Certificates API

List certificates

GET /:account/domains/:domain/certificates

List the certificates for a domain in the account.

Parameters

Name Type Description
:account integer The account id
:domain string, integer The domain name or id

Example

List all certificates for the domain example.com in the account 1010:

curl  -H 'Authorization: Bearer <token>' \
      -H 'Accept: application/json' \
      https://api.dnsimple.com/v2/1010/domains/example.com/certificates

Response

Responds with HTTP 200.

{
  "data": [
    {
      "id": 1,
      "domain_id": 10,
      "contact_id": 3,
      "name": "www",
      "common_name": "www.weppos.net",
      "years": 1,
      "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIICljCCAX4CAQAwGTEXMBUGA1UEAwwOd3d3LndlcHBvcy5uZXQwggEiMA0GCSqG\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3MJwx9ahBG3kAwRjQdRvYZqtovUaxY6jp\nhd09975gO+2eYPDbc1yhNftVJ4KBT0zdEqzX0CwIlxE1MsnZ2YOsC7IJO531hMBp\ndBxM4tSG07xPz70AVUi9rY6YCUoJHmxoFbclpHFbtXZocR393WyzUK8047uM2mlz\n03AZKcMdyfeuo2/9TcxpTSCkklGqwqS9wtTogckaDHJDoBunAkMioGfOSMe7Yi6E\nYRtG4yPJYsDaq2yPJWV8+i0PFR1Wi5RCnPt0YdQWstHuZrxABi45+XVkzKtz3TUc\nYxrvPBucVa6uzd953u8CixNFkiOefvb/dajsv1GIwH6/Cvc1ftz1AgMBAAGgODA2\nBgkqhkiG9w0BCQ4xKTAnMCUGA1UdEQQeMByCDnd3dy53ZXBwb3MubmV0ggp3ZXBw\nb3MubmV0MA0GCSqGSIb3DQEBCwUAA4IBAQCDnVBO9RdJX0eFeZzlv5c8yG8duhKP\n0000000000000/cbNj9qFPkKTK0vTXmS2XUFBChKPtLucp8+Z754UswX+QCsdc7U\nTTSG0CkyilcSubdZUERGej1XfrVQhrokk7Fu0Jh3BdT6REP0SIDTpA8ku/aRQiAp\np+h19M37S7+w/DMGDAq2LSX8jOpJ1yIokRDyLZpmwyLxutC21DXMGoJ3xZeUFrUT\nqRNwzkn2dJzgTrPkzhaXalUBqv+nfXHqHaWljZa/O0NVCFrHCdTdd53/6EE2Yabv\nq5SFTkRCpaxrvM/7a8Tr4ixD1/VKD6rw3+WCvyS4GWK7knhiI1nZH3PI\n-----END CERTIFICATE REQUEST-----\n",
      "state": "issued",
      "auto_renew": false,
      "alternate_names": [

