OpenSRS Trust Service API Command Reference · Step 1 – Use the parse_csr command to parse the...

OpenSRS Trust ServiceAPI Command Reference

September 20, 2012

Table of ContentsIntroduction.............................................................................................................4

Purchasing Trust Services .................................................................................4Before you begin..............................................................................................4Submitting a Trust Service SSL certificate order.............................................5

Contact Set..........................................................................................................5Trust Service contacts.....................................................................................6Admin, Billing, Signer, and Tech contact requirements..................................8Organization contact requirements..................................................................9Examples for contact set...............................................................................10

Trust Service API commands...............................................................................14sw_register (trust_service)................................................................................14

Request parameters for sw_register (trust_service).....................................15Response parameters for sw_register (trust_service)..................................24Examples for sw_register..............................................................................25

cancel_free_trial................................................................................................59Request parameters for cancel_free_trial.....................................................60Response parameters for cancel_free_trial..................................................60Examples for cancel_free_trial......................................................................61

cancel_order......................................................................................................64Request parameters for cancel_order...........................................................64Response parameters for cancel_order........................................................64Examples for cancel_order............................................................................65

create_token......................................................................................................68Request parameters for create_token...........................................................68Response parameters for create_token........................................................69Examples for create_token............................................................................69

get_cert..............................................................................................................72Request parameters for get_cert...................................................................72Response parameters for get_cert................................................................73Examples for get_cert....................................................................................76

get_order_info...................................................................................................90Request parameters for get_order_info........................................................90Response parameters for get_order_info......................................................90Examples for get_order_info.........................................................................96

get_product_info..............................................................................................101Request parameters for get_product_info...................................................101Response parameters for get_product_info................................................102Examples for get_product_info....................................................................105

get_products....................................................................................................119Request parameters for get_products.........................................................119

Response parameters for get_products......................................................120Examples for get_products..........................................................................123

parse csr..........................................................................................................126Request parameters for parse_csr..............................................................126Response parameters for parse_csr...........................................................127Examples for parse_csr...............................................................................129

process_pending.............................................................................................132Request parameters for process_pending..................................................132Response parameters for process_pending...............................................132Examples for process_pending...................................................................133

query_approver_list.........................................................................................136Request parameters for query_approver_list..............................................136Response parameters for query_approver_list...........................................137Examples for query_approver_list...............................................................138

request_on_demand_scan..............................................................................143Request parameters for request_on_demand_scan...................................143Response parameters for request_on_demand_scan................................144Examples for request_on_demand_scan....................................................144

resend_approve_email....................................................................................148Request parameters for resend_approve_email.........................................148Response parameters for resend_approve_email......................................149Examples for resend_approve_email..........................................................149

resend_cert_email...........................................................................................152Request parameters for resend_cert_email................................................152Response parameters for resend_cert_email.............................................153Examples for resend_cert_email.................................................................153

update_order...................................................................................................156Request parameters for update_order........................................................156Response parameters for update_order.....................................................163Examples for update_order.........................................................................164

update_product...............................................................................................171Request parameters for update_product.....................................................171Response parameters for update_product..................................................172Examples for update_product......................................................................173

Revisions.............................................................................................................176

IntroductionThis guide provides information about the commands that are specific to the OpenSRS Trust Service.

Purchasing Trust Services Each request for a Trust Service product generates an order record with an associated order ID. The order record represents the purchase order for the product and tracks the product request through to the final issuance of the product itself by the Trust Service Provider. Once a Trust Service product is successfully issued, it is considered to be an object in its own right and is tracked by a product ID. These concepts also apply to the search functionality which is discussed later in this document.

Note: Some Trust Service products have associated services that can be initiated, or turned on or off. When making such a request, it is the product itself that is referenced, not the order record.

Before you beginWhen collecting data from a customer who is purchasing a Trust Service product, we recommend that you take two initial steps before submitting an order.

Step 1 – Use the parse_csr command to parse the CSR for the certificate that is submitted by the purchaser to obtain the encoded CSR data. You can then ask the purchaser to confirm the CSR.

Step 2 (Domain Vetted Certificates Only) - Use the query_approver_list command to query the list of email addresses that are associated with the purchasing customer and ask them to choose one address to ensure they can receive the approval email.

When an order is submitted through the API for a domain vetted certificate, an approval email is sent out by the Trust Service Provider. The customer needs to be able to receive the email, follow its instructions, and approve the Trust Service procurement request.

The email addresses that are available for product approval include the following:

Domain’s Admin and Technical Contact email addresses.

Generic predefined email addresses within the domain.

The Trust Service Provider’s email address for manual processing.

4

Some organization vetted certificates also validate the domain and require that an approver email is chosen. Organization verification may require additional company information to be submitted directly to the certificate provider as part of the review process.

Submitting a Trust Service SSL certificate orderOnce the CSR and approver email address have been confirmed, use the sw_register command to submit the Trust Service order, including the required customer data, along with the CSR and the approver email address.

Note: For Organization vetted certificates, you must provide Organization contact information, and you will have some additional approval steps.

Once the order has completed, and the Trust Service product has been issued, you can use the get_order_info command to query the order and obtain the Product ID number. The Product ID number can then be used to manage any extra features of the Trust Service product.

You need to specify the Product ID in the update_product command to enable or disable the Symantec Search-in-Seal features on qualifying Symantec Trust Service products.

Additionally, for Symantec Trust Service products, you need to specify the Product ID in the request_on_demand_scan command to request a malware scan on your website.

Contact SetRather than including the entire contact set in every command example in this guide, where it is required, instead of the contact details you will see an ellipsis (...) and a link to this topic where the contact_set parameters are defined.

This example shows a portion of the sw_register command with the contact_set link:

<?xml version='1.0' encoding='UTF-8' standalone='no' ?>

<!DOCTYPE OPS_envelope SYSTEM 'ops.dtd'>

<OPS_envelope>

<header>

<version>0.9</version>

</header>

<body>

<data_block>

5

<dt_assoc>

<item key="object"> trust_service</item>

<item key="attributes">

<dt_assoc>

<item key='approver_email'>[email protected]</item>

<item key='reg_type'>NEW</item>

<item key="contact_set">

... see "Contact Set"

</item>

…

Trust Service contactsThis table lists the contacts that are required for each of the available Trust Service products.

Admin Billing Tech Organization Signer

Comodo

EV SSL Y Y Y

InstantSSL Y

PremiumSSL Y

PremiumSSL Wildcard Y

SSL Y

SSL Wildcard Y

GeoTrust

QuickSSL Y Y Y

QuickSSL Premium Y Y Y

True BusinessID Y Y Y Y

True BusinessID Wildcard Y Y Y Y

True BusinessID with EV Y Y Y Y

SiteLock

Basic Y

6

Admin Billing Tech Organization Signer

Premium Y

SMB Enterprise Secure Y

Symantec

SecureSite Y Y Y Y

SecureSite Pro Y Y Y Y

SecureSite with EV Y Y Y Y

SecureSite Pro with EV Y Y Y Y

thawte

SSL123 Y Y Y Y

SGC SuperCerts Y Y Y Y

SSL Webserver Certificate Y Y Y Y

SSL Webserver Certificate with EV

Y Y Y Y

SSL Webserver Certificate Wildcard

Y Y Y Y

TRUSTe

Privacy Policy Y

Privacy Policy with Seal Y

Trustwave

Domain Vetted (DV) Y

Premium EV Y

Premium SSL Y

Premium SSL Wildcard Y

7

Admin, Billing, Signer, and Tech contact requirementsMost of the Trust Service products require Admin, Billing, and Tech contact details. Please note the following exceptions:

Trustwave certificates require only the Admin contact and must include first_name, last_name, address1, city, postal_code, state, country, email, and phone.

Comodo certificates, other than EV, require only the Organization contact, and must include org_name, address1, city, postal_code, state, country, and email.

Comodo EV certificates require Organization, Admin, and Signer contacts, and must include address1, city, postal_code, state, country, email, title, first_name, last_name, phone, and org_name (only for Organization contact).

Note: Fields cannot contain leading or trailing white-spaces.

