Certificate API
https://api.gandi.net/v5/certificate/
DCV parameters ¶
https://api.gandi.net/v5/certificate/dcv_params
post Retrieve DCV parameters ¶
Get parameters for DCV (Domain Control Validation). DCV is a security check that validates/grants access to the registred domain name.
Despite being a post method, this route does not perform any change on your existing certificates.
If you want to perform a DCV through DNS, pass the parameter dvc_method
with dns
.
Request
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Body
application/json
⁠objectWith the following properties:
Optional
- altnames ⁠array[ string ]Alt Name list, when the certificate package permits it
- csr ⁠stringCertificate Signing Request
- dcv_method ⁠string
One of: "email", "dns", "file", "http", "https"
The certificate validation method - package ⁠stringCertificate package name as returned in the package list route.
- altnames ⁠array[ string ]
Responses
200
Body
application/json
⁠objectWith the following properties:
- dcv_method ⁠string
One of: "email", "dns", "file", "http", "https"
The certificate validation method - fqdns ⁠array[ string ]
- md5 ⁠string
- sha256 ⁠string
Optional
- messages ⁠array[ string ]
- raw_messages ⁠array[ array[ string ] ]
- unique_value ⁠string
- dcv_method ⁠string
403
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
401
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
Secured by
Authentication with API Key
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Certificate Create and List ¶
https://api.gandi.net/v5/certificate/issued-certs
get List certificates ¶
Request
Query String
Optional
- cn ⁠stringFilters the list by CN name, with optional patterns.Example:
example.net
Example:example*
Example:*example.com
- covered_cn ⁠stringFilters the list by certificates valid for a given CN.
- package ⁠stringName of the certificate package.
- page ⁠integer
Default: 1
Minimum: 1
Which result page to retrieve. If the number is greater than the last page, an empty list is returned. - per_page ⁠integer
Minimum: 1
How many items to display per page. - sharing_id ⁠stringSharing ID. Organization ID used as a filter or as a billing identifier. See the reference.
- sort_by ⁠string
- status ⁠string
One of: "pending", "valid", "revoked", "replaced", "replaced_rev", "expired"
- cn ⁠string
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Responses
200
Headers
- Total-Count ⁠integerTotal number of items.
Optional
- Filtered-Count ⁠integerOn a filtered list, this is the number of matching items.
- Link ⁠stringLinks to next and last page.
- Total-Count ⁠integer
Body
application/json
⁠arrayOf items of type:
- object
With the following properties:
- altnames ⁠array[ string ]Alt Name list, when the certificate package permits it
- altnames_unicode ⁠array[ string ]Alt Name list, when the certificate package permits it
- cn ⁠string
Maximum length: 64
Common Name - cn_unicode ⁠string
Maximum length: 64
Common Name - contact ⁠object
With the following properties:
Optional
- city ⁠string
- country ⁠string
- email ⁠string
- family ⁠string
- given ⁠string
- orgname ⁠string
- state ⁠string
- streetaddr ⁠string
- zip ⁠string
- dates ⁠object
With the following properties:
Optional
- created_at ⁠datetime
- ends_at ⁠datetime
- started_at ⁠datetime
- subscription_ends_at ⁠datetime
- updated_at ⁠datetime
- id ⁠stringUUID
- package ⁠object
With the following properties:
- href ⁠string
- max_domains ⁠integer
- name ⁠string
- name_label ⁠string
- type ⁠string
- type_label ⁠string
- wildcard ⁠boolean
- software ⁠integer
- status ⁠string
One of: "pending", "valid", "revoked", "replaced", "replaced_rev", "expired"
Optional
- assumed_name ⁠string
- business_category ⁠string
- card_pay_trustlogo ⁠boolean
- cert ⁠string
- csr ⁠string
- dcv_method ⁠string
One of: "email", "dns", "file", "http", "https"
The certificate validation method - error_msg ⁠string
- href ⁠string
- ida ⁠object
With the following properties:
Optional
- email ⁠string
- fax ⁠string
- tel ⁠string
- intermediate ⁠string
- joi ⁠object
With the following properties:
Optional
- country ⁠string
- locality ⁠string
- state ⁠string
- middleman ⁠object
With the following properties:
Optional
- city ⁠string
- country ⁠string
- email ⁠string
- family ⁠string
- given ⁠string
- orgname ⁠string
- state ⁠string
- streetaddr ⁠string
- zip ⁠string
- owner ⁠string
- reissuable ⁠boolean
- renewable ⁠boolean
- sha_version ⁠integer
- sharing_id ⁠string
- state ⁠string
- state_detail ⁠string
- stored ⁠boolean
- trustlogo ⁠boolean
- trustlogo_token ⁠object
- altnames ⁠array[ string ]
- object
403
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
401
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
Secured by
Authentication with API Key
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
post Create a new certificate ¶
This route creates a new certificate.
