Threat intelligence API Docs Pricing Solutions Resources Contact us
Threat Intelligence Platform

Threat intelligence API docs

SSL Certificate Chain API Code samples

For a given domain name, get detailed information about its SSL Certificate and the complete SSL Certificate chain. The data is provided in a unified and consistent JSON format and could be easily integrated with your system.

GEThttps://api.threatintelligenceplatform.com/v1/sslCertificatesChain?domainName=threatintelligenceplatform.com&apiKey=YOUR_API_KEY

Input parameters

Parameter
Type
What it means
domainName (required) string The target domain name.
apiKey (required) string Get your personal API KEY on My subscriptions page.

Sample output

A response contains the array of SSL certificates.

[
  {
    "chainHierarchy":"end-user",
    "commonName":"*.threatintelligenceplatform.com",
    "type":"Domain validated",
    "validFrom":"2017-10-17 00:00:00",
    "validTo":"2020-10-16 23:59:59",
    "serialNumber":"84:2B:1B:F4:9C:EE:11:53:04:29:A3:36:7B:19:B9:EA",
    "signatureAlgorithm":"sha256WithRSAEncryption",
    "subject":{
      "organizationalUnit":[
        "Domain Control Validated",
        "PositiveSSL Wildcard"
      ],
      "commonName":"*.threatintelligenceplatform.com"
    },
    "issuer":{
      "country":"GB",
      "province":"Greater Manchester",
      "city":"Salford",
      "organization":"COMODO CA Limited",
      "commonName":"COMODO RSA Domain Validation Secure Server CA"
    },
    "purposes":[
      "sslclient",
      "sslserver",
      "nssslserver",
      "any",
      "ocsphelper"
    ],
    "purposesCA":[
      "any"
    ],
    "publicKey":{
      "type":"rsa",
      "bits":"2048",
      "pem":"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQz4kxCMTiTHWYrVX9tI\n8in4daXjIuwzo2sY5PdTJuc2PUXMR8NR/wKResrIz4PVljSWZljFG6mlKjjHLAec\n0HJx6zhT3GL69m58KnAZGdO8W2pxzzdAcrP8NjSZAPphc2US0A9/Wgg1g1dv9pa4\njGj9F7znvXXwBJxAHrCw/02LvviHrMxTbz5Rgu2COuBhKyul+Ggl5OsBoxBEOtrD\nKn2UVUwtaLppB6jkOzZqWxmUJvwl31Y9HkwaPxOn6eSdqa+0k0CLFTm6uxHfYek5\niuRUJRdqbAAWp0pXJqpQBZ6Go9iL2wgNrxNZzDpAvGHxMxoeNX9rhhrjIz05drGb\nvQIDAQAB\n-----END PUBLIC KEY-----\n"
    },
    "extensions":{
      "authorityKeyIdentifier":"keyid:90:AF:6A:3A:94:5A:0B:D8:90:EA:12:56:73:DF:43:B4:3A:28:DA:E7\n",
      "subjectKeyIdentifier":"C3:15:49:13:26:27:12:50:F2:FF:F7:4F:DD:4D:96:43:52:4F:08:B7",
      "keyUsage":"Digital Signature, Key Encipherment",
      "basicConstraints":"CA:FALSE",
      "extendedKeyUsage":"TLS Web Server Authentication, TLS Web Client Authentication",
      "certificatePolicies":"Policy: 1.3.6.1.4.1.6449.1.2.2.7\n  CPS: https://secure.comodo.com/CPS\nPolicy: 2.23.140.1.2.1\n",
      "crlDistributionPoints":"\nFull Name:\n  URI:http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl\n",
      "authorityInfoAccess":"CA Issuers - URI:http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt\nOCSP - URI:http://ocsp.comodoca.com\n",
      "subjectAltName":"DNS:*.threatintelligenceplatform.com, DNS:threatintelligenceplatform.com"
    },
    "certificatePEM":"-----BEGIN CERTIFICATE-----\nMIIFiDCCBHCgAwIBAgIRAIQrG/Sc7hFTBCmjNnsZueowDQYJKoZIhvcNAQELBQAw\ngZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO\nBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD\nVQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg\nQ0EwHhcNMTcxMDE3MDAwMDAwWhcNMjAxMDE2MjM1OTU5WjBtMSEwHwYDVQQLExhE\nb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxHTAbBgNVBAsTFFBvc2l0aXZlU1NMIFdp\nbGRjYXJkMSkwJwYDVQQDDCAqLnRocmVhdGludGVsbGlnZW5jZXBsYXRmb3JtLmNv\nbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALEM+JMQjE4kx1mK1V/b\nSPIp+HWl4yLsM6NrGOT3UybnNj1FzEfDUf8CkXrKyM+D1ZY0lmZYxRuppSo4xywH\nnNByces4U9xi+vZufCpwGRnTvFtqcc83QHKz/DY0mQD6YXNlEtAPf1oINYNXb/aW\nuIxo/Re857118AScQB6wsP9Ni774h6zMU28+UYLtgjrgYSsrpfhoJeTrAaMQRDra\nwyp9lFVMLWi6aQeo5Ds2alsZlCb8Jd9WPR5MGj8Tp+nknamvtJNAixU5ursR32Hp\nOYrkVCUXamwAFqdKVyaqUAWehqPYi9sIDa8TWcw6QLxh8TMaHjV/a4Ya4yM9OXax\nm70CAwEAAaOCAf0wggH5MB8GA1UdIwQYMBaAFJCvajqUWgvYkOoSVnPfQ7Q6KNrn\nMB0GA1UdDgQWBBTDFUkTJicSUPL/90/dTZZDUk8ItzAOBgNVHQ8BAf8EBAMCBaAw\nDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTwYD\nVR0gBEgwRjA6BgsrBgEEAbIxAQICBzArMCkGCCsGAQUFBwIBFh1odHRwczovL3Nl\nY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwBAgEwVAYDVR0fBE0wSzBJoEegRYZD\naHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlv\nblNlY3VyZVNlcnZlckNBLmNybDCBhQYIKwYBBQUHAQEEeTB3ME8GCCsGAQUFBzAC\nhkNodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FEb21haW5WYWxpZGF0\naW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5j\nb21vZG9jYS5jb20wSwYDVR0RBEQwQoIgKi50aHJlYXRpbnRlbGxpZ2VuY2VwbGF0\nZm9ybS5jb22CHnRocmVhdGludGVsbGlnZW5jZXBsYXRmb3JtLmNvbTANBgkqhkiG\n9w0BAQsFAAOCAQEAhASoxGbJrLM2HAQBerSl8AOF3gw2MpSCvw3oUfIro+z0IK22\n2wAXdFNgJ+5lf9OQhcb+eE0/HnRZzPnl/frKVattBvkLXO/nMsRISRdcFZy+Xe5a\nk7/UbtzQwRB3V158zTg+qy9FMBL3aZf6GKgJWnQR+FtPVxOBwzFb3BeH3Zk/6Nsq\nZzgdEBTKlz+19qKmHZWt6hqrXXW4IQEFlg9HFL55WgR1bLf/JEH1Kx4cTr5OpL0e\na0K5lOPyRuxZvHoP034ukZ4DEC5BbGW1OqyQJ+4FSJBr10RErXtRaanNnbO+zT33\nPsvFy+VE9hP2LWze72Czx0xHH8OK1nQ/PXCRug==\n-----END CERTIFICATE-----\n"
  }
]