Parameter name

Obligation Format/Constraints

first_name Required Maximum 64 alphanumeric characters.

last_name Required Maximum 64 alphanumeric characters.

title Required for thawte and Symantec certs as well as truebizid_ev and Comodo EV certs

Maximum 64 alphanumeric characters.

org_name Optional Maximum 64 alphanumeric characters.

address1 Required Maximum 100 alphanumeric characters.

address2 Optional Maximum 100 alphanumeric characters.


city Required Maximum 64 alphanumeric characters.

state Required Maximum 32 alphanumeric characters.

8

Parameter name


postal_code Required if country = CA or US


country Required Valid ISO-3166 2 letter country code.

phone Required Maximum 20 characters, in the format +CCC.NNNNNNNNNNxEEEE, where C = country code, N = phone number, and E = extension (optional).

fax Optional Maximum 20 characters. If supplied, the fax number must be valid.

email Required Maximum 255 alphanumeric characters, validated according to rfc822.

Organization contact requirementsOrganization vetted certificates require Organization contact details.

Parameter name


first_name Optional Maximum 64 alphanumeric characters.

last_name Optional Maximum 64 alphanumeric characters.

org_name Required Maximum 64 alphanumeric characters.

address1 Required Maximum 100 alphanumeric characters.



city Required Maximum 64 alphanumeric characters.

state Required Maximum 32 alphanumeric characters.

postal_code Required if country = CA or US


country Required Valid ISO-3166 2 letter country code.

phone Required Maximum 20 characters, in the format +CCC.NNNNNNNNNNxEEEE, where C = country code, N = phone number, and E = extension (optional).

9

Parameter name


fax Optional Maximum 20 alphanumeric characters. If supplied, the fax number must be valid.

Examples for contact set...

<item key='contact_set'>

<dt_assoc>

<item key="admin">

<dt_assoc>

<item key="first_name">Adler</item>

<item key="last_name">Adams</item>

<item key="phone">+1.4165550123x1812</item>

<item key="fax">+1.4165550125</item>

<item key="email">[email protected]</item>

<item key="org_name">Example Inc.</item>

<item key="address1">32 Oak Street</item>

<item key="address2">Suite 100</item>

<item key="address3">Admin</item>

<item key="city">Santa Clara</item>

<item key="state">CA</item>

<item key="country">US</item>

<item key="postal_code">90210</item>

<item key="url">http://www.example.com</item>

</dt_assoc>

</item>

<item key="billing">

<dt_assoc>

<item key="first_name">Bill</item>

<item key="last_name">Burton</item>


<item key="fax">+1.4165550136</item>

10





<item key="address3">Billing</item>






</dt_assoc>

</item>

<item key="tech">

<dt_assoc>

<item key="first_name">Tim</item>

<item key="last_name">Tucker</item>


<item key="fax">+1.4165550125</item>





<item key="address3">Tech</item>






</dt_assoc>

</item>

<item key="organization">

<dt_assoc>

11

<item key="first_name">Jim</item>

<item key="last_name">Johnson</item>


<item key="fax">+1.4165550126</item>











</dt_assoc>

</item>

<item key="signer">

<dt_assoc>




<item key="fax">+1.4165550125</item>











12

</dt_assoc>

</item>

</dt_assoc>

</item>

...

13

Trust Service API commands

sw_register (trust_service)

Description

Action & object

action = sw_register

object = trust_service

Usage

Submits a new Trust Service request or renewal order that obeys the Reseller's 'process immediately' flag setting.

Trust Service free trials

Free 30 day trials are available for the following Trust Service products:

• GeoTrust—True BusinessID with EV• Symantec—SecureSite, Secure Site Pro, Secure Site with EV, and Secure

Site Pro with EV• TRUSTe—Hosted Privacy Policy (HPP) and Privacy Policy with Seal (TPS)

The free trial lasts for 30 days, and can be cancelled at any time during that 30 day period without incurring a charge by issuing the cancel_free_trial command.

After the 30 days, if the order has not been cancelled, the customer is automatically charged for the term that they selected when they placed the order. The expiry date is calculated from the date that the paid term begins, not the date that the free trial began. For GeoTrust and Symantec, once the order has passed the free trial stage and become activated, you cannot order another free trial for the same domain until the one year period has passed.

Note:The Symantec certs and the GeoTrust True BusinessID with EV certificate can only be ordered for a one year term when taking advantage of the 30 day free trial offer.

14

Request parameters for sw_register (trust_service)

Standard parametersaction = sw_register


registrant_ip = valid IP address of the registrant (optional)

attributes

Attributes

Parameters within the attributes associative array are described below.

Parameter name

Obligation Definition/Value

additional_domains

Required for SAN certificates

Some Trust Service products (referred to as SAN certificates) allow you to specify a list of additional domains or other entities (other than the primary domain) that will be secured by a single SSL certificate. This means that, depending on the product, you may be able to specify multiple top-level domains, subdomains, IP addresses, internal server names, and more. The total number that you can protect with a single certificate varies by product.

Note: The additional domains are priced as packages, so if the certificate can secure four additional domains, but you specify only two, you will still be charged the full package price. In most cases, you can add more domains to a package for an additional charge. For more information on pricing, see http://www.opensrs.com/site/services/trust/pricing.

The number of additional domains can be added to each product is as follows:

• Quick SSL Premium—4 (subdomains only)

• TrueBusiness ID—4 to 24

• TrueBusiness ID EV—4 to 24

• Secure Site EV—1 to 24

• Secure Site Pro EV—1 to 24

• Secure Site Pro—1 to 24

• Secure Site—1 to 24

15

http://www.opensrs.com/site/services/trust/pricing

Parameter name


• SGC Super Certs—1 to 4

• SSL WebServer EV—1 to 4

• SSL WebServer Certificates—1 to 4

The following products may allow you to enter intranet and local names as well as domain and subdomain names: QuickSSL Premium (subdomains only), Secure Site, Secure Site Pro, SSL Web Server, SGC SuperCerts, True BusinessID.

approver_email Required for domain vetted certificates.

The email of one of the individuals who can approve the Trust Service order. The Trust Service provider sends the approver email to the address that you specify.

base_order_id Optional Create a new order based on the specified previous order. When base_order_id is submitted, reg_type must equal new. All other fields are optional, unless you want to apply new values to those fields.

Note: The original order must have the same product_type as the new order.

contact_set Required The SSL Certificate contact information.

Most products require admin, billing and tech contacts.

All organization vetted certificates require an organization contact.

For admin, tech, and billing contacts for thawte, Symantec, and all EV certificates, title is required.

For SiteLock and TRUSTe certificates, the admin contact email address is used when creating a Domain Admin account (if username and password are specified). If you resend the Domain Admin login information (through the Control Panel), this is the address to which the Domain Admin login credentials are sent.

For more information, see Contact Set.

16

Parameter name


csr Required for all products except SiteLock, TRUSTe, and GeoTrust Web Site Anti-Malware Scan

The certificate signing request for the required certificate. The Trust Service provider uses this information to generate the certificate.

Important: For Trustwave only, you need to remove the word NEW from the BEGIN and END statements of the CSR before you submit the order.

Note: All certificates require 2048 bit CSRs; however, Symantec will accept 1024 bit CSRs for certificates with expiry dates prior to December 31, 2013, except for EV certs, which require 2048, regardless of the term.

domain Required for orders for domain vetted certificates and for SiteLock and TRUSTe services; not required when requesting a SiteLock upgrade

The domain or hostname for which the Trust Service is ordered.

end_user_auth_info

Optional - used only for SiteLock and TRUSTe

Specify the username and password that the end user will use to log in to the Domain Admin interface where they can manage their account. The login credentials will be sent to the specified email_address. If you resend the Domain Admin login information (through the Control Panel), this is the address to which the Domain Admin login credentials are sent.

Please note the following conditions:

• If you specify username and password and the user already exists, the command will fail.

• If you specify username but not password, and the user does not already exist, the user credentials cannot be created and the command will fail.

• If you specify username but not password, and the user already exists, the service will be

17

Parameter name


associated with the existing end user profile.

If you want to associate the Trust Service product with an existing account, you only need to include the username value.

For more information see the End user auth info table below.

handle Required Instructions for the processing of the order.

save = Pend the order for the RSP's later approval.

process = Process the order immediately.

inventory_item_id

Optional for renewals; may be used for certificates that were migrated from TPP.

The certificate product ID number that was used in the TPP system.

This value may be used in place of order_id or product_id.