The parameters can receive either a CSR or a CN.
Important: All certificates are valid for one year regardless of the duration
value. For longer durations, you must update the certificate using PATCH /issued-certs/{id}.
Request
Query String
Optional
- sharing_id ⁠stringSharing ID. Organization ID used as a filter or as a billing identifier. See the reference.
- sharing_id ⁠string
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
Optional
- Dry-Run ⁠integerIf this header's value is
1
the request's parameters will only be checked; the operation will not actually be performed.
- Authorization ⁠string
Body
application/json
⁠objectWith the following properties:
Required
- package ⁠stringCertificate package name as returned in the package list route.
Optional
- altnames ⁠array[ string ]Alt Name list, when the certificate package permits it
- cn ⁠string
Maximum length: 64
Common Name - csr ⁠stringCertificate Signing Request
- dcv_method ⁠string
One of: "email", "dns", "file", "http", "https"
The certificate validation method - duration ⁠integer
Default: 1
Minimum: 1
- package ⁠string
Responses
200
Dry-Run: 1
header.Headers
Optional
- Warning ⁠stringWarning message
- Warning ⁠string
Body
application/json
⁠objectWith the following properties:
- status ⁠string
One of: "success", "error"
Response status.
Optional
- errors ⁠arrayA list of all the errors encountered during validation.
Of items of type:
- object
With the following properties:
- description ⁠stringError message.
- location ⁠string
One of: "header", "path", "querystring", "body"
The field's location in the HTTP response. - name ⁠stringThe xpath of the field.
- description ⁠string
- object
- status ⁠string
202
Headers
Optional
- Location ⁠string
Body
application/json
⁠objectWith the following properties:
- href ⁠string
- id ⁠stringCertificate ID
- message ⁠stringConfirmation message.
403
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
401
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
Secured by
Authentication with API Key
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Certificate information ¶
https://api.gandi.net/v5/certificate/issued-certs/{id}
get Certificate details ¶
Request
URI Parameters
- id ⁠stringCertificate ID
- id ⁠string
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Responses
200
Body
application/json
⁠objectWith the following properties:
- altnames ⁠array[ string ]Alt Name list, when the certificate package permits it
- altnames_unicode ⁠array[ string ]Alt Name list, when the certificate package permits it
- cn ⁠string
Maximum length: 64
Common Name - cn_unicode ⁠string
Maximum length: 64
Common Name - contact ⁠object
With the following properties:
Optional
- city ⁠string
- country ⁠string
- email ⁠string
- family ⁠string
- given ⁠string
- orgname ⁠string
- state ⁠string
- streetaddr ⁠string
- zip ⁠string
- dates ⁠object
With the following properties:
Optional
- created_at ⁠datetime
- ends_at ⁠datetime
- started_at ⁠datetime
- subscription_ends_at ⁠datetime
- updated_at ⁠datetime
- id ⁠stringUUID
- package ⁠object
With the following properties:
- href ⁠string
- max_domains ⁠integer
- name ⁠string
- name_label ⁠string
- type ⁠string
- type_label ⁠string
- wildcard ⁠boolean
- software ⁠integer
- status ⁠string
One of: "pending", "valid", "revoked", "replaced", "replaced_rev", "expired"
Optional
- assumed_name ⁠string
- business_category ⁠string
- card_pay_trustlogo ⁠boolean
- cert ⁠string
- csr ⁠string
- dcv_method ⁠string
One of: "email", "dns", "file", "http", "https"
The certificate validation method - error_msg ⁠string
- href ⁠string
- ida ⁠object
With the following properties:
Optional
- email ⁠string
- fax ⁠string
- tel ⁠string
- intermediate ⁠string
- joi ⁠object
With the following properties:
Optional
- country ⁠string
- locality ⁠string
- state ⁠string
- middleman ⁠object
With the following properties:
Optional
- city ⁠string
- country ⁠string
- email ⁠string
- family ⁠string
- given ⁠string
- orgname ⁠string
- state ⁠string
- streetaddr ⁠string
- zip ⁠string
- owner ⁠string
- reissuable ⁠boolean
- renewable ⁠boolean
- sha_version ⁠integer
- sharing_id ⁠string
- state ⁠string
- state_detail ⁠string
- stored ⁠boolean
- trustlogo ⁠boolean
- trustlogo_token ⁠object
- altnames ⁠array[ string ]
403
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
401
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
Secured by
Authentication with API Key
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
post Renew a certificate ¶
Request
URI Parameters
- id ⁠stringCertificate ID
- id ⁠string
Query String
Optional
- sharing_id ⁠stringSharing ID. Organization ID used as a filter or as a billing identifier. See the reference.
