1. API Description
Domain name for API request: ssl.intl.tencentcloudapi.com.
This API is used to get certificate information.
A maximum of 10 requests can be initiated per second for this API.
We recommend you to use API Explorer
Try it
API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
| Parameter Name |
Required |
Type |
Description |
| Action |
Yes |
String |
Common Params. The value used for this API: DescribeCertificate. |
| Version |
Yes |
String |
Common Params. The value used for this API: 2019-12-05. |
| Region |
No |
String |
Common Params. This parameter is not required for this API. |
| CertificateId |
Yes |
String |
Certificate ID |
3. Output Parameters
| Parameter Name |
Type |
Description |
| OwnerUin |
String |
User UIN
Note: this field may return null, indicating that no valid values can be obtained. |
| ProjectId |
String |
Project ID
Note: this field may return null, indicating that no valid values can be obtained. |
| From |
String |
Certificate source:
trustAsia.
upload.
wosign.
sheca.
Note: this field may return null, indicating that no valid values can be obtained. |
| CertificateType |
String |
Certificate type. CA: client certificate; SVR: server certificate
Note: this field may return null, indicating that no valid values can be obtained. |
| PackageType |
String |
Certificate package type:.
Null: user uploads a certificate (without package type),.
2: trustasia tls rsa ca,.
3: securesite enhanced enterprise edition (ev pro),.
4: securesite enhanced (ev),.
5: securesite enterprise professional edition (ov pro).
6: securesite enterprise edition (ov).
7: securesite enterprise edition (ov) wildcard.
8: geotrust enhanced (ev).
9: geotrust enterprise edition (ov).
10: geotrust enterprise (ov) wildcard cert.
11: trustasia domain name-based multiple domain names ssl certificate.
12: trustasia domain name-based (dv) wildcard cert.
13: trustasia enterprise wildcard (ov) ssl certificate (d3).
14: trustasia enterprise (ov) ssl certificate (d3).
15: trustasia enterprise multiple domain names (ov) ssl certificate (d3).
16: trustasia enhanced (ev) ssl certificate (d3).
17: trustasia enhanced multiple domain names (ev) ssl certificate (d3).
18: globalsign enterprise (ov) ssl certificate.
19: globalsign enterprise wildcard (ov) ssl certificate.
20: globalsign enhanced (ev) ssl certificate.
21: trustasia enterprise wildcard multiple domain names (ov) ssl certificate (d3).
22: globalsign enterprise multiple domain names (ov) ssl certificate.
23: globalsign enterprise wildcard multiple domain names (ov) ssl certificate.
24: globalsign enhanced multiple domain names (ev) ssl certificate.
25: wotrus domain cert.
26: wotrus multi - domain name cert.
27: wotrus wildcard cert.
28: wotrus enterprise cert.
29: wotrus enterprise multi - domain name cert.
30: wotrus enterprise wildcard certificate.
31: wotrus enhanced certificate.
32: wotrus enhanced multi - domain name certificate.
33: wotrus - national cryptography domain - name certificate.
34: wotrus - national cryptography domain - name certificate (multiple domain names).
35: wotrus-national cryptography wildcard domain certificate.
37: wotrus-national cryptography enterprise certificate.
38: wotrus-national cryptography enterprise certificate (multiple domain names).
39: wotrus-national cryptography enterprise certificate (wildcard).
40: wotrus-national cryptography enhanced certificate.
41: wotrus - national cryptography enhanced certificate (multiple domain names).
42: trustasia - domain name certificate (wildcard multiple domain names).
43: DNSPod - enterprise (ov) ssl certificate.
44: DNSPod - enterprise (ov) wildcard ssl certificate.
45: DNSPod - enterprise (ov) multiple domain names ssl certificate.
46: dnspod-enhanced (ev) ssl certificate.
47: dnspod-enhanced (ev) multiple domain names ssl certificate.
48: dnspod-domain name-based (dv) ssl certificate.
49: dnspod-domain name-based (dv) wildcard ssl certificate.
50: dnspod-domain name-based (dv) multiple domain names ssl certificate.
51: DNSPod (national cryptography) - enterprise (ov) ssl certificate.
52: DNSPod (national cryptography) - enterprise (ov) wildcard ssl certificate.
53: DNSPod (national cryptography) - enterprise (ov) multiple domain names ssl certificate.
54: DNSPod (national cryptography) - domain name-based (dv) ssl certificate.
55: DNSPod (national cryptography) - domain name-based (dv) wildcard ssl certificate.
56: DNSPod (national cryptography) - domain name-based (dv) multiple domain names ssl certificate.
57: securesite enterprise professional version multiple domain names (ov pro).
58: securesite enterprise multiple domain names (ov).
59: securesite enhanced professional version multiple domain names (ev pro).
60: securesite enhanced multiple domain names (ev).
61: geotrust enhanced multiple domain names (ev).
75: securesite enterprise (ov).
76: securesite enterprise (ov) wildcard.
77: securesite enhanced (ev).
78: geotrust enterprise (ov).
79: geotrust enterprise (ov) wildcard.
