Table of Contents

Overview
Create DNS API Key
General Guides to Use API
Server Reply
Examples:
Query Domain SSL
Simple Query
Query + Display the Certs
Renew Domain SSL
Download Domain SSL

SSL API - DNSExit.com

The SSL API give you the tools to manage and renew your Let's Encrypt SSL remotely. You compile your request at JSON file and post it to our API address. The API is still under development. If you have any suggestions or bugs, please feel free to contact our support. If you need any feature, feel free to let us know and we would be glad to satisfy your request as much as possible.

DNS API Key

You will need to create an API KEY for your account before you can use SSL API to manage your SSL remotely.

To create an API key, login to your account, click on “Settings” on the left menu and click “DNS API Key” to bring up the API Key creation page. After the API Key has been created, you will need to use the key for every remote request for your SSL.

General Guides to Use API

To use the API, you create your update at JSON file and post the update to our API site: 
			
>> curl -H "Content-Type: application/json" --data @/path/jason-file https://api.dnsexit.com/dns/lse.jsp
Alternatively, you can skip definition of apikey and domain at JSon file and specify them at the URL parameter as: 
>> curl -H "Content-Type: application/json" --data @/tmp/update.json  \
			 https://api.dnsexit.com/dns/lse.jsp?apikey=Your-API-KEY&domain=example.com
Or you can define them at the Headers as: 
	
>> curl -H "Content-Type: application/json" -H "apikey: Your-API-KEY" -H "domain: example.com" \
		 --data @/tmp/update.json https://api.dnsexit.com/dns/lse.jsp

Bear in mind the parameter passed at Headers has the highest priority, followed by HTTP URL parameters, last by definition at JSON file. For examplie, if you define the domain at Header as 

 -H "domain: example.com"
, it will overwrite the domain definition at HTTP URL and JSON file.

Server Reply

Successful reply of the update to the service should return JSON reply file like
Note: A successful update will always return code: 0; Other codes value indicate there are problems.
Here are the list of possible server reply codes:
    Reply Code Reply Message Note
    0 Success Actions got executed successfully
    1 Failed Indicates action failed. You should check the message for the reason
    2 API Key Authentication Error The API Key is missing or wrong
    3 Missing Required Definitions Your JSON file may missing some required definitions.
    4 JSON Data Syntax Error Your JSON file has syntax error.
    5 JSON Defined Record Type not Supported Your JSON may try to update some record type not supported by our system
    6 System Error Our system problem. May not be your problem. Contact our support if you got such error.
    7 Error getting post data Our server has problem to receive your JSON posting

Examples - SSL Actions

Query Domain SSL

1. Simple Query for the SSL of a Domain

 Example JSON File to query the status of a SSL. 
{
   "apikey": "your-api-key",
   "domain":"example.com",
   "action": "query",
   "verbose": "false"
}

You may get back the following JSON reply:

{
   "code":"0",
   "message":"Success",
   "SSL":{
      "expiration date":"2021-05-28",
      "domain":"example.com",
      "type":"regular",
      "issue date":"2021-02-27",
      "status":"OK"
   }
}

2. Query and Display the SSL Certs for a Domain

 Example JSON File to query the status of a SSL and display the Certificates. 
{
   "apikey": "your-api-key",
   "domain":"example.com",
   "action": "query",
   "verbose": "true"      // values can be "true", "false", "certs"
}

You will get the above JSON reply when verbose is "false" Plus all the certs. Most time, you may only need the SSL Certificate and Intermediate CA, then you put the verbose value to be "certs"

-----SSL Certificate:-----
-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----

-----Intermediate CA-----
-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----

-----Private Key-----
-----BEGIN RSA PRIVATE KEY-----
....
-----END RSA PRIVATE KEY-----

-----Domain CSR-----
-----BEGIN CERTIFICATE REQUEST-----
.....
-----END CERTIFICATE REQUEST-----

{
   "code":"0",
   "message":"Success",
   "SSL":{
      "expiration date":"2021-05-28",
      "domain":"example.com",
      "type":"regular",
      "issue date":"2021-02-27",
      "status":"OK"
   }
}

Renew Domain SSL

Example JSON File to renew the Let's Encrypt SSL for a domain 
{
   "apikey": "your-api-key",
   "domain": "example.com",
   "action": "renew",
   "verbose": "true"    // "false"  or "true", when "true", you will see the progress of renewing the SSL. The renew process may take a few minutes
}

Upon successfully renew, you should get a JSon data at the end with code:0 to indicate the SSL has been renewed successfully.

{
   "code":"0",
   "message":"Success",
   "details":["....."]
}

Download Domain SSL

You can download a SSL certificate with the following JSon: 
{
   "apikey": "your-api-key",
   "domain": "example.com",
   "action": "download",
   "file": "cert"				|| file can be "CSR", "cert", "CA", "privatekey"
}

Alternatively, you can put the value of file to be either "CA", "CSR", "privatekey" to download the Intermediate CA, CSR, or private key of the SSL certificate. 

>> curl  -H "Content-Type: application/json" --data @/path/jason-file https://api.dnsexit.com/dns/lse.jsp
It will display the following output: 
-----SSL Certificate:-----
-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----

Alternatively you can pipe the above command to your certificate file

>> curl  -H "Content-Type: application/json" --data @/path/jason-file https://api.dnsexit.com/dns/lse.jsp > /path-to-your-ssl/domain.cert