Guides

parse_csr

Parses the CSR and identifies its data elements.

Suggest Edits

Request parameters for parse_csr

Standard parameters

  • action = parse_csr
  • object = trust_service

Attributes

Parameters within the attributes associative array are described below.

Parameter nameObligationDefinition/Value
csrRequiredA Certificate Signing Request for the required SSL Certificate.

Note: All certificates require 2048 bit CSRs; however, Symantec will accept 1024 bit CSRs for certificates with expiry dates prior to December 31,
2013, except for EV certs, which require 2048, regardless of the term.
product_typeRequiredThe product type from the SSL Certificate inventory.

Allowed values are:

comodo_ev

 comodo_instantssl

comodo_premiumssl

 comodo_premiumssl_wildcard

comodo_ssl

 comodo_wildcard

essentialssl

 essentialssl_wildcard

positivessl

 quickssl

quickssl_premium

 rapidssl

securesite

 securesite_pro

securesite_ev

 securesite_pro_ev

sgcsuper_certs

 ssl123

sslwebserver

 sslwebserver_wildcard

sslwebserver_ev

 symantec_ssl_lite

symantec_ssl_lite_wildcard

 truebizid

truebizid_wildcard

 truebizid_ev

trustwave_dv

 trustwave_ev

trustwave_premiumssl
 trustwave_premiumssl_wildcard

Response parameters for parse_csr

Standard parameters

  • action = reply
  • object = trust_service
  • is_success = a Boolean is returned, indicating success or failure of the
    request
  • response_code = response code indicating outcome of the request
  • response_text = message describing the outcome of the request

Attributes

If the request is successful, the attributes associative array may include the
following:

Parameter nameObligationDefinition/Value
csr_dataReturned if is_success = trueA list of the data elements of the CSR. For more information, see the csr_data table.
dv_auth_details

csr_data

Parameters within the csr_data associative array are described below.

Parameter nameObligationDefinition/Value
countryAlways returnedThe country specified in the CSR.
domainAlways returnedThe domain specified in the CSR.
emailAlways returnedThe email address specified in the CSR.
has_bad_extensionsAlways returnedIndicates whether the CSR contains any unsupported extensions.

Allowed values are:

0—The CSR can be used.

 1— Re-generate the CSR without the unsupported extensions.
localityAlways returnedThe city specified in the CSR.
organizationAlways returnedThe organization specified in the CSR
organization_unitAlways returnedThe organization unit specified in the CSR.
stateAlways returnedThe state specified in the CSR.
valid_quick_domainReturned for QuickSSL Certificates onlyIndicates whether the CSR is valid for QuickSSL certificates.
Allowed values are:

0—No
 1—Yes
valid_true_domainReturned for True BusinessID Certificates onlyIndicates whether the CSR is valid for True BusinessID certificates.

Allowed values:

0—No
 1—Yes

Examples for parse_csr

Example 1

Request 

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<!DOCTYPE OPS_envelope SYSTEM 'ops.dtd'>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">parse_csr</item>
                <item key="object">trust_service</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="product_type">quickssl</item>
                        <item key="csr">-----BEGIN CERTIFICATE REQUEST----- MIIBqTCCARICAQAwaTELMAkGA1UEBhMCQ0ExCzAJBgNVBAgTAm9uMRAwDgYDVQQH
                            Ewd0b3JvbnRvMQ8wDQYDVQQKEwZ0dWNvd3MxCzAJBgNVBAsTAnFhMR0wGwYDVQQD ExR3d3cucWFyZWdyZXNzaW9uLm9yZzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEAz+hbqqnE5BSW0THf7txxsJxF8Vtca2uL52iutI1SRTm9J6NNtAjgMbL9upOm SFnObpWKriUIlvxKrecygGWkjiMeyU/F6auAS9/vwDdxYEVT2szK+Q2At1FgU433 Pds53v2J/vyB6SL+k/w54H2gF4ORpU1hjUggo7fM353TeeMCAwEAAaAAMA0GCSqG SIb3DQEBBAUAA4GBAIYvVThVeocN7N7HbsO/au9AXnx6LULQ5LMDWx6FlyBB5g9h 5HYZa6xieYCYDxYIsjLjR3qx1BWl9+0kSL2MW4EdDPzbcrZvHAtrw2/hPrm9EGA3 2w3a26W79N3clCkrahnpcNFLFyzU3CtZASJ+VuixGXTEkdiBAliqtGp+QBhf -----END CERTIFICATE REQUEST-----</item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>

Response 

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<!DOCTYPE OPS_envelope SYSTEM 'ops.dtd'>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">REPLY</item>
                <item key="object">TRUST_SERVICE</item>
                <item key="is_success">1</item>
                <item key="response_text">Command completed successfully.</item>
                <item key="response_code">200</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="csr_data">
                            <dt_assoc>
                                <item key="country">US</item>
                                <item key="organization_unit">QA</item>
                                <item key="valid_true_domain">1</item>
                                <item key="state">CA</item>
                                <item key="locality">Santa Clara</item>
                                <item key="email" />
                                <item key="domain">www.example.com</item>
                                <item key="valid_quick_domain">1</item>
                                <item key="has_bad_extensions">0</item>
                                <item key="organization">Example Inc.</item>
                            </dt_assoc>
                        </item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>

Example 2

For Comodo Domain-Vetted SSL Certificates

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">REPLY</item>
                <item key="object">TRUST_SERVICE</item>
                <item key="is_success">1</item>
                <item key="response_text">Command completed successfully.</item>
                <item key="response_code">200</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="csr_data">
                            <dt_assoc>
                                <item key="country">US</item>
                                <item key="organization_unit">QA</item>
                                <item key="valid_true_domain">1</item>
                                <item key="state">CA</item>
                                <item key="locality">Santa Clara</item>
                                <item key="email" />
                                <item key="domain">www.example.com</item>
                                <item key="valid_quick_domain">1</item>
                                <item key="has_bad_extensions">0</item>
                                <item key="organization">Example Inc.</item>
                            </dt_assoc>
                        </item>
                        <item key="dv_auth_details">
                            <dt_assoc>
                                <item key="file_name">CCA14620B14A3A0A2BBBCDAEBB9B4402.txt</item>
                                <item key="file_contents">6009865A908659B5A40E802BBBFB3DD71FE49A15
                                    comodoca.com</item>
                                <item key="dns_entry">CCA14620B14A3A0A2BBBCDAEBB9B4402.qaregression.org       CNAME 6009865A908659B5A40E802BBBFB3DD71FE49A15.comodoca.com</item>
                            </dt_assoc>
                        </item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>

Updated about 7 years ago