- sharing_id ⁠string
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
Optional
- Dry-Run ⁠integerIf this header's value is
1
the request's parameters will only be checked; the operation will not actually be performed.
- Authorization ⁠string
Body
application/json
⁠objectWith the following properties:
Optional
- csr ⁠string
- dcv_method ⁠string
- duration ⁠integer
Responses
200
Dry-Run: 1
header.Headers
Optional
- Warning ⁠stringWarning message
- Warning ⁠string
Body
application/json
⁠objectWith the following properties:
- status ⁠string
One of: "success", "error"
Response status.
Optional
- errors ⁠arrayA list of all the errors encountered during validation.
Of items of type:
- object
With the following properties:
- description ⁠stringError message.
- location ⁠string
One of: "header", "path", "querystring", "body"
The field's location in the HTTP response. - name ⁠stringThe xpath of the field.
- description ⁠string
- object
- status ⁠string
202
Headers
Optional
- Location ⁠string
Body
application/json
⁠objectWith the following properties:
- message ⁠stringConfirmation message.
- message ⁠string
403
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
401
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
Secured by
Authentication with API Key
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
patch Update a certificate ¶
Request
URI Parameters
- id ⁠stringCertificate ID
- id ⁠string
Query String
Optional
- sharing_id ⁠stringSharing ID. Organization ID used as a filter or as a billing identifier. See the reference.
- sharing_id ⁠string
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
Optional
- Dry-Run ⁠integerIf this header's value is
1
the request's parameters will only be checked; the operation will not actually be performed.
- Authorization ⁠string
Body
application/json
⁠objectWith the following properties:
Optional
- altnames ⁠array[ string ]
- csr ⁠string
- dcv_method ⁠string
Responses
200
Dry-Run: 1
header.Headers
Optional
- Warning ⁠stringWarning message
- Warning ⁠string
Body
application/json
⁠objectWith the following properties:
- status ⁠string
One of: "success", "error"
Response status.
Optional
- errors ⁠arrayA list of all the errors encountered during validation.
Of items of type:
- object
With the following properties:
- description ⁠stringError message.
- location ⁠string
One of: "header", "path", "querystring", "body"
The field's location in the HTTP response. - name ⁠stringThe xpath of the field.
- description ⁠string
- object
- status ⁠string
202
Headers
Optional
- Location ⁠string
Body
application/json
⁠objectWith the following properties:
- message ⁠stringConfirmation message.
- message ⁠string
403
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
401
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
Secured by
Authentication with API Key
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
delete Revoke a certificate ¶
Request
URI Parameters
- id ⁠stringCertificate ID
- id ⁠string
Query String
Optional
- sharing_id ⁠stringSharing ID. Organization ID used as a filter or as a billing identifier. See the reference.
- sharing_id ⁠string
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Responses
204
403
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
401
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
Secured by
Authentication with API Key
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Retrieve certificate ¶
https://api.gandi.net/v5/certificate/issued-certs/{id}/crt
get Retrieve certificate ¶
Request
URI Parameters
- id ⁠stringCertificate ID
- id ⁠string
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Responses
200
Body
text/plain
⁠stringthe certificate
403
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
401
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
Secured by
Authentication with API Key
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Certificate validation ¶
https://api.gandi.net/v5/certificate/issued-certs/{id}/dcv
put Resend the DCV ¶
Request
URI Parameters
- id ⁠stringCertificate ID
- id ⁠string
Query String
Optional
- sharing_id ⁠stringSharing ID. Organization ID used as a filter or as a billing identifier. See the reference.
