","type":"string"},"hmacKey":{"description":"EAB HMAC key for the ACME account","type":"string"},"keyId":{"description":"EAB key identifier for the ACME account.","type":"string"}},"required":["directoryUrl","keyId","hmacKey"]},"JurisdictionOfIncorporation":{"properties":{"city":{"type":"string"},"country":{"format":"iso-country-code","type":"string"},"county":{"type":"string"},"state":{"type":"string"}},"required":["country"]},"PEMCertificates":{"properties":{"certificate":{"description":"End entity certificate in PEM format","type":"string"},"cross":{"description":"CA Cross Intermediate certificate in PEM format","type":"string"},"intermediate":{"description":"CA Signing Intermediate certificate in PEM format","type":"string"},"root":{"description":"CA Root certificate in PEM format","type":"string"}},"required":["certificate"]},"Pagination":{"properties":{"first":{"description":"URI to access the first page","type":"string"},"last":{"description":"URI to access the last page","type":"string"},"next":{"description":"URI to access the next page","type":"string"},"previous":{"description":"URI to access the previous page","type":"string"},"total":{"description":"Number of records available","type":"integer"}},"type":"object"},"SubjectAlternativeNameDetails":{"properties":{"status":{"description":"Total number of page results","enum":["PENDING","INVALID","COMPLETED","FRAUD"],"type":"string"},"subjectAlternativeName":{"description":"Subject alternative name to be included in certificate","type":"string"}},"required":["subjectAlternativeName","status"]}}}}