Note: Do not include this parameter for new orders.

order_id Required for renewals and for SiteLock upgrades if product_id is not submitted.

The order ID number of the Trust Service product to be renewed or upgraded.

This value is not required for certificates that were migrated from TPP if inventory_item_id is submitted.


period Optional; if not specified, the default of 1 year is used.

The number of years of the registration period. Allowed values are 1 – 4, depending on the Trust Service that is ordered.

comodo_ev—1 to 2

comodo_instantssl—1 to 4

comodo_premiumssl—1 to 4

comodo_premiumssl_wildcard—1 to 4

comodo_ssl—1 to 4

comodo_wildcard—1 to 4

malwarescan—1

quickssl—1 to 4

quickssl_premium—1 to 4

18

Parameter name


securesite—1 to 4

securesite_ft—1

securesite_ev—1 to 2

securesite_ev_ft—1

securesite_pro—1 to 4

securesite_pro_ft—1

securesite_pro_ev—1 to 2

securesite_pro_ev_ft—1

sgcsuper_certs—1 to 4

sitelock_basic—1

sitelock_premium—1

sitelock_enterprise—1

ssl123—1 to 4

sslwebserver—1 to 4

sslwebserver_ev—1 to 2

sslwebserver_wildcard—1 to 2

truebizid—1 to 4

truebizid_ev—1 to 2

truebizid_ev_ft—1

truebizid_wildcard—1 to 4

truste_hpp—1 to 3

truste_hpp_ft—1 to 3

truste_tps—1 to 3

truste_tps_ft—1 to 3

trustwave_dv—1 to 3

trustwave_ev—1 to 2

trustwave_premiumssl—1 to 3

trustwave_premiumssl_wildcard—1 to 3

product_id Required for renewals and for SiteLock upgrades if order_id is

The ID number of the Trust Service product to be renewed or upgraded.

This value is not required for certificates that were migrated from TPP if inventory_item_id is

19

Parameter name


not submitted. submitted.


product_type Required The product type from the SSL Certificate inventory.

Allowed values are:

comodo_ev

comodo_instantssl

comodo_premiumssl

comodo_premiumssl_wildcard

comodo_ssl

comodo_wildcard

malwarescan

quickssl

quickssl_premium

securesite

securesite_ft (30 day free trial)

securesite_pro

securesite_pro_ft (30 day free trial)

securesite_ev

securesite_ev_ft (30 day free trial)

securesite_pro_ev

securesite_pro_ev_ft (30 day free trial)

sgcsuper_certs

sitelock_basic

sitelock_premium

sitelock_enterprise

ssl123

sslwebserver

sslwebserver_ev

sslwebserver_wildcard

truebizid

truebizid_wildcard

truebizid_ev

20

Parameter name


truebizid_ev_ft (30 day free trial)

truste_hpp (Hosted Privacy Policy)

truste_hpp _ft (30 day free trial)

truste_tps (TRUSTE Privacy Policy with seal)

truste_tps_ft (30 day free trial)

trustwave_dv

trustwave_ev

trustwave_premiumssl

trustwave_premiumssl_wildcard

reg_type Required The type of registration being requested:

new = Submit a new or Trust Service order.

renew = Renew a Trust Service offering.

upgrade = Upgrade a SiteLock Basic or Premium SSL certificate to a higher level certificate. You do not need to specify the domain or the period.When you upgrade, the product_type changes, you are charged the price for a one year term at the new level, and the new expiry date is one year from the date of the upgrade. Note: This feature is currently available only for SiteLock certificates.

search_in_seal Optional Specifies whether to enable the Symantec Seal-in-Search, which displays the Symantec seal next to the link for your web site in online search results.

Allowed values are:

0—Do not enable Symantec's Seal-in-Search.

1—Enable Symantec's Seal-in-Search.

Important: If you submit this parameter, you must also submit the trust_seal parameter and set the value to 1.

server_count Required when product_type = securesite*,

The number of servers on which the Trust Service product will be installed.

21

Parameter name


ssl123, sgcsuper_certs, sslwebserver, sslwebserver_wildcard, sslwebserver_ev

server_type Optional The type of server software used to generate the CSR.

Allowed values are:

Symantec, thawte, and GeoTrust

Comodo

apache2

apacheapachessl

apacheopenssl

apacheraven

apachessl

apachessleay

c2net

cobaltseries

cobaltraq3

cobaltraq2

cpanel

domino

dominogo4626

dominogo4625

ensim

hsphere

iis

iis4

iis5

iplanet

apachessl

citrix

domino

ensim

hsphere

iis4

iis6

iis7

iplanet

javawebserver

netscape

ibmhttp

novell

oracle

other

plesk

redhat

sap

tomcat

webstar

22

Parameter name



Comodo

ipswitch

netscape

ibmhttp

other

plesk

tomcat

weblogic

website

webstar

webstar4

zeusv3

whmcpanel

Note: Trustwave does not support server types.

special_instructions

Optional Any special instructions regarding the Trust Service purchase.

trust_seal Optional Specifies whether to enable the Symantec Trust Seal on your website. Allowed values are:

0—Do not enable Symantec's Trust Seal.

1—Enable Symantec's Trust Seal.

End_user_auth_info

Parameters within the end_user_auth_info associative array are described below.

Parameter name


email_address Optional - used only for SiteLock and TRUSTe to send Domain Admin credentials

Specify the email address to which you want to send the login credentials (username and password) for Domain Admin.

23

Parameter name


Note: If you want to associate the Trust Service product with an existing account, only username is required.

password Optional - used only for SiteLock and TRUSTe to create Domain Admin credentials

The password must be at least eight characters.

username Optional - used only for SiteLock and TRUSTe to create Domain Admin credentials

The username must be at least six characters.

Response parameters for sw_register (trust_service)

Standard parametersaction = reply


is_success = a Boolean is returned, indicating success or failure of the request

response_code = response code indicating outcome of the request

response_text = message describing the outcome of the request

Attributes


Parameter name


domain Returned for domain vetted certificates

The domain with which the Trust Service is associated.

error_details Returned if is_success = false

Additional information about the reason for the failure.

Allowed values are:

error_code—A numeric code that represents the error.

24

Parameter name


error_detail—A description of the error that occurred in a failed transaction.

field_name—The parameter that caused the error.

order_id Returned if is_success = true

The ID number of the Trust Service order.

state Returned if is_success = true

The state of the order

Allowed values are:

approver-confirmed—Owner has confirmed the domain vetted certificate.

awaiting-approval—Order processed successfully; waiting for supplier approval.

cancelled—Pending order was cancelled.

completed—Order is complete.

declined—Order cancelled after it was processed or declined by the supplier.

in-progress—Order is in progress.

pending—Order saved as pending.

Examples for sw_registerNote: Title is required in the 'contact set' associative array, for Symantec, thawte, TrueBusiness ID with EV, and Comodo EV certificates.

Example 1

This example is an order for a Symantec SecureSite certificate with seal-in-search and trust seal.

Request<?xml version='1.0' encoding='UTF-8' standalone='no'?>


<OPS_envelope>

<header>

25


</header>

<body>

<data_block>

<dt_assoc>

<item key='protocol'>XCP</item>

<item key='action'>sw_register</item>

<item key='object'>trust_service</item>

<item key='attributes'>

<dt_assoc>

<item key='trust_seal'>1</item>


<item key='seal_in_search'>1</item>



</item>

<item key='special_instructions'>Test ABC</item>

<item key='handle'>process</item>

<item key='csr'>-----BEGIN CERTIFICATE REQUEST----- MIIC4TCCAckCAQAwgZsxKTAnBgNVBAMTIHNlY3VyZXNpdGUudGVzdDEyODU4NzYw

MzY2MDgub3JnMQswCQYDVQQGEwJDQTELMAkGA1UECBMCT04xEDAOBgNVBAcTB1Rv

cm9udG8xDzANBgNVBAoTBm5ld29yZzEPMA0GA1UECxMGUUFEZXB0MSAwHgYJKoZI

hvcNAQkBFhFxYWZpdmVAdHVjb3dzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP

ADCCAQoCggEBAJ0FDLurKaddUzayM5FgICBhy8DkOaBuYzCiHSFw6xRUf9CjAHpC

/MiUM5TnegMiU02COAPmfeHZAERv21CoB/HPDcshewHJywzs8nwcbGncz37eFhNG

FQNIif5ExoGAcLS9+d1EAmR1CupTBCCq86lGBa/RdwgUNlvLF5IgZZeKphd/FKaY

B2KZmRBxM51WvV6AYmRKb6IsuUZCfHO2FCelThDE0EF99GbfSapVj7woSIu0/PTJ

cEX4sHURq6pY3ELfNG0BOzrTsT3Af8T3N5xwD0FMatkDrCPCgVx7sRZ05UqenxBO

VWBJQcr5QRZSykxBosGjbqO3QSyGsElIKgkCAwEAAaAAMA0GCSqGSIb3DQEBBAUA

A4IBAQCEUGNk45qCJiR4Yuce4relbP22EwK7pyX0+0VZ+F3eUxhpZ6S5WN1Juuru

8w48RchQBjGK1jjUfXJIqn/DgX+yAfMj4aW/ohBmovN2ViuNILvNaj0volwoqyMl

NrTmBze69qHMfnMGUUUehMr/Nq4QdQTqxy7EYQkNOqx21gfZcUi6zWCeFTRkasD+

26

SYAKsOUIKdrt/Jq5lWFXxhkJHuyA+q1yr/w6zh18JmFAT4y/0q/odFGyIr9yKhQ9

usW1sQ8CT3e3AnU4jq7sBrYFxN0f+92W8gX7WADortA7+6PcSFPrZEoQlr5Brki7

GSwIuTTSlKFRyZ53DbEGjp2ELnnl -----END CERTIFICATE REQUEST----- </item>

<item key='period'>1</item>

<item key='server_type'>apachessl</item>

<item key='server_count'>1</item>

<item key='product_type'>securesite</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

Response<?xml version='1.0' encoding='UTF-8' standalone='no'?>


<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>REPLY</item>

<item key='object'>TRUST_SERVICE</item>

<item key='is_success'>1</item>

<item key='response_text'>Command completed successfully.</item>

<item key='response_code'>200</item>


<dt_assoc>

27

<item key='domain'>example.com</item>

<item key='order_id'>1860</item>

<item key='state'>awaiting-approval</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

Example 2

This example is for a domain vetted certificate, which requires approval.



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>





<dt_assoc>





28

</item>

</dt_assoc>

</item>



<item key='csr'>-----BEGIN CERTIFICATE REQUEST----- MIIC2TCCAcECAQAwgZMxIDAeBgNVBAMTF3NzbDEyMy5xYXJlZ3Jlc3Npb24ub3Jn

MQswCQYDVQQGEwJDQTELMAkGA1UECBMCT04xEDAOBgNVBAcTB1Rvcm9udG8xDzAN

BgNVBAoTBlR1Y293czEQMA4GA1UECxMHUUEgRGVwdDEgMB4GCSqGSIb3DQEJARYR

cWFmaXZlQHR1Y293cy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB

AQDpKz48gJG4ImyJi76kH3AdDZoGNZCC8xgWBUDk4yNXPqe3NxJvZooZIoctP2o8

CX6+xoK8p6jMb9iIz7ZVC9LuoUmoYZZWdoatMUwaz3xIa4Fq7HeLtCE3misKMcZq

+QomhLFv2yMSgyzWWitHdW5oVDuT83Xs8FTZG33rI8gut1J9+5fhJV4WKuncfLwM

xMrj+5iWm+KwoE86dTarGAPwYhC2FepcblszVbz87Dp1clTJLaN4potMES83RHo1

teHHmJAilNzy2PfRoylbzlQ38x1n10wbhqjMcoDYk6CSB40PlduqbsMjpkOClwu4

H92c2Hmo3bqRGWM2K5SXkj29AgMBAAGgADANBgkqhkiG9w0BAQQFAAOCAQEAKUh6

WH4WtC/LtlJhj+p5i3sLEG/L//8DQh30eOxwMxrSGGZUGTfLBT4RaeDA5JEIF5pK

v4MxvDw1+NExMQW3h/9eVWXpGGjvC2EoLgya3ri3OJlQNOyqSzOvNunk0EPaWoO+

v9o2yKdH88e7NQZp8Pw5jhE9RV9u3+mNw2sztqpzcXYDXW3kKI2UiIP3eur2/iiH

nSAIRl5NfUPgAzCem/zpM1lc3s+EVKysn2wF4bwOkNyYPo4DmgHCb7ggSQyhh5vN

UAoDkyqu2ZScDZTyDG7YOdobMqwbsCT5er5Bq+NWOZyUE+3zO/1VQpznJehaGLrQ

N7UAJliUAO+SFFGdxQ== -----END CERTIFICATE REQUEST-----</item>




<item key='product_type'>ssl123</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



29

<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>




</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

Example 3

This example shows a request that failed because the required title field was missing from the contact_set.



30

<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>





<dt_assoc>





<dt_assoc>

<item key="admin">

<dt_assoc>




<item key="fax">+1.4165550125</item>









31


</dt_assoc>

</item>

<item key="billing">

<dt_assoc>

<item key="first_name">Bill</item>

<item key="last_name">Burton</item>


<item key="fax">+1.4165550136</item>





<item key="address3">Billing</item>





</dt_assoc>

</item>

<item key="tech">

<dt_assoc>

<item key="first_name">Tim</item>

<item key="last_name">Tucker</item>


<item key="fax">+1.4165550125</item>






32





</dt_assoc>

</item>

<item key="organization">

<dt_assoc>

<item key="first_name">Jim</item>

<item key="last_name">Johnson</item>


<item key="fax">+1.4165550126</item>










</dt_assoc>

</item>

</dt_assoc>

</item>



<item key='csr'>-----BEGIN CERTIFICATE REQUEST----- MIIC4TCCAckCAQAwgZsxKTAnBgNVBAMTIHNlY3VyZXNpdGUudGVzdDEyODU4NzYw

MzY2MDgub3JnMQswCQYDVQQGEwJDQTELMAkGA1UECBMCT04xEDAOBgNVBAcTB1Rv

cm9udG8xDzANBgNVBAoTBm5ld29yZzEPMA0GA1UECxMGUUFEZXB0MSAwHgYJKoZI

hvcNAQkBFhFxYWZpdmVAdHVjb3dzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP

33

ADCCAQoCggEBAJ0FDLurKaddUzayM5FgICBhy8DkOaBuYzCiHSFw6xRUf9CjAHpC

/MiUM5TnegMiU02COAPmfeHZAERv21CoB/HPDcshewHJywzs8nwcbGncz37eFhNG

FQNIif5ExoGAcLS9+d1EAmR1CupTBCCq86lGBa/RdwgUNlvLF5IgZZeKphd/FKaY

B2KZmRBxM51WvV6AYmRKb6IsuUZCfHO2FCelThDE0EF99GbfSapVj7woSIu0/PTJ

cEX4sHURq6pY3ELfNG0BOzrTsT3Af8T3N5xwD0FMatkDrCPCgVx7sRZ05UqenxBO

VWBJQcr5QRZSykxBosGjbqO3QSyGsElIKgkCAwEAAaAAMA0GCSqGSIb3DQEBBAUA

A4IBAQCEUGNk45qCJiR4Yuce4relbP22EwK7pyX0+0VZ+F3eUxhpZ6S5WN1Juuru

8w48RchQBjGK1jjUfXJIqn/DgX+yAfMj4aW/ohBmovN2ViuNILvNaj0volwoqyMl

NrTmBze69qHMfnMGUUUehMr/Nq4QdQTqxy7EYQkNOqx21gfZcUi6zWCeFTRkasD+

SYAKsOUIKdrt/Jq5lWFXxhkJHuyA+q1yr/w6zh18JmFAT4y/0q/odFGyIr9yKhQ9

usW1sQ8CT3e3AnU4jq7sBrYFxN0f+92W8gX7WADortA7+6PcSFPrZEoQlr5Brki7

GSwIuTTSlKFRyZ53DbEGjp2ELnnl -----END CERTIFICATE REQUEST----- </item>




<item key='product_type'>securesite</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

Response<?xml version='1.0' encoding="UTF-8" standalone="no" ?>

<!DOCTYPE OPS_envelope SYSTEM "ops.dtd">

<OPS_envelope>

<header>


</header>

<body>

<data_block>

34

<dt_assoc>

<item key="protocol">XCP</item>

<item key="action">REPLY</item>

<item key="object">TRUST_SERVICE</item>

<item key="response_text">Supplier validation error</item>

<item key="error_details">

<dt_array>

<item key="0">

<dt_assoc>

<item key="error_detail">Title for admin contact object is missing</item>

<item key="field_name">admin-title</item>

<item key="error_code">3010</item>

</dt_assoc>

</item>

</dt_array>

</item>

<item key="response_code">3000</item>


<dt_assoc>

<item key="domain">example.com</item>

<item key="order_id">12345</item>

<item key="state">pending</item>

</dt_assoc>

</item>

<item key="is_success">0</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

35

Example 4

This example shows an order for a TRUSTe Privacy Service certificate.