      ],
      "authority_identifier": "letsencrypt",
      "created_at": "2016-06-11T18:47:08Z",
      "updated_at": "2016-06-11T18:47:37Z",
      "expires_on": "2016-09-09"
    },
    {
      "id": 2,
      "domain_id": 10,
      "contact_id": 3,
      "name": "www",
      "common_name": "www.weppos.net",
      "years": 1,
      "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIICljCCAX4CAQAwGTEXMBUGA1UEAwwOd3d3LndlcHBvcy5uZXQwggEiMA0GCSqG\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEhv18Sz4nQtjCDseXREuFIZW88yK7M5gM\nw2WuVmxTfn3MGprPtIevPJ0gzR4foMpnOKjR/wW8DpbvvNPNo5FAsYf+mr84rMft\nUjOQWfqcraWWHmss/Ytq45uTie8M1/C4Pr+FFfbOwwWz/DqVao5RQ34q+LIPpV62\nwRkg0m14FqT8gjNNM0XAsrfT7M+kvfsS+FbyJ7G9K0tj3wgqaEuKAQtJn7MPflM8\nfG0TqLJ+NSuI/Zfmtol3XzBD/AoViu0F8Sqp5OR8Ej4ZdmbKR+om+U+MX9LwF8MD\nwCtMAIaGF4JkgrpiGrbAKIpXwkuxJ8wWrkwhxu18z/OhJEBW+wFjAgMBAAGgODA2\nBgkqhkiG9w0BCQ4xKTAnMCUGA1UdEQQeMByCDnd3dy53ZXBwb3MubmV0ggp3ZXBw\nb3MubmV0MA0GCSqGSIb3DQEBCwUAA4IBAQBuDDwhTjU7pAGHU1dUthfznvFqjY2I\n7CNEaUSxlXdxyZs34cwx28F7iMDE8Gh7B3QkuS3c2CTtAQsxnWKebgLYJ8w8XLN1\n9mZtNhT8yXKzLDfC9KuzKw467sbxYf8bLsuyFdQ8sBNp+8es9OwVgYsPwZ4NBtOn\nQlwtBBBdxrF5zCQgQXZsFmymf/o4nLU66ouW1MVjoG608dthoBYiIIiPRx3c+Rjd\ni8JHn2qIKF7AJfJy/H8TLgtE1bt08tfDA9ztuX2zb/lvXrVu4aLBjOF+Fn3b+EqX\n6gR0m+Id0b3t3ORN1QU0SBiyrXXJbo6E+cpYKeWlnkf0000000000000\n-----END CERTIFICATE REQUEST-----\n",
      "state": "issued",
      "auto_renew": false,
      "alternate_names": [

      ],
      "authority_identifier": "letsencrypt",
      "created_at": "2016-05-25T15:56:06Z",
      "updated_at": "2016-05-25T17:10:39Z",
      "expires_on": null
    }
  ],
  "pagination": {
    "current_page": 1,
    "per_page": 30,
    "total_entries": 2,
    "total_pages": 1
  }
}

Sorting

For general information about sorting, please refer to the main guide.

Name Description
id Sort by ID
common_name Sort by common name
expires_on Sort by expiration date

The default sorting policy is by descending id.

Get a certificate

GET /:account/domains/:domain/certificates/:certificate

Get the details of a certificate.

Parameters

Name Type Description
:account integer The account id
:domain string, integer The domain name or id
:certificate integer The certificate id

Example

Get the certificate with the ID 1 in the domain example.com, in the account 1010:

curl  -H 'Authorization: Bearer <token>' \
      -H 'Accept: application/json' \
      https://api.dnsimple.com/v2/1010/domains/example.com/certificates/1

Response

Responds with HTTP 200, renders the certificate.

{
  "data": {
    "id": 1,
    "domain_id": 2,
    "contact_id": 3,
    "name": "www",
    "common_name": "www.weppos.net",
    "years": 1,
    "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIICljCCAX4CAQAwGTEXMBUGA1UEAwwOd3d3LndlcHBvcy5uZXQwggEiMA0GCSqG\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3MJwx9ahBG3kAwRjQdRvYZqtovUaxY6jp\nhd09975gO+2eYPDbc1yhNftVJ4KBT0zdEqzX0CwIlxE1MsnZ2YOsC7IJO531hMBp\ndBxM4tSG07xPz70AVUi9rY6YCUoJHmxoFbclpHFbtXZocR393WyzUK8047uM2mlz\n03AZKcMdyfeuo2/9TcxpTSCkklGqwqS9wtTogckaDHJDoBunAkMioGfOSMe7Yi6E\nYRtG4yPJYsDaq2yPJWV8+i0PFR1Wi5RCnPt0YdQWstHuZrxABi45+XVkzKtz3TUc\nYxrvPBucVa6uzd953u8CixNFkiOefvb/dajsv1GIwH6/Cvc1ftz1AgMBAAGgODA2\nBgkqhkiG9w0BCQ4xKTAnMCUGA1UdEQQeMByCDnd3dy53ZXBwb3MubmV0ggp3ZXBw\nb3MubmV0MA0GCSqGSIb3DQEBCwUAA4IBAQCDnVBO9RdJX0eFeZzlv5c8yG8duhKP\nl0Vl+V88fJylb/cbNj9qFPkKTK0vTXmS2XUFBChKPtLucp8+Z754UswX+QCsdc7U\nTTSG0CkyilcSubdZUERGej1XfrVQhrokk7Fu0Jh3BdT6REP0SIDTpA8ku/aRQiAp\np+h19M37S7+w/DMGDAq2LSX8jOpJ1yIokRDyLZpmwyLxutC21DXMGoJ3xZeUFrUT\nqRNwzkn2dJzgTrPkzhaXalUBqv+nfXHqHaWljZa/O0NVCFrHCdTdd53/6EE2Yabv\nq5SFTkRCpaxrvM/7a8Tr4ixD1/VKD6rw3+WC00000000000000000000\n-----END CERTIFICATE REQUEST-----\n",
    "state": "issued",
    "auto_renew": false,
    "alternate_names": [
      "weppos.net",
      "www.weppos.net"
    ],
    "authority_identifier": "letsencrypt",
    "created_at": "2016-06-11T18:47:08Z",
    "updated_at": "2016-06-11T18:47:37Z",
    "expires_on": "2016-09-09"
  }
}

