Check the replacement of a Certificate

POST/certificates/{certificateId}/actions/check-replace-certificate/

API version

v2

Request method

POST

Operation ID

ssl-check-replace-certificate

---

Checks the replacement of a Certificate and shows differences between the current and the new Certificate.

Request

• certificateIdstring (uuid)

  required

Responses

Format

application/json

Beschreibung

OK

Schema-Dokumentation

• changesobject
  • commonNameobject
    • newValuestring

      required
    • oldValuestring

      required
  • dnsNamesobject
    • addedValuesarray of string

      required
      • Array[
      • *string
      ]
  • removedValuesarray of string

    required
    • Array[
    • *string
    ]
• valuesarray of string

  required
  • Array[
  • *string
  ]

issuerobject

• newValuestring

  required
• oldValuestring

  required

validFromobject

• newValuestring (date-time)

  required
• oldValuestring (date-time)

  required

validToobject

• newValuestring (date-time)

  required
• oldValuestring (date-time)

  required

errorsarray of object

• Array[
• *object
  • messageone of 18 alternatives

    required
    • Alternative"certificate_read_failed"

      Failed to read the certificate.

    • *"certificate_read_failed"

      Failed to read the certificate.

  • Alternative"certificate_decode_failed"

    Failed to decode the certificate.

  • *"certificate_decode_failed"

    Failed to decode the certificate.

• Alternative"certificate_parsing_failed"

  An error occurred while parsing the certificate.

• *"certificate_parsing_failed"

  An error occurred while parsing the certificate.

Alternative"certificate_self_signed"

The certificate is self-signed.

*"certificate_self_signed"

The certificate is self-signed.

Alternative"certificate_not_authorized_to_sign"

The certificate is not authorized to sign.

*"certificate_not_authorized_to_sign"

The certificate is not authorized to sign.

Alternative"certificate_expired"

The certificate has expired.

*"certificate_expired"

The certificate has expired.

Alternative"ca_not_authorized_for_this_name"

The Certificate Authority (CA) is not authorized for this name.

*"ca_not_authorized_for_this_name"

The Certificate Authority (CA) is not authorized for this name.

Alternative"too_many_intermediates"

There are too many intermediate certificates.

*"too_many_intermediates"

There are too many intermediate certificates.

Alternative"incompatible_usage"

The certificate's usage is incompatible.

*"incompatible_usage"

The certificate's usage is incompatible.

Alternative"unknown_authority"

The certificate is signed by an unknown authority.

*"unknown_authority"

The certificate is signed by an unknown authority.

Alternative"private_key_read_failed"

Failed to read the private key.

*"private_key_read_failed"

Failed to read the private key.

Alternative"private_key_decode_failed"

Failed to decode the private key.

*"private_key_decode_failed"

Failed to decode the private key.

Alternative"private_key_parse_failed"

An error occurred while parsing the private key.

*"private_key_parse_failed"

An error occurred while parsing the private key.

Alternative"private_key_encrypted"

The private key is encrypted.

*"private_key_encrypted"

The private key is encrypted.

Alternative"private_key_not_rsa"

The private key is not RSA.

*"private_key_not_rsa"

The private key is not RSA.

Alternative"private_key_mismatch"

The private key does not match the certificate.

*"private_key_mismatch"

The private key does not match the certificate.

Alternative"unknown_cloudflare_error"

An unknown error occurred related to Cloudflare.

*"unknown_cloudflare_error"

An unknown error occurred related to Cloudflare.

Alternative"unknown"

An unknown error occurred.

*"unknown"

An unknown error occurred.

]

isReplaceableboolean

required

Beispiel

{
  "changes": {
    "commonName": {
      "newValue": "string",
      "oldValue": "string"
    },
    "dnsNames": {
      "addedValues": [
        "string"
      ],
      "removedValues": [
        "string"
      ],
      "values": [
        "string"
      ]
    },
    "issuer": {
      "newValue": "string",
      "oldValue": "string"
    },
    "validFrom": {
      "newValue": "2025-01-18T00:31:00.461Z",
      "oldValue": "2025-01-18T00:31:00.461Z"
    },
    "validTo": {
      "newValue": "2025-01-18T00:31:00.461Z",
      "oldValue": "2025-01-18T00:31:00.461Z"
    }
  },
  "errors": [
    {
      "message": "certificate_read_failed"
    }
  ],
  "isReplaceable": true
}

