API: OpenSRS

OpenSRS API Guide: Domains and SSL

Welcome to the OpenSRS API guide. Here you will find comprehensive documentation regarding our domain and SSL services. We hope this guide will help you start working with OpenSRS as quickly as possible. If you have any questions or concerns, please do not hesitate to contact help@opensrs.com

Get Started

update_order

Submits a SSL Service order update to the OpenSRS system. When updating existing SSL Service orders, the general rules are:

  • Include the parameters and values that you want to change.
  • To remove a remove a value, submit the parameter with an empty value
  • Omit any parameters that you do not want to change.

NOTE:

This command can only be used on pending orders.

Important: If you are using this command to add or change the additional domains for a SAN certificate order, you must specify all of the domains that will be secured by the certificate. The additional_domains list specified in this command overwrites the additional_domains list in the original order.

Request parameters for update_order

Standard parameters

  • action = update_order
  • object = trust_service

Attributes

Parameters within the attributes associative array are described below.

Parameter name
Obligation
Definition/Value

additional_domains

Optional. May be used for SAN certificates.

The list of additional domains or other entities (other than the primary domain) that will be secured by the SSL certificate.

This list overwrites the previous list in the order, so be sure to specify all of the domains that you want to secure with this certificate. For more information, see Request parameters for sw_register (trust_service).

approver_email

Optional

The email of one of the individuals who can approve the SSL Service order. The SSL Service provider sends the approver email to the address that you specify.

contact_set

Optional

The SSL Certificate contact information.

Most products require: admin, billing and
tech contacts.

For admin, tech, and billing contacts for thawte, Symantec, and all EV certificates, title is required.

For Symantec certificates, organization, address, city, state/province, postal code, and country are required for admin and tech contacts.

All organization vetted certificates require an organization contact.

csr

Optional

The certificate signing request for the required certificate. The SSL Service provider uses this information to generate the certificate.

Note: All certificates require 2048 bit CSRs; however, Symantec will accept 1024 bit CSRs for certificates with expiry dates prior to December 31, 2013, except for EV certs, which require 2048, regardless of the term.

dv_auth_method

Optional

Allows you to specify how you want to validate the certificate. Allowed values are:

  • File
  • DNS
  • Email

Note: Default value is email.

end_user_auth_info

Optional - used only for SiteLock and TRUSTe

Specify the username and password that the end user will use to log in to the Domain Admin interface where they can manage their account. The login credentials will be sent to the specified email_address. If you resend the Domain Admin login information (through the Control Panel), this is the address to which the Domain Admin login credentials are sent.

Please note the following conditions:

  • If you specify username and password and the user already exists, the command will fail.

  • If you specify username but not password, and the user does not already exist, the user credentials cannot be created and the command will fail.

  • If you specify username but not password, and the user already exists, the service will be associated with the existing end user profile.

If you want to associate the SSL Service product with an existing account, you only need to include the username value.

For more information see the End user auth info table below.

order_id

Required

The ID of the SSL Service order.

period

Optional

The number of years of the registration period. Allowed values are 1 – 4, depending on the SSL Service that is ordered.

  • comodo_ev—1to 2
    • comodo_instantssl—1to 4
    • comodo_premiumssl—1to 4
    • comodo_premiumssl_wildcard—1to 4
    • comodo_ssl—1to 4
    • comodo_wildcard—1 to 4
    • malwarescan—1
    • quickssl—1to 4
    • quickssl_premium—1to 4
    • quickssl_premium_san —1to 4
    • rapidssl — 1 to 3
    • rapidssl_wildcard — 1 to 3
    • securesite—1to 4
    • securesite_ft—1
    • securesite_ev—1 to 2
    • securesite_ev_ft—1
    • securesite_pro—1 to 4
    • securesite_pro_ft—1
    • securesite_pro_ev—1 to 2
    • securesite_pro_ev_ft—1
    • securesite_pro_ev_san—1 to 2
    • securesite_pro_san —1 to 4
    • securesite_san—1to 4
    • symantec_csc —1to 3
    • securesite_ev_san—1 to 2
    • sgcsuper_certs—1to 4
    • sitelock_basic—1
    • sitelock_premium—1
    • sitelock_enterprise—1
    • sitelock_find—1
    • sitelock_fix—1
    • sitelock_prevent—1
    • sitelock_911—1
    • ssl123—1 to 3
    • sslwebserver—1 to 3
    • sslwebserver_ev—1 to 2
    • sslwebserver_ev_san—1 to 2
    • sslwebserver_san—1 to 3
    • sslwebserver_wildcard—1 to 2
    • symantec_ssl_lite—1
    • symantec_ssl_lite_wildcard—1
    • truebizid—1to 2
    • truebizid_ev—1 to 2
    • truebizid_ev_ft—1
    • truebizid_ev_san—1 to 2
    • truebizid_san—1to 2
    • truebizid_wildcard—1 to 3
    • thawte_csc —1 to 2
    • trustwave_dv—1 to 3
    • trustwave_ev—1 to 2
    • trustwave_ev_san5—1 to 2
    • trustwave_premiumssl—1 to 3
    • trustwave_premiumssl_san5 —1 to 3
    • trustwave_premiumssl_wildcard—1 to 3

product_type

Optional

The product type from the SSL Certificate inventory. The product types are detailed in the allowed values section for this key.