- sharing_id ⁠string
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Responses
202
Headers
Optional
- Location ⁠string
Body
application/json
⁠objectWith the following properties:
- message ⁠stringConfirmation message.
- message ⁠string
403
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
401
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
Secured by
Authentication with API Key
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
patch Update the DCV method ¶
Request
URI Parameters
- id ⁠stringCertificate ID
- id ⁠string
Query String
Optional
- sharing_id ⁠stringSharing ID. Organization ID used as a filter or as a billing identifier. See the reference.
- sharing_id ⁠string
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Body
application/json
⁠objectWith the following properties:
Required
- method ⁠string
One of: "email", "dns", "file", "http", "https"
- method ⁠string
Responses
201
Headers
Optional
- Location ⁠string
Body
application/json
⁠objectWith the following properties:
- message ⁠stringConfirmation message.
- message ⁠string
403
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
401
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
Secured by
Authentication with API Key
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
DCV parameters ¶
https://api.gandi.net/v5/certificate/issued-certs/{id}/dcv_params
post Retrieve DCV parameters ¶
Get parameters for DCV (Domain Control Validation). DCV is a security check that validates/grants access to the registred domain name.
Despite being a post method, this route does not perform any change on your existing certificates.
If you want to perform a DCV through DNS, pass the parameter dvc_method
with dns
.
Request
URI Parameters
- id ⁠stringCertificate ID
- id ⁠string
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Body
application/json
⁠objectWith the following properties:
Optional
- csr ⁠stringCertificate Signing Request
- dcv_method ⁠string
One of: "email", "dns", "file", "http", "https"
The certificate validation method - package ⁠stringCertificate package name as returned in the package list route.
- csr ⁠string
Responses
200
Body
application/json
⁠objectWith the following properties:
- dcv_method ⁠string
One of: "email", "dns", "file", "http", "https"
The certificate validation method - fqdns ⁠array[ string ]
- md5 ⁠string
- sha256 ⁠string
Optional
- messages ⁠array[ string ]
- raw_messages ⁠array[ array[ string ] ]
- unique_value ⁠string
- dcv_method ⁠string
403
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
401
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
Secured by
Authentication with API Key
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Certificate Packages ¶
https://api.gandi.net/v5/certificate/packages
get Package list ¶
Request
Query String
Optional
- category ⁠string
- max_domains ⁠integer
- min_domains ⁠integer
- page ⁠integer
Default: 1
Minimum: 1
Which result page to retrieve. If the number is greater than the last page, an empty list is returned. - per_page ⁠integer
Minimum: 1
How many items to display per page. - trustlogo ⁠boolean
- warranty ⁠integer
- wildcard ⁠boolean
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Responses
200
Headers
- Total-Count ⁠integerTotal number of items.
Optional
- Link ⁠stringLinks to next and last page.
- Total-Count ⁠integer
Body
application/json
⁠arrayOf items of type:
- object
With the following properties:
- category ⁠object
With the following properties:
- name ⁠string
- href ⁠string
- max_domains ⁠integer
- min_domains ⁠integer
- name ⁠string
- sgc ⁠boolean
- trustlogo ⁠boolean
- warranty ⁠integer
- wildcard ⁠boolean
- category ⁠object
- object
403
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
401
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
Secured by
Authentication with API Key
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Package information ¶
https://api.gandi.net/v5/certificate/packages/{name}
get Package information ¶
Request
URI Parameters
- name ⁠stringPackage name
- name ⁠string
Responses
200
Body
application/json
⁠objectWith the following properties:
- category ⁠object
With the following properties:
- name ⁠string
- href ⁠string
- max_domains ⁠integer
- min_domains ⁠integer
- name ⁠string
- sgc ⁠boolean
- trustlogo ⁠boolean
- warranty ⁠integer
- wildcard ⁠boolean
- category ⁠object
Intermediate certificate ¶
https://api.gandi.net/v5/certificate/pem/{type}
get Intermediate certificate ¶
Request
URI Parameters
- type ⁠string
One of: "cert_std", "cert_free", "cert_bus", "cert_pro"
Certificate type
- type ⁠string
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string
Responses
200
Body
text/plain
⁠stringPlain text intermediate certificate.
403
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
401
Body
application/json
⁠objectWith the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string
Secured by
Authentication with API Key
Headers
Required
- Authorization ⁠stringThe
Authorization
header must start withApikey
, followed by the user's API Key.Example:Apikey your-api-key
- Authorization ⁠string