Request<?xml version='1.0' encoding="UTF-8" standalone="no" ?>


<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>



<item key="action">SW_REGISTER</item>


<dt_assoc>

<item key="product_type">truste_tps</item>

<item key="special_instructions">none</item>


<item key="handle">process</item>

<item key="period">1</item>

<item key="reg_type">NEW</item>

<item key="end_user_auth_info">

<dt_assoc>

<item key="username">rsanford</item>

<item key="password">mypa55w0rd</item>

<item key="email_address">[email protected]</item>

</dt_assoc>

</item>

36

<item key="contact_set">

<dt_assoc>

<item key="admin">

<dt_assoc>











<item key="fax">+1.4165550125</item>



</dt_assoc>

</item>

</dt_assoc>

</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

37

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key="action">SW_REGISTER:REPLY</item>


<item key="response_text">Command completed successfully.</item>




<dt_assoc>



<item key="state">awaiting-approval</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

Example 5

This example shows a renewal order for a QuickSSL certificate.



<OPS_envelope>

<header>

38


</header>

<body>

<data_block>

<dt_assoc>





<dt_assoc>

<item key='reg_type'>renew</item>


<item key='product_id'>372</item>

<item key='domain'>www.example.com</item>


<item key='product_type'>quickssl</item>

<item key='server_type'>apacheopenssl</item>




</item>

<item key='csr'>

-----BEGIN CERTIFICATE REQUEST-----

MIICwTCCAakCAQAwfDELMAkGA1UEBhMCQ0ExEDAOBgNVBAgMB09udGFyaW8xEDAO

BgNVBAcMB1Rvcm9udG8xEzARBgNVBAoMClR1Y293cyBJbmMxDjAMBgNVBAsMBVNh

bGVzMSQwIgYDVQQDDBt3d3cub3BlbnNyc2VtYWlsc2VydmljZS5jb20wggEiMA0G

CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa8HMJsATmwVoqE4sKNFrxA9FLb9rP

F6E/VgL/zYRjmxJgy7ap7Rh6fXLHHNal/pD/TT0FDe11vcocR/A32Ypbyx9CPvvV

040Ik4k+9XCs7jZm1+vKe9RK/MVQcIVaHCL7apbb0TPNGLRfhav5m/pQ7tBz+uXb

fMSchwQ0CjT10gSoNxmC0lFSfR9iCTwxETxeJTKD3xAghSmDFB252EFo9lVWp72u

G/ofSyH0QA0fREmMeYvxE3L6+CjnAn91QxT4/Oq9b353GMXOHyEdM7Zn2Ei9aGzt

bb7iFpVAEPH96a5fVruDI881KmUzncjhIPhiPATGJxThN/Cv2nWlSfrzAgMBAAGg

39

ADANBgkqhkiG9w0BAQUFAAOCAQEAajJJ5SGFyTO/tnqcAEpcBs+e3Q61zokmRXPb

Zo/LbuseQYXBcgLvEMQwTlzZBbP4JHHOfKXq2iHyMyaj/OX2MilCspjY+Ds6MJsb

kF9tD/R885OS3KP+/umBOz1Q97qx16oKOiuz+KZEh90k141PI2tLbaQlWt9cHtTm

IHVg0319JCKbjieq4AqdaHzQO7NLJYXBzU/uAYe0kggGRV4OtYuFLuKZb46SuFAW

pzY42a72PJ2a/IzF/azGRRD1JU98DKGY1RnzK2ZXuRG3v7G6j2CZLBGLEKG18lSY

qD9+gEzYoTKe4fTNK8yGQ8E2jsW2bE3SG4oq5ghqHZ5vUNzEjw==

-----END CERTIFICATE REQUEST-----

</item>

<item key='special_instructions'></item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key="action">SW_REGISTER:REPLY</item>






40

<dt_assoc>




</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

Example 6

This example shows a request to upgrade a SiteLock Basic SSL certificate to SiteLock Premium.



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>SW_REGISTER</item>



<dt_assoc>

<item key='reg_type'>upgrade</item>

<item key='product_type'>sitelock_premium</item>

41




<item key='special_instructions'>none</item>


...see "Contact Set"

</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>

42




</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

Example 7

This example shows an order for a GeoTrust Web Site Anti-Malware Scan certificate.



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>SW_REGISTER</item>



<dt_assoc>


<item key='product_type'>malwarescan</item>

<item key='reg_type'>new</item>

43





</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>



44


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

Example 8

This example shows an order for a 30 day free trial of a Symantec SecureSite certificate.



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key="action">sw_register</item>

<item key="object">trust_service</item>


<dt_assoc>

<item key="special_instructions">none</item>

<item key="csr">

-----BEGIN CERTIFICATE REQUEST-----

MIIC1zCCAb8CAQAwgZExHjAcBgNVBAMTFTEzMjA3MDU2NzN0ZXN0aW5nLmNvbTEL

MAkGA1UEBhMCQ0ExEDAOBgNVBAgTB09udGFyaW8xEDAOBgNVBAcTB1Rvcm9udG8x

45

DzANBgNVBAoTBlR1Y293czELMAkGA1UECxMCUUExIDAeBgkqhkiG9w0BCQEWEXFh

Zml2ZUB0dWNvd3MuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA

vfz5BS7X70AFyqvk05RSe5dsxB8e0aTVkj8YixqPULcMxcNSos/hF9CkWKyYD2iP

g8O511Gzw3VA+TWDp+Een1HCyW1uRnnQ/Yepq0J0H4a0kPXh5Mb01WxGVwD5zorm

1QM0gqIW8KTPgUCfi0P+CQkw5TZ2yqJWjcyNwakv/seg2opqUra06jkcdCDliGkW

RJfGgJPM1B2fonduruveWDvIiga3+sbfAoBKajX71NgHZtQXZgHZLU2obPU1lvms

ZUZGavARcUVt043sJvgZG9xMX8hf0LoT4BLrJ1TK7JWf5Be5ZAkq0Y42Lf1V198/

JKNeMJHPeTvpxkrT0W/R4wIDAQABoAAwDQYJKoZIhvcNAQEEBQADggEBAIqzgz3z

5JzscIq6XszzrJw79ampGPSz7JE35pjoPAjk7vsjbxnRTAVfLHeSMyjXTFBZB60h

lyFO0Ft4KQ8Fj7eKtCoMR2mvhx1UtaoRqJ9y9RJmTJfHmdfHrNa4hLIQqDreE5Tj

U4ngidNTTc91qaRrPhAC471BAn7/Ob+ltleIiUuk/ySkh29lR5qQqSTX0FXjsVrN

G9gIHn4KAra3W+SgWGJHpVQrCWqqyPDQ7/dj6x1pEli8izkZv33Xw6386nFhSkB0

EH2LCtmzTJNgUicXzbRu4/UXgMJgaFU77fCzCtOBwMTz+ALWIo0NTPwNp5JE/dw0

/GOjMZgid2nuuMY=

-----END CERTIFICATE REQUEST-----

</item>

<item key="reg_type">new</item>

<item key="period">1</item>

<item key="product_type">securesite_ft</item>

<item key="server_type">apachessl</item>



</item>

<item key="handle">process</item>

<item key="server_count">1</item>

<item key="approver_email">[email protected]</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

46



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>




</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

47

Example 9

This example shows a new order for a QuickSSL certificate based on an existing order.