Allowed values are:

  • comodo_ev

  • comodo_instantssl

  • comodo_premiumssl

  • comodo_premiumssl_wildcard

  • comodo_ssl

  • comodo_wildcard

  • malwarescan

  • quickssl

  • quickssl_premium

  • securesite

  • securesite_pro

  • securesite_ev

  • securesite_pro_ev

  • sgcsuper_certs

  • sitelock_basic

  • sitelock_premium

  • sitelock_enterprise

  • sitelock_find

  • sitelock_fix

  • sitelock_prevent

  • sitelock_911

  • ssl123

  • sslwebserver

  • sslwebserver_wildcard

  • sslwebserver_ev

  • symantec_ssl_lite

  • symantec_ssl_lite_wildcard

  • truebizid

  • truebizid_wildcard

  • truebizid_ev

  • truste_hpp(HostedPrivacyPolicy)

  • truste_tps(TRUSTEPrivacyPolicy
    with seal)

  • trustwave_dv

  • trustwave_ev

  • trustwave_premiumssl

  • trustwave_premiumssl_wildcard

reg_type

Optional

The type of registration being requested:

  • new—Submit a new or SSL Service order.

  • renew—Renew a SSL Service offering.

  • upgrade—Upgrade a SiteLock Find or Fix SSL certificate to a higher level certificate. When you upgrade, the product_type changes, you are charged the price for a one year term at the new level, and the new expiry date is one year from the date of the upgrade.

Note: This feature is currently available only for SiteLock certificates.

server_count

Required when product_type = securesite*, ssl123, sgcsuper_certs, sslwebserver, sslwebserver_wildcard, sslwebserver_ev, comodo_premiumssl_wildcard, comodo_wildcard

The number of servers on which the SSL Service product will be installed.

server_type

Optional

The type of server software used to generate the CSR.

Allowed values are:

Symantec, thawte, and GeoTrust

  • apache2
  • apacheapaches sl
  • apacheopenssl
  • apacheraven
  • apachessl
  • apachessleay
  • c2net
  • cobaltseries
  • cobaltraq3
  • cobaltraq2
  • cpanel
  • domino
  • dominogo4626
  • dominogo4625
  • ensim
  • hsphere
  • iis
  • iis4
  • iis5
  • iplanet
  • ipswitch
  • netscape
  • ibmhttp
  • other
  • plesk
  • tomcat
  • weblogic
  • website
  • webstar
  • webstar4
  • zeusv3

Comodo

  • apachessl
  • citrix
  • domino
  • ensim
  • hsphere
  • iis4
  • iis6
  • iis7
  • iplanet
  • javawebser
  • netscape
  • ibmhttp
  • novell
  • oracle
  • other
  • plesk
  • redhat
  • sap
  • tomcat
  • webstar
  • whmcpanel

Note: Trustwave does not support server types.

special_instructions

Optional

Any special instructions regarding the SSL Service purchase.

End_user_auth_info

Parameters within the end_user_auth_info associative array are described
below.

Parameter name
Obligation
Definition/Value

email_address

Optional - used only for SiteLock and TRUSTe to send Domain Admin credentials

Specify the email address to which you want to send the login credentials (username and password) for Domain Admin.

Note: If you want to associate the SSL Service product with an existing account, only username is required.

password

Optional - used only for SiteLock and TRUSTe to create Domain Admin credentials

The password must be at least eight characters.

username

Optional - used only for SiteLock and TRUSTe to create Domain Admin credentials

The username must be at least six characters

Response parameters for update_order

Standard parameters

  • action = reply
  • object = trust_service
  • is_success = a Boolean is returned, indicating success or failure of the
    request
  • response_code = response code indicating outcome of the request
  • response_text = message describing the outcome of the request

Attributes

If the request is successful, the attributes associative array may include the following:

Parameter name
Obligation
Definition/Value

domain

Returned if
is_success = true

The domain with which the SSL Service order is associated.

order_id

Returned if
is_success = true

The ID number of the SSL Service order.

state

Returned if
is_success = true

The state of the order. Allowed values are:

  • approver-confirmed—Owner has confirmed the domain vetted certificate.

  • awaiting-approval—Order processed successfully; waiting for supplier approval.