JSON Schema

{
  "properties": {
    "changes": {
      "properties": {
        "commonName": {
          "properties": {
            "newValue": {
              "type": "string"
            },
            "oldValue": {
              "type": "string"
            }
          },
          "required": [
            "oldValue",
            "newValue"
          ],
          "type": "object"
        },
        "dnsNames": {
          "properties": {
            "addedValues": {
              "items": {
                "type": "string"
              },
              "type": "array"
            },
            "removedValues": {
              "items": {
                "type": "string"
              },
              "type": "array"
            },
            "values": {
              "items": {
                "type": "string"
              },
              "type": "array"
            }
          },
          "required": [
            "values",
            "addedValues",
            "removedValues"
          ],
          "type": "object"
        },
        "issuer": {
          "properties": {
            "newValue": {
              "type": "string"
            },
            "oldValue": {
              "type": "string"
            }
          },
          "required": [
            "oldValue",
            "newValue"
          ],
          "type": "object"
        },
        "validFrom": {
          "properties": {
            "newValue": {
              "format": "date-time",
              "type": "string"
            },
            "oldValue": {
              "format": "date-time",
              "type": "string"
            }
          },
          "required": [
            "oldValue",
            "newValue"
          ],
          "type": "object"
        },
        "validTo": {
          "properties": {
            "newValue": {
              "format": "date-time",
              "type": "string"
            },
            "oldValue": {
              "format": "date-time",
              "type": "string"
            }
          },
          "required": [
            "oldValue",
            "newValue"
          ],
          "type": "object"
        }
      },
      "type": "object"
    },
    "errors": {
      "items": {
        "properties": {
          "message": {
            "oneOf": [
              {
                "description": "Failed to read the certificate.",
                "enum": [
                  "certificate_read_failed"
                ],
                "type": "string"
              },
              {
                "description": "Failed to decode the certificate.",
                "enum": [
                  "certificate_decode_failed"
                ],
                "type": "string"
              },
              {
                "description": "An error occurred while parsing the certificate.",
                "enum": [
                  "certificate_parsing_failed"
                ],
                "type": "string"
              },
              {
                "description": "The certificate is self-signed.",
                "enum": [
                  "certificate_self_signed"
                ],
                "type": "string"
              },
              {
                "description": "The certificate is not authorized to sign.",
                "enum": [
                  "certificate_not_authorized_to_sign"
                ],
                "type": "string"
              },
              {
                "description": "The certificate has expired.",
                "enum": [
                  "certificate_expired"
                ],
                "type": "string"
              },
              {
                "description": "The Certificate Authority (CA) is not authorized for this name.",
                "enum": [
                  "ca_not_authorized_for_this_name"
                ],
                "type": "string"
              },
              {
                "description": "There are too many intermediate certificates.",
                "enum": [
                  "too_many_intermediates"
                ],
                "type": "string"
              },
              {
                "description": "The certificate's usage is incompatible.",
                "enum": [
                  "incompatible_usage"
                ],
                "type": "string"
              },
              {
                "description": "The certificate is signed by an unknown authority.",
                "enum": [
                  "unknown_authority"
                ],
                "type": "string"
              },
              {
                "description": "Failed to read the private key.",
                "enum": [
                  "private_key_read_failed"
                ],
                "type": "string"
              },
              {
                "description": "Failed to decode the private key.",
                "enum": [
                  "private_key_decode_failed"
                ],
                "type": "string"
              },
              {
                "description": "An error occurred while parsing the private key.",
                "enum": [
                  "private_key_parse_failed"
                ],
                "type": "string"
              },
              {
                "description": "The private key is encrypted.",
                "enum": [
                  "private_key_encrypted"
                ],
                "type": "string"
              },
              {
                "description": "The private key is not RSA.",
                "enum": [
                  "private_key_not_rsa"
                ],
                "type": "string"
              },
              {
                "description": "The private key does not match the certificate.",
                "enum": [
                  "private_key_mismatch"
                ],
                "type": "string"
              },
              {
                "description": "An unknown error occurred related to Cloudflare.",
                "enum": [
                  "unknown_cloudflare_error"
                ],
                "type": "string"
              },
              {
                "description": "An unknown error occurred.",
                "enum": [
                  "unknown"
                ],
                "type": "string"
              }
            ]
          }
        },
        "required": [
          "message"
        ],
        "type": "object"
      },
      "type": "array"
    },
    "isReplaceable": {
      "type": "boolean"
    }
  },
  "required": [
    "isReplaceable"
  ],
  "type": "object"
}

Usage examples

cURL

$ curl \
    --fail \
    --location \
    -X POST \
    -d '{"certificate":"string","privateKey":"string"}' \
    -H "Authorization: Bearer $MITTWALD_API_TOKEN" \
    -H 'Content-Type: application/json' \
    https://api.mittwald.de/v2/certificates/f0f86186-0a5a-45b2-aa33-502777496347/actions/check-replace-certificate

JavaScript SDK

import { MittwaldAPIV2Client } from "@mittwald/api-client";
import { assertStatus } from "@mittwald/api-client-commons";
  
const client = MittwaldAPIClient.newWithToken(process.env.MITTWALD_API_TOKEN);
const response = await client.domain.sslCheckReplaceCertificate({
  "certificateId": "f0f86186-0a5a-45b2-aa33-502777496347",
  "data": {
    "certificate": "string",
    "privateKey": "string"
  }
});

assertStatus(response, 200);
  

PHP SDK

use \Mittwald\ApiClient\Generated\V2\Clients\Domain\SslCheckReplaceCertificate\SslCheckReplaceCertificateRequest;
use \Mittwald\ApiClient\Generated\V2\Clients\Domain\SslCheckReplaceCertificate\SslCheckReplaceCertificateRequestBody;
  
$client = MittwaldAPIClient::newWithToken(getenv('MITTWALD_API_TOKEN'));

// TODO: Please consult the properties and constructor signature of
// SslCheckReplaceCertificateRequestBody to learn how to construct a valid instance
$body = new SslCheckReplaceCertificateRequestBody(/* TODO: ... */);

$request = (new SslCheckReplaceCertificateRequest(
  certificateId: "f0f86186-0a5a-45b2-aa33-502777496347",
  body: $body
));
$response = $client->domain()->sslCheckReplaceCertificate($request);

var_dump($response->getBody();