The data returned

Field
Type
What it means
chainHierarchy string Position in the certificates chain: End-user, Intermediate or Root.
commonName string The certificate's common name.
type string

The certificate's validation type:

  • Domain validation
  • Organization validation
  • Extended validation

You can read more about SSL certifications types in the general TIP documentation.
validFrom datetime The date and time (UTC) the certificate is valid from.
validTo datetime The date and time (UTC) the certificate expires.
subject object Who the certificate was issued to.
subject.country string (C) Country
subject.province string (S) Province/State
subject.city string (L) City
subject.organization string (O) Organization
subject.organizationalUnit string|array Organization unit (OU)
subject.commonName string (CN) Certificate's common name
subject.businessCategory string Business category
subject.incorporationAddress string Incorporation address
issuer object The one who issued the certificate. The details include the same fields as the Subject object does.
serialNumber string Uniquely identifies the certificate within Certificate Authority (CA) systems to track revocation information.
signatureAlgorithm string The algorithm used to sign the public key certificate.
purposes array A list of allowed purposes the certificate can be used for
purposesCA array A list of allowed purposes the certificate can be used for when acting as a Certificate Authority.
publicKey object Public key information.
publickKey.type string Public key type.
publicKey.bits integer Public key size in bits.
publicKey.pem string PEM ( Privacy-enhanced Electronic Mail)-formatted public key.
extensions object

Available certificate extensions. Object case is an extension name in camel case notation. You can see the list of possible extensions here:

https://knowledge.symantec.com/support/partner/index?page=content&actp=CROSSLINK&id=SO18140

certificatePEM string Server's PEM-formatted SSL certificate.
Have questions?

We work hard to improve our services for you. As part of that, we welcome your feedback, questions and suggestions. Please let us know your thoughts and feelings, and any way in which you think we can improve our product.

For a quick response, please select the request type that best suits your needs.

Or shoot us an email to

Threat Intelligence Platform uses cookies to provide you with the best user experience on our website. They also help us understand how our site is being used. Find out more here. By continuing to use our site you consent to the use of cookies.