Request<?xml version='1.0' encoding='UTF-8'?>

<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>





<dt_assoc>


<item key='csr'>-----BEGIN CERTIFICATE REQUEST----- MIIC2zCCAcMCAQAwgZUxIzAhBgNVBAMTGnJlbmV3dGVzdC5xYXJlZ3Jlc3Npb24u b3JnMQswCQYDVQQGEwJDQTELMAkGA1UECBMCT04xEDAOBgNVBAcTB1Rvcm9udG8x DzANBgNVBAoTBm5ld29yZzEPMA0GA1UECxMGUUFEZXB0MSAwHgYJKoZIhvcNAQkB FhFxYWZpdmVAdHVjb3dzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKEUMvmJTbZlIM7aBU3vPYJTsJqPFo45fzzgcrrCUMzsnYV8l/9PRELAfvGK eFMI27uGUbeXO3EoklMXd1YZwJickfEBG3dSmR8hGBRHrzhKazqos0UmgS4xIyPl 5Rs/WzRRCdhnV7yqSYmC4SLui/8WTEaYsWy5xgbwI7q4ojZurJ65kjeL3e2q7ftr R/YLvP9Fx6mMTECBFbQxlrlXUQCn/goCfI98zFDQJ/cuPuYuU6Ret4IFU4T8Jn87 jiDa17hqgo/D2rEUfPe1xuk8LgyCcKT0Nemg1uNLihBwwt+nzo7LfyM16BdEFVkG DOVsasYYFRKQDH7dGTUeZ2hhd5MCAwEAAaAAMA0GCSqGSIb3DQEBBAUAA4IBAQCY +zsCNQ+vtEocKDg+8eAA4hKUhOTbuT2TsfxtQflmihKa0WB5IvKjgVb3MENWwwAi 3+XpYEBlsaI2NYpLjgRGvoQMUiAXC3JeoxxXXfcdmEpLevD0VZfGtm04RRlFPwEx jZESqMjBGROUsjnC3pOjUcb9Y6vFeRWtatCmdbDMKnumrKB1G1G6uA01yQR1vsx0 fjK8bhWxwbCoXCQ8LnlQwb9wQECXJ+vguFdB0u97+XHKZXhxpij12frnYPRyJfec hA6ODlhvJv2k2P19ZjGthGrfW5z7F/mev59a5LX6n4TO1Wp4FZFw4pOJr79umR/K L/tZauY8EjcOfSHZ76vn -----END CERTIFICATE REQUEST-----</item>

<item key='base_order_id'>8245</item>


48



<dt_assoc>

<item key='admin'>

<dt_assoc>

<item key='first_name'>Adler</item>

<item key='last_name'>Adams</item>

<item key='title'>Admin</item>

<item key='org_name'>Example Inc.</item>

<item key='address1'>32 Oak Street</item>

<item key='address2'>Suite 100</item>

<item key='address3'/>

<item key='city'>Santa Clara</item>

<item key='state'>CA</item>

<item key='country'>US</item>

<item key='postal_code'>90210</item>

<item key='fax'>+1.4165350155</item>

<item key='phone'>+1.4165550123x1812</item>

<item key='email'>[email protected]</item>

</dt_assoc>

</item>

</dt_assoc>

</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

49



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>




</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

50

Example 10

This example shows a renewal order for a QuickSSL certificate that was submitted by using the order ID.


<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>





<dt_assoc>

<item key='reg_type'>RENEW</item>

<item key='csr'>-----BEGIN CERTIFICATE REQUEST----- MIIC2zCCAcMCAQAwgZUxIzAhBgNVBAMTGnJlbmV3dGVzdC5xYXJlZ3Jlc3Npb24u b3JnMQswCQYDVQQGEwJDQTELMAkGA1UECBMCT04xEDAOBgNVBAcTB1Rvcm9udG8x DzANBgNVBAoTBm5ld29yZzEPMA0GA1UECxMGUUFEZXB0MSAwHgYJKoZIhvcNAQkB FhFxYWZpdmVAdHVjb3dzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKEUMvmJTbZlIM7aBU3vPYJTsJqPFo45fzzgcrrCUMzsnYV8l/9PRELAfvGK eFMI27uGUbeXO3EoklMXd1YZwJickfEBG3dSmR8hGBRHrzhKazqos0UmgS4xIyPl 5Rs/WzRRCdhnV7yqSYmC4SLui/8WTEaYsWy5xgbwI7q4ojZurJ65kjeL3e2q7ftr R/YLvP9Fx6mMTECBFbQxlrlXUQCn/goCfI98zFDQJ/cuPuYuU6Ret4IFU4T8Jn87 jiDa17hqgo/D2rEUfPe1xuk8LgyCcKT0Nemg1uNLihBwwt+nzo7LfyM16BdEFVkG DOVsasYYFRKQDH7dGTUeZ2hhd5MCAwEAAaAAMA0GCSqGSIb3DQEBBAUAA4IBAQCY +zsCNQ+vtEocKDg+8eAA4hKUhOTbuT2TsfxtQflmihKa0WB5IvKjgVb3MENWwwAi 3+XpYEBlsaI2NYpLjgRGvoQMUiAXC3JeoxxXXfcdmEpLevD0VZfGtm04RRlFPwEx jZESqMjBGROUsjnC3pOjUcb9Y6vFeRWtatCmdbDMKnumrKB1G1G6uA01yQR1vsx0 fjK8bhWxwbCoXCQ8LnlQwb9wQECXJ+vguFdB0u97+XHKZXhxpij12frnYPRyJfec hA6ODlhvJv2k2P19ZjGthGrfW5z7F/mev59a5LX6n4TO1Wp4FZFw4pOJr79umR/K L/tZauY8EjcOfSHZ76vn -----END CERTIFICATE REQUEST-----</item>



51


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>







<dt_assoc>




</dt_assoc>

</item>


</dt_assoc>

52

</data_block>

</body>

</OPS_envelope>

Example 11

This example shows a renewal order for a QuickSSL certificate that was submitted by using the product ID.


<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>





<dt_assoc>

<item key='inventory_item_id'>8887502</item>

<item key='reg_type'>RENEW</item>

<item key='csr'>-----BEGIN CERTIFICATE REQUEST----- MIIC1zCCAb8CAQAwgZExHzAdBgNVBAMTFnJhcGlkLnFhcmVncmVzc2lvbi5vcmcxCzAJBgNVBAYTAkNBMQswCQYDVQQIEwJPTjEQMA4GA1UEBxMHVG9yb250bzEPMA0G A1UEChMGbmV3b3JnMQ8wDQYDVQQLEwZRQURlcHQxIDAeBgkqhkiG9w0BCQEWEXFhZml2ZUB0dWNvd3MuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA 3FI2z0xXFk5/0iy3Sw6JiXuN1LJmL61NdvuXH+6WLdWDxsheSzmGLtnELmKuKZAVgby1+13KuvuxOtutM/EfrnWagrn2cOpR7WDkogRFlYQ14jx8CadjCIviyIsdL+SC ix9HeFYLT/kMcB/i7oWUlroyvOZ6aHFnThvZxl7Yk9su3UNfn9ZL/bj7GjmxMn8lBH9AJvmEvM8Qa9vLUT4AQR+p7TrdcTeXyBJSt4q1rqKXhq4Q4ChG6rielRu3VN2g x60cCWOl/b04w/psWCBmgUvzFzwmgIfP0a7H+sxsAOFTyCwKBfOBALtKsQWkW4DCM4KpZLQ20W+IfPXvvrJSUwIDAQABoAAwDQYJKoZIhvcNAQEEBQADggEBAGTZD3sk qLoNK2tx+ciIUBvBXrVNzUm5PSc7LQLfDqKms0zcvQM1nE8Yz+LkbjFZyWIc2njrt8H7AGis/sdeKKK9Vi1VU9cOwp+QOgtuLxa/97rBudrLdoUiWYWj2MiR2T9aSf0k vxSRdio3UrJNrygkf1z2I5sEn5HjbiavaSAE/c7yo9EtsTSfp2P/siT2D6a3FOrAwPPyw0RN01

53

YslYBgzV+RsTRPdewpIPe85RnCET76R+/cGMsvoe3ayl/lzZS5irkL ilRltNDFa5NHlxtgJuyvrOtfyqVuro+2nznZYkxZsJun/D+CzA6oamgF/q13Mk60d8dsqH1Ya/8rX0g= -----END CERTIFICATE REQUEST-----</item>




<dt_assoc>

<item key='admin'>

<dt_assoc>



<item key='title'>Administrator</item>

<item key='org_name'>Example Co.</item>








<item key='fax'>+1.4165550125</item>



</dt_assoc>

</item>

</dt_assoc>

</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

54



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>

<item key='domain'>certtest.example.org</item>



</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

55

Example 12

This example shows a registration for an SSL WebServer with EV SAN certificate.