  • cancelled—Pending order was cancelled.

  • completed—Order is complete.

  • declined—Order cancelled after it was processed or declined by the
    supplier.

  • in-progress—Order is in progress.

  • pending—Order saved as pending.

Examples for update_order

Example 1

This example changes the information associated with an order, but does not change it's processing state.

Request

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<!DOCTYPE OPS_envelope SYSTEM 'ops.dtd'>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">update_order</item>
                <item key="object">trust_service</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="server_type">apachessl</item>
                        <item key="special_instructions"></item>
                        <item key="approver_email">admin@example.com</item>
                        <item key="csr">-----BEGIN CERTIFICATE REQUEST-----
MIIC3DCCAcQCAQAwgZYxJTAjBgNVBAMTHHVwZGF0ZW9yZGVyLnFhcmVncmVzc2lv bi5vcmcxCzAJBgNVBAYTAkNBMQswCQYDVQQIEwJPTjEQMA4GA1UEBxMHVG9yb250 bzENMAsGA1UEChMEVGVzdDEQMA4GA1UECxMHUUEgRGVwdDEgMB4GCSqGSIb3DQEJ ARYRcWFmaXZlQHR1Y293cy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDkMouJLDenKrVS9FdcmdY3BHrJ9iS5o8TbNSAKf2loYF1afa6tJyxO6bCj Mk6WegE+Yugb42ONAgz0zhJq5bNTuWb9FvBZLEuN/jUBR/iVdTlf//W/BPoE2CmK lbgskzFooQ7v3SSAoYl3TjwfN8iPWwni/yLDMJYJekxcZtsro7vugtl2HZDRhxLy B0WB0y8Kx3lh1c7xC9CbXfqjJf+j1sKiGEh+cy1H71VdcakleoG+Tll8qvtWreEf pZYczmeyn1pPZfbDzVw9AR9x1Yohrwaah1KNZoMIp0taVTkMe/NNEdMP2Rm7Y8ak Eof49VBrRfDGkW135EYYJCHxBvXJAgMBAAGgADANBgkqhkiG9w0BAQQFAAOCAQEA nQHOcqylM/b7NUqFuoWRG9R1GP6/gjixHqyyV4fe2c66HlBHcKR1Tm88cpT8mfu2 oE2Hw55DVUtkrBfNdVZqVXEK8yfiuF2EKuVk+34anCwwIQOg4o6Oy3xBU1oIKpqX 1x0Z7HZJ097DK6uwUqFsviEWyxrNCfJ3DYU5TfrZtnzIdOB6ztI3wBv1IYZyYzk/ zU65N4MDv64yUazmqjZKgxvl4THhWeFVPPy+4dk8k8dkuPkcqhdxeJVwntG7tQIw utv8IShy2ckHVC0URV1RHbr660ygD/fAE3hGjzPbdgwu1DLlC5ANlpSfgeJc3feK sqC2b/EfPHfdbtu6+eJgGw== -----END CERTIFICATE REQUEST-----</item>
                        <item key="server_count">2</item>
                        <item key="period">2</item>
                        <item key="order_id">2326</item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>

Response

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<!DOCTYPE OPS_envelope SYSTEM 'ops.dtd'>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">REPLY</item>
                <item key="object">TRUST_SERVICE</item>
                <item key="is_success">1</item>
                <item key="response_text">Command completed successfully.</item>
                <item key="response_code">200</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="domain">updateorder.example.com</item>
                        <item key="order_id">2326</item>
                        <item key="state">pending</item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>

Example 2

This example creates login credentials for Domain Admin and changes the processing instruction for the order from save to process.

Request

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<!DOCTYPE OPS_envelope SYSTEM 'ops.dtd'>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">update_order</item>
                <item key="object">trust_service</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="handle">process</item>
                        <item key="order_id">7419</item>
                        <item key="product_type">sitelock_fix</item>
                        <item key="end_user_auth_info">
                            <dt_assoc>
                                <item key="email_address">qafive@example.com</item>
                                <item key="username">customer111</item>
                                <item key="password">changeit</item>
                            </dt_assoc>
                        </item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>

Response

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<!DOCTYPE OPS_envelope SYSTEM 'ops.dtd'>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">REPLY</item>
                <item key="object">TRUST_SERVICE</item>
                <item key="is_success">1</item>
                <item key="response_text">Command completed successfully.</item>
                <item key="response_code">200</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="domain">example.ca</item>
                        <item key="order_id">7419</item>
                        <item key="state">awaiting-approval</item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>

Example 3

This example updates the list of domains that are secured by the SSL Service product.