Download a certificate

GET /:account/domains/:domain/certificates/:certificate/download

Get the PEM-encoded certificate, along with the root certificate and intermediate chain.

Parameters

Name Type Description
:account integer The account id
:domain string, integer The domain name or id
:certificate integer The certificate id

Example

Download the certificate with the ID 1 in the domain example.com, in the account 1010:

curl  -H 'Authorization: Bearer <token>' \
      -H 'Accept: application/json' \
      https://api.dnsimple.com/v2/1010/domains/example.com/certificates/1/download

Response

Responds with HTTP 200, renders the certificates.

{
  "data": {
    "server": "-----BEGIN CERTIFICATE-----\nMIIE7TCCA9WgAwIBAgITAPpTe4O3vjuQ9L4gLsogi/ukujANBgkqhkiG9w0BAQsF\nADAiMSAwHgYDVQQDDBdGYWtlIExFIEludGVybWVkaWF0ZSBYMTAeFw0xNjA2MTEx\nNzQ4MDBaFw0xNjA5MDkxNzQ4MDBaMBkxFzAVBgNVBAMTDnd3dy53ZXBwb3MubmV0\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzCcMfWoQRt5AMEY0HUb\n2GaraL1GsWOo6YXdPfe+YDvtnmDw23NcoTX7VSeCgU9M3RKs19AsCJcRNTLJ2dmD\nrAuyCTud9YTAaXQcTOLUhtO8T8+9AFVIva2OmAlKCR5saBW3JaRxW7V2aHEd/d1s\ns1CvNOO7jNppc9NwGSnDHcn3rqNv/U3MaU0gpJJRqsKkvcLU6IHJGgxyQ6AbpwJD\nIqBnzkjHu2IuhGEbRuMjyWLA2qtsjyVlfPotDxUdVouUQpz7dGHUFrLR7ma8QAYu\nOfl1ZMyrc901HGMa7zwbnFWurs3fed7vAosTRZIjnn72/3Wo7L9RiMB+vwr3NX7c\n9QIDAQABo4ICIzCCAh8wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF\nBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRh9q/3Zxbk4yA/\nt7j+8xA+rkiZBTAfBgNVHSMEGDAWgBTAzANGuVggzFxycPPhLssgpvVoOjB4Bggr\nBgEFBQcBAQRsMGowMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3NwLnN0Zy1pbnQteDEu\nbGV0c2VuY3J5cHQub3JnLzAzBggrBgEFBQcwAoYnaHR0cDovL2NlcnQuc3RnLWlu\ndC14MS5sZXRzZW5jcnlwdC5vcmcvMCUGA1UdEQQeMByCCndlcHBvcy5uZXSCDnd3\ndy53ZXBwb3MubmV0MIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLf\nEwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcw\ngasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSBy\nZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3Jk\nYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6\nLy9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEB\nAEqMdWrmdIyQxthWsX3iHmM2h/wXwEesD0VIaA+Pq4mjwmKBkoPSmHGQ/O4v8RaK\nB6gl8v+qmvCwwqC1SkBmm+9C2yt/P6WhAiA/DD+WppYgJWfcz2lEKrgufFlHPukB\nDzE0mJDuXm09QTApWlaTZWYfWKY50T5uOT/rs+OwGFFCO/8o7v5AZRAHos6uzjvq\nAtFZj/FEnXXMjSSlQ7YKTXToVpnAYH4e3/UMsi6/O4orkVz82ZfhKwMWHV8dXlRw\ntQaemFWTjGPgSLXJAtQO30DgNJBHX/fJEaHv6Wy8TF3J0wOGpzGbOwaTX8YAmEzC\nlzzjs+clg5MN5rd1g4POJtU=\n-----END CERTIFICATE-----\n",
    "root": null,
    "chain": [
      "-----BEGIN CERTIFICATE-----\nMIIEqzCCApOgAwIBAgIRAIvhKg5ZRO08VGQx8JdhT+UwDQYJKoZIhvcNAQELBQAw\nGjEYMBYGA1UEAwwPRmFrZSBMRSBSb290IFgxMB4XDTE2MDUyMzIyMDc1OVoXDTM2\nMDUyMzIyMDc1OVowIjEgMB4GA1UEAwwXRmFrZSBMRSBJbnRlcm1lZGlhdGUgWDEw\nggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtWKySDn7rWZc5ggjz3ZB0\n8jO4xti3uzINfD5sQ7Lj7hzetUT+wQob+iXSZkhnvx+IvdbXF5/yt8aWPpUKnPym\noLxsYiI5gQBLxNDzIec0OIaflWqAr29m7J8+NNtApEN8nZFnf3bhehZW7AxmS1m0\nZnSsdHw0Fw+bgixPg2MQ9k9oefFeqa+7Kqdlz5bbrUYV2volxhDFtnI4Mh8BiWCN\nxDH1Hizq+GKCcHsinDZWurCqder/afJBnQs+SBSL6MVApHt+d35zjBD92fO2Je56\ndhMfzCgOKXeJ340WhW3TjD1zqLZXeaCyUNRnfOmWZV8nEhtHOFbUCU7r/KkjMZO9\nAgMBAAGjgeMwgeAwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAw\nHQYDVR0OBBYEFMDMA0a5WCDMXHJw8+EuyyCm9Wg6MHoGCCsGAQUFBwEBBG4wbDA0\nBggrBgEFBQcwAYYoaHR0cDovL29jc3Auc3RnLXJvb3QteDEubGV0c2VuY3J5cHQu\nb3JnLzA0BggrBgEFBQcwAoYoaHR0cDovL2NlcnQuc3RnLXJvb3QteDEubGV0c2Vu\nY3J5cHQub3JnLzAfBgNVHSMEGDAWgBTBJnSkikSg5vogKNhcI5pFiBh54DANBgkq\nhkiG9w0BAQsFAAOCAgEABYSu4Il+fI0MYU42OTmEj+1HqQ5DvyAeyCA6sGuZdwjF\nUGeVOv3NnLyfofuUOjEbY5irFCDtnv+0ckukUZN9lz4Q2YjWGUpW4TTu3ieTsaC9\nAFvCSgNHJyWSVtWvB5XDxsqawl1KzHzzwr132bF2rtGtazSqVqK9E07sGHMCf+zp\nDQVDVVGtqZPHwX3KqUtefE621b8RI6VCl4oD30Olf8pjuzG4JKBFRFclzLRjo/h7\nIkkfjZ8wDa7faOjVXx6n+eUQ29cIMCzr8/rNWHS9pYGGQKJiY2xmVC9h12H99Xyf\nzWE9vb5zKP3MVG6neX1hSdo7PEAb9fqRhHkqVsqUvJlIRmvXvVKTwNCP3eCjRCCI\nPTAvjV+4ni786iXwwFYNz8l3PmPLCyQXWGohnJ8iBm+5nk7O2ynaPVW0U2W+pt2w\nSVuvdDM5zGv2f9ltNWUiYZHJ1mmO97jSY/6YfdOUH66iRtQtDkHBRdkNBsMbD+Em\n2TgBldtHNSJBfB3pm9FblgOcJ0FSWcUDWJ7vO0+NTXlgrRofRT6pVywzxVo6dND0\nWzYlTWeUVsO40xJqhgUQRER9YLOLxJ0O6C8i0xFxAMKOtSdodMB3RIwt7RFQ0uyt\nn5Z5MqkYhlMI3J1tPRTp1nEt9fyGspBOO05gi148Qasp+3N+svqKomoQglNoAxU=\n-----END CERTIFICATE-----"
    ]
  }
}