<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>





<dt_assoc>


<item key='additional_domains'>

<dt_array>

<item key='0'>additional1.example.org</item>

<item key='1'>example.net</item>

<item key='2'>example2.org</item>

</dt_array>

</item>



</item>



56

<item key='csr'>-----BEGIN CERTIFICATE REQUEST----- MIIC2jCCAcICAQAwgZQxIjAgBgNVBAMTGXNzbHdlYmV2MTM0NzQ3NjI5Mzg1My5v cmcxCzAJBgNVBAYTAkNBMQswCQYDVQQIEwJPTjEQMA4GA1UEBxMHVG9yb250bzEP MA0GA1UEChMGbmV3b3JnMQ8wDQYDVQQLEwZRQURlcHQxIDAeBgkqhkiG9w0BCQEW EXFhZml2ZUB0dWNvd3MuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApc+zO2kbORX06H6jLjmoesh/VQOVcZpGUNy5ZbGILDj/wWiPxurylaYh1aAo aeq2f/UAzb+2YtgEBmQoTNteVz02VlUeIYpzkr2Tr9lGiJfTuVsQgsyMWofadW7r w8U9SM6BKOmqCWkvGyTWBFDugJQGJmy4mOfcau0YKolGc1YzYDfSPTqkfwqh9Rl3 ZLWLQv3kmF0cDPHSyFxEjilCeqkZ5gF8tkhpcPEKDw1y7f3a3Bjw7sDyrMmD7bBI H9JYqi6sEGbMFutKUvjWdcgQvQ42qOOO+w+HkAJ6bQxMIHr5cnj3vJ+peIfTjAQl +T+WcRcv15Utw72emN7YNTmtkwIDAQABoAAwDQYJKoZIhvcNAQEEBQADggEBAJVl wme99Uo/z8LdOaJsKKPww2etWmBP9SXzW7edClkd2sXoRPKYjj60DDwODvJhZGR4 9u4dnz6HqfpFi4ldvX9Uz9zUYUSkKPNN2Q5gelLwbG5MjBNG+lxsfuAtvak9yxxt g24agYFlBlAoLOqCkLVCULCQIdZ6WOH4DLOaCgEeP3thh5ig+pn0lyXB3U3ACHxN NIpYjwMNogyXNcEefHAjTZQIm+fcHKfEbvSTrlzXMY6/MSK0nsWCHN4CD2bmwXeq J5JmIEZ+Q0mZGefhNUvn3bxiNYlpVU5KiFFX1L42Ed0I16cmQt8k7yC+WtghCT0d KNDYOT15336r+A1KCfc= -----END CERTIFICATE REQUEST----- </item>




<item key='product_type'>sslwebserver_ev</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>

57








<dt_assoc>

<item key='domain'>example.org</item>



</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

58

cancel_free_trial

Description

Action & object

action = cancel_free_trial


Usage

Cancel a Trust Service 30 day free trial order.

Free trials are available for the following Trust Service products:

GeoTrust—True BusinessID with EV Symantec—SecureSite, Secure Site Pro, Secure Site with EV, and Secure

Site Pro with EV TRUSTe—Hosted Privacy Policy (HPP) and Privacy Policy with Seal (TPS)

You can cancel the free trial at any time during the 30 day free trial period without incurring a charge. If the product is not cancelled by the end of the 30 day period, the product is immediately activated, and the customer is charged for the term that they selected when they placed the order. The expiry date is calculated from the date that the paid term begins, not the date that the free trial began.

For TRUSTe, the cancellation is processed immediately, but when GeoTrust and Symantec require customer approval. The supplier sends the customer an email asking them to approve the cancellation. Once the cancellation is approved, the status of the order changes to Revoked/Declined.

Note: When you cancel a free trial, you will not be able to order another Trust Service order for that domain until the full 30 days of the free trial period have passed. For TRUSTe, a call needs to be made to the supplier to get the domain unlocked.

59

Request parameters for cancel_free_trial

Standard parameters

Action & object

action = cancel_order


attributes

Attributes


Note: You must specify at least one of these parameters.

Parameter name Obligation Definition/Value

order_id Optional The Trust Service order ID number.

product_id Optional The Trust Service product ID number.

Response parameters for cancel_free_trial



is_success = a Boolean is returned, indicating success or failure of the requestresponse_code = response code indicating outcome of the requestresponse_text = message describing the outcome of the request

Attributes



domain Returned for domain vetted certs if is_success = true

The domain with which the Trust Service order is associated..

60


product_id Returned if is_success = true

The Trust Service product ID number.


The state of the order. Allowed values are:








Examples for cancel_free_trial



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


61

<item key="action">cancel_free_trial</item>



<dt_assoc>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key="action"> REPLY</item>





<dt_assoc>

<item key="domain">1320701286testing.com</item>

<item key="product_id">1848</item>

<item key="state">revoked</item>

62

</dt_assoc>

</item>


</dt_assoc>

</data_block>

</body>

</OPS_envelope>

63

cancel_order

Description

Action & object



Usage

Cancel a Trust Service order.

Request parameters for cancel_order

Standard parameters

Action & object



Attributes



order_id Required The ID of the order.

Response parameters for cancel_order

Standard parametersaction = replyobject = trust_service

is_success = a Boolean is returned, indicating success or failure of the requestresponse_code = response code indicating outcome of the requestresponse_text = message describing the outcome of the request

64

Attributes


Parameter name



The domain with which the Trust Service order is associated.


The ID of the order.










Examples for cancel_order



<OPS_envelope>

<header>


</header>

<body>

<data_block>

65

<dt_assoc>


<item key='action'>cancel_order</item>



<dt_assoc>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>


66


<item key='state'>declined</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

67

create_token

Description

Action & object

action = create_token


Usage

Creates a SiteLock or TRUSTe account so that users can log in and manage the Trust Service product. To use this command, the order cannot be in the pending state.

Important: The resulting URL is valid for only a limited period of time that may be as short as five minutes.

Request parameters for create_token

Standard parametersaction = create_token


attributes

Attributes


Note: You must enter at least one of these parameters.

Parameter name




68

Response parameters for create_token

Standard parameters

action = reply





AttributesParameters within the attributes associative array are described below.

Parameter name


login_url Returned if is_success = true

The The URL where the user can log in to manage the SiteLock or TRUSTe product.

Examples for create_token



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


69

<item key='action'>create_token</item>



<dt_assoc>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>

<item key='login_url'>https://www.sitelock.com/rlogin.php?token=ccc038d24c91a7a67d0a12f46f29a260</item>

70

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

71

get_cert

Description

Action & object

action = get_cert


Usage

Returns the certificate for the specified Trust Service product as well as associated product information.

Note: This command can only be used for orders whose status is Completed.

Request parameters for get_cert

Standard parameters

action = get_cert


attributes

Attributes


Parameter name


order_id Required if product_id is not submitted

The Trust Service order ID number.

product_id Required if order_id is not submitted

The Trust Service ID number.

return_ca_certs Optional If this parameter is included and set to 1, the response will include root CA and intermediate certificates.

72

Parameter name


return_pkcs7_cert Optional If this parameter is included and set to 1, the response will include the PKCS#7 format certificate.

Response parameters for get_cert

Standard parameters

action = reply





Attributes

If the request is successful, the attributes associative array may include the following:

Parameter name


cert_data Returned if is_success = true

The Trust Service Certificate.

For more information, see the cert_data table below.

contact_email Returned if is_success = true

The contact email address that was submitted with the Trust Service order; may be the admin email address or the organization email address, depending on the product type.

Note: The contact_email value can be updated by using the update_product command.

domain Returned if is_success = true


expiry_date Returned if is_success = true

The date on which the Trust Service certificate expires.

73

Parameter name


issue_date Returned if is_success = true

The date on which the Trust Service certificate was issued.


The ID number for the Trust Service.

product_type Returned if is_success = true

The Trust Service product type.