Request

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<!DOCTYPE OPS_envelope SYSTEM 'ops.dtd'>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">update_order</item>
                <item key="object">trust_service</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="additional_domains">
                            <dt_array>
                                <item key="0">upadditional1.example.org</item>
                                <item key="1">upadditional2.example.org</item>
                                <item key="2">upadditional3.example.org</item>
                                <item key="3">upadditional4.example.org</item>
                                <item key="4">upadditional5.example.org</item>
                            </dt_array>
                        </item>
                        <item key="handle">save</item>
                        <item key="order_id">186332</item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>

Response

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<!DOCTYPE OPS_envelope SYSTEM 'ops.dtd'>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">REPLY</item>
                <item key="object">TRUST_SERVICE</item>
                <item key="response_text">Command completed successfully.</item>
                <item key="response_code">200</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="domain">example.org</item>
                        <item key="order_id">186332</item>
                        <item key="state">pending</item>
                    </dt_assoc>
                </item>
                <item key="is_success">1</item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>

Example 4

This example changes DV authorization details for all three methods (File, DNS and Email) for Comodo and Symantec SSL products.

Request

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">update_order</item>
                <item key="object">trust_service</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="server_type">apachessl</item>
                        <item key="approver_email">administrator@20160122comodofileb.com</item>
                        <item key="server_count">2</item>
                        <item key="period">2</item>
                        <item key="order_id">16684</item>
                        <item key="dv_auth_method">file</item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>
<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">update_order</item>
                <item key="object">trust_service</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="server_type">apachessl</item>
                        <item key="approver_email">administrator@20160122comododnsb.com</item>
                        <item key="server_count">2</item>
                        <item key="period">2</item>
                        <item key="order_id">16685</item>
                        <item key="dv_auth_method">dns</item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>
<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="action">update_order</item>
                <item key="object">trust_service</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="server_type">apachessl</item>
                        <item key="approver_email">administrator@20160122comodoemailb.com</item>
                        <item key="server_count">2</item>
                        <item key="period">2</item>
                        <item key="order_id">16686</item>
                        <item key="dv_auth_method">email</item>
                    </dt_assoc>
                </item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>

Response

<?xml version='1.0' encoding="UTF-8" standalone="no"?>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="object">TRUST_SERVICE</item>
                <item key="response_text">Command completed successfully.</item>
                <item key="action">UPDATE_ORDER:REPLY</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="domain">20160122comodofileb.com</item>
                        <item key="dv_auth_method">file</item>
                        <item key="order_id">16684</item>
                        <item key="dv_auth_details">
                            <dt_assoc>
                                <item key="file_contents">1F8DB0E04120A58714B8FC4EAD01E6AE16199D1Dcomodoca.com</item>
                                <item key="file_name">B35A9AF0A25CDF8D12244FBEF67D0E91.txt</item>
                            </dt_assoc>
                        </item>
                        <item key="state">pending</item>
                    </dt_assoc>
                </item>
                <item key="response_code">200</item>
                <item key="is_success">1</item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>
<?xml version='1.0' encoding="UTF-8" standalone="no"?>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="object">TRUST_SERVICE</item>
                <item key="response_text">Command completed successfully.</item>
                <item key="action">UPDATE_ORDER:REPLY</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="domain">20160122comododnsb.com</item>
                        <item key="dv_auth_method">dns</item>
                        <item key="order_id">16685</item>
                        <item key="dv_auth_details">
                            <dt_assoc>
                                <item key="dns_entry">5AE9CDA1ECEF9D587CD513F8DE6000D5.20160122comododnsb.com CNAME AD09E6567790BE3D9AF8D11DC7AFBDEE7BFDB8DC.comodoca.com</item>
                            </dt_assoc>
                        </item>
                        <item key="state">pending</item>
                    </dt_assoc>
                </item>
                <item key="response_code">200</item>
                <item key="is_success">1</item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>
<?xml version='1.0' encoding="UTF-8" standalone="no"?>
<OPS_envelope>
    <header>
        <version>0.9</version>
    </header>
    <body>
        <data_block>
            <dt_assoc>
                <item key="protocol">XCP</item>
                <item key="object">TRUST_SERVICE</item>
                <item key="response_text">Command completed successfully.</item>
                <item key="action">UPDATE_ORDER:REPLY</item>
                <item key="attributes">
                    <dt_assoc>
                        <item key="domain">20160122comodoemailb.com</item>
                        <item key="order_id">16686</item>
                        <item key="state">pending</item>
                    </dt_assoc>
                </item>
                <item key="response_code">200</item>
                <item key="is_success">1</item>
            </dt_assoc>
        </data_block>
    </body>
</OPS_envelope>

update_order


Submits a SSL Service order update to the OpenSRS system. When updating existing SSL Service orders, the general rules are:

  • Include the parameters and values that you want to change.
  • To remove a remove a value, submit the parameter with an empty value
  • Omit any parameters that you do not want to change.

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.