Get a certificate private key

GET /:account/domains/:domain/certificates/:certificate/private_key

Get the PEM-encoded certificate private key.

Parameters

Name Type Description
:account integer The account id
:domain string, integer The domain name or id
:certificate integer The certificate id

Example

Download the certificate with the ID 1 in the domain example.com, in the account 1010:

curl  -H 'Authorization: Bearer <token>' \
      -H 'Accept: application/json' \
      https://api.dnsimple.com/v2/1010/domains/example.com/certificates/1/private_key

Response

Responds with HTTP 200, renders the certificate private key.

{
  "data": {
    "private_key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAtzCcMfWoQRt5AMEY0HUb2GaraL1GsWOo6YXdPfe+YDvtnmDw\n23NcoTX7VSeCgU9M3RKs19AsCJcRNTLJ2dmDrAuyCTud9YTAaXQcTOLUhtO8T8+9\nAFVIva2OmAlKCR5saBW3JaRxW7V2aHEd/d1ss1CvNOO7jNppc9NwGSnDHcn3rqNv\n/U3MaU0gpJJRqsKkvcLU6IHJGgxyQ6AbpwJDIqBnzkjHu2IuhGEbRuMjyWLA2qts\njyVlfPotDxUdVouUQpz7dGHUFrLR7ma8QAYuOfl1ZMyrc901HGMa7zwbnFWurs3f\ned7vAosTRZIjnn72/3Wo7L9RiMB+vwr3NX7c9QIDAQABAoIBAEQx32OlzK34GTKT\nr7Yicmw7xEGofIGa1Q2h3Lut13whsxKLif5X0rrcyqRnoeibacS+qXXrJolIG4rP\nTl8/3wmUDQHs5J+6fJqFM+fXZUCP4AFiFzzhgsPBsVyd0KbWYYrZ0qU7s0ttoRe+\nTGjuHgIe3ip1QKNtx2Xr50YmytDydknmro79J5Gfrub1l2iA8SDm1eBrQ4SFaNQ2\nU709pHeSwX8pTihUX2Zy0ifpr0O1wYQjGLneMoG4rrNQJG/z6iUdhYczwwt1kDRQ\n4WkM2sovFOyxbBfoCQ3Gy/eem7OXfjNKUe47DAVLnPkKbqL/3Lo9FD7kcB8K87Ap\nr/vYrl0CgYEA413RAk7571w5dM+VftrdbFZ+Yi1OPhUshlPSehavro8kMGDEG5Ts\n74wEz2X3cfMxauMpMrBk/XnUCZ20AnWQClK73RB5fzPw5XNv473Tt/AFmt7eLOzl\nOcYrhpEHegtsD/ZaljlGtPqsjQAL9Ijhao03m1cGB1+uxI7FgacdckcCgYEAzkKP\n6xu9+WqOol73cnlYPS3sSZssyUF+eqWSzq2YJGRmfr1fbdtHqAS1ZbyC5fZVNZYV\nml1vfXi2LDcU0qS04JazurVyQr2rJZMTlCWVET1vhik7Y87wgCkLwKpbwamPDmlI\n9GY+fLNEa4yfAOOpvpTJpenUScxyKWH2cdYFOOMCgYBhrJnvffINC/d64Pp+BpP8\nyKN+lav5K6t3AWd4H2rVeJS5W7ijiLTIq8QdPNayUyE1o+S8695WrhGTF/aO3+ZD\nKQufikZHiQ7B43d7xL7BVBF0WK3lateGnEVyh7dIjMOdj92Wj4B6mv2pjQ2VvX/p\nAEWVLCtg24/+zL64VgxmXQKBgGosyXj1Zu2ldJcQ28AJxup3YVLilkNje4AXC2No\n6RCSvlAvm5gpcNGE2vvr9lX6YBKdl7FGt8WXBe/sysNEFfgmm45ZKOBCUn+dHk78\nqaeeQHKHdxMBy7utZWdgSqt+ZS299NgaacA3Z9kVIiSLDS4V2VeW7riujXXP/9TJ\nnxaRAoGBAMWXOfNVzfTyrKff6gvDWH+hqNICLyzvkEn2utNY9Q6WwqGuY9fvP/4Z\nXzc48AOBzUr8OeA4sHKJ79sJirOiWHNfD1swtvyVzsFZb6moiNwD3Ce/FzYCa3lQ\nU8blTH/uqpR2pSC6whzJ/lnSdqHUqhyp00000000000000000000\n-----END RSA PRIVATE KEY-----\n"
  }
}

