parse_csr

Parses the CSR and identifies its data elements.

Request parameters for parse_csr

Standard parameters

  • action = parse_csr
  • object = trust_service

Attributes

Parameters within the attributes associative array are described below.

Parameter name

Obligation

Definition/Value

csr

Required

A Certificate Signing Request for the required SSL Certificate.

Note: All certificates require 2048 bit CSRs; however, Symantec will accept 1024 bit CSRs for certificates with expiry dates prior to December 31,
2013, except for EV certs, which require 2048, regardless of the term.

product_type

Required

The product type from the SSL Certificate inventory.

Allowed values are:

  • comodo_ev

  • comodo_instantssl

  • comodo_premiumssl

  • comodo_premiumssl_wildcard

  • comodo_ssl

  • comodo_wildcard

  • essentialssl

  • essentialssl_wildcard

  • positivessl

  • quickssl

  • quickssl_premium

  • rapidssl

  • securesite

  • securesite_pro

  • securesite_ev

  • securesite_pro_ev

  • sgcsuper_certs

  • ssl123

  • sslwebserver

  • sslwebserver_wildcard

  • sslwebserver_ev

  • symantec_ssl_lite

  • symantec_ssl_lite_wildcard

  • truebizid

  • truebizid_wildcard

  • truebizid_ev

  • trustwave_dv

  • trustwave_ev

  • trustwave_premiumssl

  • trustwave_premiumssl_wildcard

Response parameters for parse_csr

Standard parameters

  • action = reply
  • object = trust_service
  • is_success = a Boolean is returned, indicating success or failure of the
    request
  • response_code = response code indicating outcome of the request
  • response_text = message describing the outcome of the request

Attributes

If the request is successful, the attributes associative array may include the
following:

Parameter name

Obligation

Definition/Value

csr_data

Returned if is_success = true

A list of the data elements of the CSR. For more information, see the csr_data table.

dv_auth_details

csr_data

Parameters within the csr_data associative array are described below.

Parameter name

Obligation

Definition/Value

country

Always returned

The country specified in the CSR.

domain

Always returned

The domain specified in the CSR.

email

Always returned

The email address specified in the CSR.

has_bad_extensions

Always returned

Indicates whether the CSR contains any unsupported extensions.

Allowed values are:

  • 0—The CSR can be used.

  • 1— Re-generate the CSR without the unsupported extensions.

locality

Always returned

The city specified in the CSR.

organization

Always returned

The organization specified in the CSR

organization_unit

Always returned

The organization unit specified in the CSR.

state

Always returned

The state specified in the CSR.

valid_quick_domain

Returned for QuickSSL Certificates only

Indicates whether the CSR is valid for QuickSSL certificates.
Allowed values are:

  • 0—No
  • 1—Yes

valid_true_domain

Returned for True BusinessID Certificates only

Indicates whether the CSR is valid for True BusinessID certificates.

Allowed values:

  • 0—No
  • 1—Yes

Examples for parse_csr

Example 1

Request

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<!DOCTYPE OPS_envelope SYSTEM 'ops.dtd'>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">parse_csr</item>
                <item key="object">trust_service</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="product_type">quickssl</item>
                        <item key="csr">-----BEGIN CERTIFICATE REQUEST----- MIIBqTCCARICAQAwaTELMAkGA1UEBhMCQ0ExCzAJBgNVBAgTAm9uMRAwDgYDVQQH
                            Ewd0b3JvbnRvMQ8wDQYDVQQKEwZ0dWNvd3MxCzAJBgNVBAsTAnFhMR0wGwYDVQQD ExR3d3cucWFyZWdyZXNzaW9uLm9yZzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEAz+hbqqnE5BSW0THf7txxsJxF8Vtca2uL52iutI1SRTm9J6NNtAjgMbL9upOm SFnObpWKriUIlvxKrecygGWkjiMeyU/F6auAS9/vwDdxYEVT2szK+Q2At1FgU433 Pds53v2J/vyB6SL+k/w54H2gF4ORpU1hjUggo7fM353TeeMCAwEAAaAAMA0GCSqG SIb3DQEBBAUAA4GBAIYvVThVeocN7N7HbsO/au9AXnx6LULQ5LMDWx6FlyBB5g9h 5HYZa6xieYCYDxYIsjLjR3qx1BWl9+0kSL2MW4EdDPzbcrZvHAtrw2/hPrm9EGA3 2w3a26W79N3clCkrahnpcNFLFyzU3CtZASJ+VuixGXTEkdiBAliqtGp+QBhf -----END CERTIFICATE REQUEST-----</item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>

Response

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<!DOCTYPE OPS_envelope SYSTEM 'ops.dtd'>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">REPLY</item>
                <item key="object">TRUST_SERVICE</item>
                <item key="is_success">1</item>
                <item key="response_text">Command completed successfully.</item>
                <item key="response_code">200</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="csr_data">
                            <dt_assoc>
                                <item key="country">US</item>
                                <item key="organization_unit">QA</item>
                                <item key="valid_true_domain">1</item>
                                <item key="state">CA</item>
                                <item key="locality">Santa Clara</item>
                                <item key="email" />
                                <item key="domain">www.example.com</item>
                                <item key="valid_quick_domain">1</item>
                                <item key="has_bad_extensions">0</item>
                                <item key="organization">Example Inc.</item>
                            </dt_assoc>
                        </item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>

Example 2

For Comodo Domain-Vetted SSL Certificates

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">REPLY</item>
                <item key="object">TRUST_SERVICE</item>
                <item key="is_success">1</item>
                <item key="response_text">Command completed successfully.</item>
                <item key="response_code">200</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="csr_data">
                            <dt_assoc>
                                <item key="country">US</item>
                                <item key="organization_unit">QA</item>
                                <item key="valid_true_domain">1</item>
                                <item key="state">CA</item>
                                <item key="locality">Santa Clara</item>
                                <item key="email" />
                                <item key="domain">www.example.com</item>
                                <item key="valid_quick_domain">1</item>
                                <item key="has_bad_extensions">0</item>
                                <item key="organization">Example Inc.</item>
                            </dt_assoc>
                        </item>
                        <item key="dv_auth_details">
                            <dt_assoc>
                                <item key="file_name">CCA14620B14A3A0A2BBBCDAEBB9B4402.txt</item>
                                <item key="file_contents">6009865A908659B5A40E802BBBFB3DD71FE49A15
                                    comodoca.com</item>
                                <item key="dns_entry">CCA14620B14A3A0A2BBBCDAEBB9B4402.qaregression.org       CNAME 6009865A908659B5A40E802BBBFB3DD71FE49A15.comodoca.com</item>
                            </dt_assoc>
                        </item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>