80: geotrust enhanced (ev).
81: globalsign enterprise (ov) ssl certificate.
82: globalsign enterprise wildcard (ov) ssl certificate.
83: trustasia c1 dv free.
85: globalsign enhanced (ev) ssl certificate.
88: globalsign enterprise wildcard multiple domain names (ov) ssl certificate.
89: globalsign enterprise multiple domain names (ov) ssl certificate.
90: globalsign enhanced multiple domain names (ev) ssl certificate.
91: geotrust enhanced multiple domain names (ev).
92: securesite enterprise ov pro for multiple domain names.
93: securesite enterprise for multiple domain names (ov).
94: securesite ev pro for multiple domain names.
95: securesite ev for multiple domain names.
96: securesite ev pro.
97: securesite enterprise professional version (ov pro).
98: cfca enterprise (ov) ssl certificate.
99: cfca enterprise multiple domain names (ov) ssl certificate.
100: cfca enterprise wildcard (ov) ssl certificate.
101: cfca enhanced (ev) ssl certificate.
Note: this field may return null, indicating that no valid values can be obtained. |
| ProductZhName |
String |
Certificate product name.
Note: this field may return null, indicating that no valid values can be obtained. |
| Domain |
String |
Domain name
Note: this field may return null, indicating that no valid values can be obtained. |
| Alias |
String |
Alias
Note: this field may return null, indicating that no valid values can be obtained. |
| Status |
Integer |
Certificate status: 0 = under review, 1 = approved, 2 = review failed, 3 = expired, 4 = dns records added automatically, 5 = enterprise certificate, pending documentation submission, 6 = order cancellation in progress, 7 = canceled, 8 = documents submitted, pending upload of confirmation letter, 9 = certificate revocation in progress, 10 = revoked, 11 = reissue in progress, 12 = pending upload of revocation confirmation letter, 13 = free certificate pending document submission, 14 = certificate has been refunded, 15 = certificate migration in progress.
Note: this field may return null, indicating that no valid values can be obtained. |
| StatusMsg |
String |
Status information. valid values:.
//Common status information.
1. pre-reviewing: prereviewing.
2. legal-reviewing: under legal review.
3. ca-reviewing: under ca review.
4. pending-dcv: under domain verification.
5. wait-issue: waiting for issuance (domain verification passed).
//Certificate review failure status information.
Order review failed.
CA review failed; the domain name did not pass the security review.
Domain verification timed out, and the order was automatically closed. please reapply for the certificate.
The certificate information did not pass the review by the certificate authority. the reviewer will call the contact information reserved for the certificate. please pay attention to the incoming call. subsequently, you can resubmit the information through "modify information".
To be continuously improved.
Note: this field may return null, indicating that no valid values can be obtained. |
| VerifyType |
String |
Validation type: DNS_AUTO = automatic dns validation, DNS = manual dns validation, FILE = file verification, DNS_PROXY = dns proxy validation, FILE_PROXY = file proxy validation.
Note: this field may return null, indicating that no valid values can be obtained. |
| VulnerabilityStatus |
String |
Vulnerability scanning status
Note: this field may return null, indicating that no valid values can be obtained. |
| CertBeginTime |
String |
Time when the certificate takes effect
Note: this field may return null, indicating that no valid values can be obtained. |
| CertEndTime |
String |
Time when the certificate expires
Note: this field may return null, indicating that no valid values can be obtained. |
| ValidityPeriod |
String |
Validity period of the certificate, in months
Note: this field may return null, indicating that no valid values can be obtained. |
| InsertTime |
String |
Application time
Note: this field may return null, indicating that no valid values can be obtained. |
| OrderId |
String |
Order ID
Note: this field may return null, indicating that no valid values can be obtained. |
| CertificateExtra |
CertificateExtra |
Extended information of the certificate
Note: this field may return null, indicating that no valid values can be obtained. |
| DvAuthDetail |
DvAuthDetail |
DV authentication information
Note: this field may return null, indicating that no valid values can be obtained. |
| VulnerabilityReport |
String |
Vulnerability scanning assessment report
Note: this field may return null, indicating that no valid values can be obtained. |
| CertificateId |
String |
Certificate ID
Note: this field may return null, indicating that no valid values can be obtained. |
| PackageTypeName |
String |
Certificate type name
Note: this field may return null, indicating that no valid values can be obtained. |
| StatusName |
String |
Status description
Note: this field may return null, indicating that no valid values can be obtained. |
| SubjectAltName |
Array of String |
Domain names associated with the certificate (including the primary domain name)
Note: this field may return null, indicating that no valid values can be obtained. |
| IsVip |
Boolean |
Whether the customer is a VIP customer
Note: this field may return null, indicating that no valid values can be obtained. |
| IsWildcard |
Boolean |
Whether the certificate is a wildcard certificate
Note: this field may return null, indicating that no valid values can be obtained. |
| IsDv |
Boolean |
Whether the certificate is a DV certificate
Note: this field may return null, indicating that no valid values can be obtained. |
| IsVulnerability |
Boolean |
Whether the vulnerability scanning feature is enabled
Note: this field may return null, indicating that no valid values can be obtained. |
| RenewAble |
Boolean |
Whether the certificate can be reissued
Note: this field may return null, indicating that no valid values can be obtained. |
| SubmittedData |
SubmittedData |
Submitted data
Note: this field may return null, indicating that no valid values can be obtained. |
| Deployable |
Boolean |
Whether the certificate can be deployed
Note: this field may return null, indicating that no valid values can be obtained. |
| Tags |
Array of Tags |
List of tags
Note: this field may return null, indicating that no valid values can be obtained. |
| CAEncryptAlgorithms |
Array of String |
All encryption methods of the ca certificate. only valid when the certificate type CertificateType is ca.