Let’s Encrypt: Purchase a certificate

This endpoint is currently in Public Preview. During the Preview period changes may occurr at any time.

Consider using our official clients to reduce the likelyhood of breaking changes. If you are using or planning to use this endpoint we'd like to hear your feedback.

POST /:account/domains/:domain/certificates/letsencrypt

Purchase a Let’s Encrypt certificate with DNSimple.

The certificate is free of charge, but some features of the certificate may require higher tier plans.

The domain must be delegated to DNSimple.

Certificate name

The default certificate name is www and covers both the root domain (e.g. example.com) and the www subdomain (e.g. www.example.com).

You can choose a custom name (like api), which is valid only for https://api.example.com. Custom names require a subscription to a Professional or Business plan.

Alternate names

A certificate can be purchased for multiple subdomains. We call them alternate names or Subject Alternative Name (SAN).

By default a certificate does not have alternate names.

You can purchase a single certificate for both https://docs.example.com and https://status.example.com, alongside https://example.com.

Alternate names require a subscription to a Professional or Business plan.

Auto renewal

By default a certificate is not auto-renewed when it expires.

Certificates with auto-renewal disabled may be renewed manually.

You may also purchase the certificate once and select the auto-renewal option. With auto-renewal enabled, our system automatically renews a certificate before it expires. Notification for renewed certificates are sent via email and a webhook is fired when a new certificate is available. You will still have to install the renewed certificate.

Parameters

Name Type Description
:account integer The account id
:domain string, integer The domain name or id

Example

Purchase a Let’s Encrypt certificate for example.com in the account 1010:

curl  -H 'Authorization: Bearer <token>' \
      -H 'Accept: application/json' \
      -H 'Content-Type: application/json' \
      -X POST \
      -d '<json>' \
      https://api.dnsimple.com/v2/1010/domains/example.com/certificates/letsencrypt

Input

Name Type Description
contact_id integer Required. The ID of an existing contact in your account.
auto_renew bool Set to true to enable the auto-renewal of the certificate. Default: false.
name string The certificate name. Default: "www".
alternate_names array<string> The certificate alternate names. Default: []. Example: ["docs.example.com", "status.example.com"]

The contact_id can be fetched via the contacts endpoint.

Response

{
  "data": {
    "id": 300,
    "certificate_id": 300,
    "state": "requesting",
    "auto_renew": false,
    "created_at": "2017-10-19T08:18:53Z",
    "updated_at": "2017-10-19T08:22:17Z",
    "expires_on": null
  }
}

Let’s Encrypt: Issue a certificate

This endpoint is currently in Public Preview. During the Preview period changes may occurr at any time.

Consider using our official clients to reduce the likelyhood of breaking changes. If you are using or planning to use this endpoint we'd like to hear your feedback.

POST /:account/domains/:domain/certificates/letsencrypt/:certificate/issue

Issue a Let’s Encrypt certificate purchased with DNSimple.

Parameters

Name Type Description
:account integer The account id
:domain string, integer The domain name or id
:certificate integer The certificate id

Example

Issue a Let’s Encrypt certificate with ID 200, for example.com in the account 1010:

curl  -H 'Authorization: Bearer <token>' \
      -H 'Accept: application/json' \
      -X POST \
      https://api.dnsimple.com/v2/1010/domains/example.com/certificates/letsencrypt/200/issue

Response

{
  "data": {
    "id": 200,
    "domain_id": 300,
    "contact_id": 100,
    "name": "www",
    "common_name": "www.example.com",
    "years": 1,
    "csr": null,
    "state": "requesting",
    "auto_renew": false,
    "alternate_names": [

    ],
    "authority_identifier": "letsencrypt",
    "created_at": "2017-10-18T15:40:32Z",
    "updated_at": "2017-10-18T15:42:18Z",
    "expires_on": null
  }
}

The certificate will be in state requesting, and it can’t be downloaded until issued by Let’s Encrypt. You can subscribe to a webhook to receive a notification when the certificate is issued.

Let’s Encrypt: Renew a certificate

This endpoint is currently in Public Preview. During the Preview period changes may occurr at any time.

Consider using our official clients to reduce the likelyhood of breaking changes. If you are using or planning to use this endpoint we'd like to hear your feedback.

POST /:account/domains/:domain/certificates/letsencrypt/:certificate/renewals

Renew a Let’s Encrypt certificate purchased with DNSimple.

You must renew a certificate only if it does NOT use the auto renewal feature.

You can always enable or disable auto renewal when renewing a certificate.

Parameters

Name Type Description
:account integer The account id
:domain string, integer The domain name or id
:certificate integer The certificate id

Example

Renew a Let’s Encrypt certificate with ID 200 for example.com in the account 1010:

curl  -H 'Authorization: Bearer <token>' \
      -H 'Accept: application/json' \
      -H 'Content-Type: application/json' \
      -X POST \
      -d '<json>' \
      https://api.dnsimple.com/v2/1010/domains/example.com/certificates/letsencrypt/200/renewals

Input

Name Type Description
auto_renew bool Set to true to enable the auto-renewal of the certificate. Default: false.

Response

{
  "data": {
    "id": 999,
    "old_certificate_id": 200,
    "new_certificate_id": 300,
    "state": "new",
    "auto_renew": false,
    "created_at": "2017-10-19T08:18:53Z",
    "updated_at": "2017-10-19T08:18:53Z"
  }
}

Let’s Encrypt: Issue a certificate renewal

This endpoint is currently in Public Preview. During the Preview period changes may occurr at any time.

Consider using our official clients to reduce the likelyhood of breaking changes. If you are using or planning to use this endpoint we'd like to hear your feedback.

POST /:account/domains/:domain/certificates/letsencrypt/:certificate/renewals/:certificate_renewal/issue

Issue a Let’s Encrypt certificate renewed with DNSimple.

Parameters

Name Type Description
:account integer The account id
:domain string, integer The domain name or id
:certificate integer The certificate id
:certificate_renewal integer The certificate renewal id

The :certificate_renewal ID is the one returned by the renewal.

Example

Issue a Let’s Encrypt certificate renewal with ID 999, for the certificate 200, for example.com in the account 1010:

curl  -H 'Authorization: Bearer <token>' \
      -H 'Accept: application/json' \
      -X POST \
      https://api.dnsimple.com/v2/1010/domains/example.com/certificates/letsencrypt/200/renewals/999/issue

Response

{
  "data": {
    "id": 300,
    "domain_id": 300,
    "contact_id": 100,
    "name": "www",
    "common_name": "www.example.com",
    "years": 1,
    "csr": null,
    "state": "requesting",
    "auto_renew": false,
    "alternate_names": [

    ],
    "authority_identifier": "letsencrypt",
    "created_at": "2017-10-19T08:18:53Z",
    "updated_at": "2017-10-19T08:22:17Z",
    "expires_on": null
  }
}

The certificate will be in state requesting, and it can’t be downloaded until issued by Let’s Encrypt. You can subscribe to a webhook to receive a notification once the certificate is issued.