Note: this field may return null, indicating that no valid values can be obtained. |
| CACommonNames |
Array of String |
All common names of the ca certificate. only valid when the certificate type CertificateType is ca.
Note: this field may return null, indicating that no valid values can be obtained. |
| CAEndTimes |
Array of String |
All expiration times of the ca certificate. only valid when the certificate type CertificateType is ca.
Note: this field may return null, indicating that no valid values can be obtained. |
| DvRevokeAuthDetail |
Array of DvAuths |
The authentication value for DV certificate revocation.
Note: This field may return null, indicating that no valid values can be obtained. |
| RequestId |
String |
The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem. |
4. Example
Obtain certificate information
POST / HTTP/1.1
Host: ssl.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeCertificate
<Common request parameters>
{
"CertificateId": "hhe**jjsj"
}
Output Example
{
"Response": {
"OwnerUin": "100017***920",
"ProjectId": "0",
"From": "trustasia",
"CertificateType": "SVR",
"PackageType": "83",
"ProductZhName": "TrustAsia C1 DV Free",
"Domain": "zrhh.online",
"Alias": "",
"Status": 1,
"StatusMsg": "CA-REVIEWING",
"VerifyType": "DNS_AUTO",
"VulnerabilityStatus": "INACTIVE",
"CertBeginTime": "2024-11-27 08:00:00",
"CertEndTime": "2025-02-26 07:59:59",
"ValidityPeriod": "3",
"InsertTime": "2024-11-27 17:44:36",
"OrderId": "Hy***85G_mZOLxSuw",
"DvAuthDetail": {
"DvAuths": null,
"DvAuthKey": null,
"DvAuthValue": null,
"DvAuthDomain": null,
"DvAuthPath": null,
"DvAuthKeySubDomain": ""
},
"VulnerabilityReport": null,
"CertificateId": "Juz8JAxn",
"StatusName": "Issued"
"SubjectAltName": [
"www.zrhh.online"
],
"IsVip": false,
"IsWildcard": false,
"IsDv": true,
"IsVulnerability": false,
"RenewAble": false,
"SubmittedData": null,
"Deployable": true,
"Tags": [],
"CAEncryptAlgorithms": [],
"CACommonNames": [],
"CAEndTimes": [],
"DvRevokeAuthDetail": [],
"CertificateExtra": {
"SMCert": 0,
"ReplacedBy": null,
"OriginCertificateId": null,
"ReplacedFor": null,
"RenewOrder": null,
"DomainNumber": "1",
"CompanyType": 1
},
"PackageTypeName": "TrustAsia C1 DV Free",
"RequestId": "14727a68-3b90-4408-99c9-dea6d7de9456"
}
}
5. Developer Resources
SDK
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
Command Line Interface
6. Error Code
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
| Error Code |
Description |
| FailedOperation |
Operation failed. |
| FailedOperation.AuthError |
You do not have permission to perform this operation. |
| FailedOperation.CancelOrderFailed |
Failed to cancel the order. |
| FailedOperation.CannotBeDeletedIssued |
Failed to delete the certificate because it has been issued. |
| FailedOperation.CannotBeDeletedWithinHour |
Free certificates cannot be deleted within 1 hour after being applied for. |
| FailedOperation.CannotGetOrder |
Failed to get order information. Try again later. |
| FailedOperation.CertificateInvalid |
The certificate is invalid. |
| FailedOperation.CertificateMismatch |
The certificate and the private key do not match. |
| FailedOperation.CertificateNotFound |
The certificate does not exist. |
| FailedOperation.ExceedsFreeLimit |
The number of free certificates exceeds the maximum value. |
| FailedOperation.InvalidCertificateStatusCode |
The certificate status is incorrect. |
| FailedOperation.InvalidParam |
Incorrect parameters. |
| FailedOperation.NetworkError |
The CA system is busy. Try again later. |
| FailedOperation.NoProjectPermission |
You do not have the permission to operate on this project. |
| FailedOperation.NoRealNameAuth |
You have not completed the identity verification. |
| FailedOperation.OrderAlreadyReplaced |
This order has already been replaced. |
| FailedOperation.OrderReplaceFailed |
Failed to reissue a certificate. |
| InternalError |
Internal error. |
| LimitExceeded.RateLimitExceeded |
The API rate limit is reached. |