Allowed values are:

• comodo_ev

• comodo_instantssl

• comodo_premiumssl

• comodo_premiumssl_wildcard

• comodo_ssl

• comodo_wildcard

• malwarescan

• quickssl

• quickssl_premium

• securesite

• securesite_pro

• securesite_ev

• securesite_pro_ev

• sgcsuper_certs

• sitelock_basic

• sitelock_premium

• sitelock_enterprise

• ssl123

• sslwebserver

• sslwebserver_wildcard

• sslwebserver_ev

• truebizid

• truebizid_ev

• truebizid_wildcard

• truste_hpp (Hosted Privacy Policy)

• truste_tps (TRUSTE Privacy Policy

74

Parameter name


with seal)

• trustwave_dv

• trustwave_ev

• trustwave_premiumssl

• trustwave_premiumssl_wildcard

start_date Returned if is_success = true

The effective date for the Trust Service.


The state of the product. Allowed values are:

• expired

• active

• renewing

• renewed

• revoked

cert_data

Parameters within the cert_data associative array are described below.

Parameter name


ca_certificates Returned if return_ca_certs = 1

An array that includes the ROOT or Intermediate CA certificates chain, in order.

Note: Trustwave does not return CA certificates; however, the intermediate bundle can be downloaded by visiting the Trustwave Support page.

certificate Returned if is_success = true

The Trust Service certificate that was issued.

pkcs7 Returned if return_pkcs7_cert = 1

The PKCS#7 format certificate that was issued.

75

https://ssl.trustwave.com/support/install-certificate.php

https://ssl.trustwave.com/support/install-certificate.php

Examples for get_cert

Example 1

Uses the order ID to retrieve the properties for a Trust Service product.



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>get_cert</item>



<dt_assoc>

<item key='return_pkcs7_cert'>1</item>

<item key='return_ca_certs'>1</item>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

76



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>

<item key='cert_data'>

<dt_assoc>

<item key='pkcs7'>MIIYFAYJKoZIhvcNAQcCoIIYBTCCGAECAQExADALBgkqhkiG9w0BBwGgghfpMIIF

SzCCBDOgAwIBAgIQKBqJ8LG7xMORrbudRYUgPjANBgkqhkiG9w0BAQUFADByMQsw

CQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQH

EwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDEYMBYGA1UEAxMP

RXNzZW50aWFsU1NMIENBMB4XDTExMTAwNTAwMDAwMFoXDTEyMTAwNTIzNTk1OVow

gYUxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEeMBwGA1UECxMV

SG9zdGVkIGJ5IFR1Y293cyBJbmMuMR4wHAYDVQQLExVFc3NlbnRpYWxTU0wgV2ls

ZGNhcmQxIDAeBgNVBAMUFyoucmVnNC5xYXJlZ3Jlc3Npb24ub3JnMIIBIjANBgkq

hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukPlCL1vnnl9kgRhdRZ XQ2yo3FqnFbG

77

IBZkjg2dJ8X3M/hM Lat5u /A1rkHP3kNvchwjf2kOmh29Hul6JLkfFlv6ZfYNsT

va/28P4RMZ38CBiTomAEwsxxrU5zDZmOLOqY3mg1sifhXT7lma0tgGSCil8Ru9NF

/jbAnShJx/MdvRdKORo1LGYplwg0 Esho5ODbIOlgEY18qgEDg8f0ir3jlOdsUzH

1A/qyl332eowlzztSmaJkbkjOJhMl9WaGfp0LeybNk7nGiSyIMWsHotlrQdiaftE

Rg6SkS9eDFljYGXEnoexa5BbQGO0mpAGO5WbeB0KNWUyRAHYPdaZ1wIDAQABo4IB

xzCCAcMwHwYDVR0jBBgwFoAU2svqrVsIXcz//CZUzknlVcY49PgwHQYDVR0OBBYE

FLLQDNSlCLlxPNKvHiVYCm/SBridMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E

AjAAMDQGA1UdJQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJ

YIZIAYb4QgQBMEUGA1UdIAQ MDwwOgYLKwYBBAGyMQECAgcwKzApBggrBgEFBQcC

ARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwOwYDVR0fBDQwMjAwoC6g

LIYqaHR0cDovL2NybC5jb21vZG9jYS5jb20vRXNzZW50aWFsU1NMQ0EuY3JsMG4G

CCsGAQUFBwEBBGIwYDA4BggrBgEFBQcwAoYsaHR0cDovL2NydC5jb21vZG9jYS5j

b20vRXNzZW50aWFsU1NMQ0FfMi5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw

LmNvbW9kb2NhLmNvbTA5BgNVHREEMjAwghcqLnJlZzQucWFyZWdyZXNzaW9uLm9y

Z4IVcmVnNC5xYXJlZ3Jlc3Npb24ub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQBo8rwM

rpd2iSi45Vl69urPeUwMTeuEugN1V5zW26gxUE7nMLuOwwaFKKJFnOrxYSLbYK7e

z61Oujx9AyNwRyCja/0JdMEV9PHJHsn/mkLjXLnkgFmoxX75dsISBpIjy5f Q0t5

xzbkVxBV3ZGW5OHRIy76h0gyrsRTNVr2BK3j apQUfQkdlPLq2DxHtJjuL5XrkVj

4mnUESS8Suhb8nEebc367kyXlVr453dHuQKfOUHtTmNOh5hin9yYOt0c1Dcyqsm

ue7TkHwniAryq4QsukxckiTyIAU4q 2BjO0gULy9C/3Nu8guFtLof DEO9t2g0sP

CFcn9QtLIdF oeMNMIIFAzCCA ugAwIBAgIQGLLLuqME8aAPwfLzJkYqSjANBgkq

hkiG9w0BAQUFADCBgTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFu

Y2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExp

bWl0ZWQxJzAlBgNVBAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe

Fw0wNjEyMDEwMDAwMDBaFw0xOTEyMzEyMzU5NTlaMHIxCzAJBgNVBAYTAkdCMRsw

GQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY

BgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMRgwFgYDVQQDEw9Fc3NlbnRpYWxTU0wg

Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt8AiwcsargxIxF3CJ

hakgEtSYau2A1NHf5I5ZLdOWIY120j8YC0YZYwvHIPPlC92AGvFaoL0dds23Izp0

XmEbdaqb1IX04XiR0y3hr/yYLgbSeT1awB8hLRyuIVPGOqchfr7tZ291HRqfalsG

s2rjsQuqag7nbWzDypWMN84hHzWQfdvaGlyoiBSyD8gSIF/F03/o4Tjg27z5H6Gq

78

1huQByH6RSRQXScqoChBRVt9vKCiL6qbfltTxfEFFld Edc7tNkBdtzffRDPUanl

OPJ7FAB1WfnwWdsXPvev5gItpHnBXaIcw5rIp6gLSApqLn8tl2X2xQScRMiZln5

pN0vAgMBAAGjggGDMIIBfzAfBgNVHSMEGDAWgBQLWOWLxkwVN6RAqTCpIb5HNlpW

/zAdBgNVHQ4EFgQU2svqrVsIXcz//CZUzknlVcY49PgwDgYDVR0PAQH/BAQDAgEG

MBIGA1UdEwEB/wQIMAYBAf8CAQAwIAYDVR0lBBkwFwYKKwYBBAGCNwoDAwYJYIZI

AYb4QgQBMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwczov

L3NlY3VyZS5jb21vZG8uY29tL0NQUzBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8v

Y3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy

bDBsBggrBgEFBQcBAQRgMF4wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuY29tb2Rv

Y2EuY29tL0NvbW9kb1VUTlNHQ0NBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29j

c3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQAtlzR6QDLqcJcvgTtL

eRJ3rvuq1xqo2l/zodueTZbLN3qo6u6bldudu Ennv1F7Q5Slqz0J790qpL0pcRD

AB8OtXj5isWMcL2aejGjKdBZa0wztSz4iw SY1dWrCRnilsvKcKxudokxeRiDn55

w/65g onO7wdQ7VuF6r7yJiIatnyfKH2cboZT7g440LX8NqxwCPf3dfxp 0Jj1ag

q8MLy6SSgIGSH6lv Wwz3D5XxqfyH8wqfOQsTEZf6/Nh9yvENZ NWPU6g0QO2JOs

TGvMd/QDzczc4BxLXSXaPV7Od4rhPsbXlM1wSTz/Dr0ISKvlUhQVnQ6cGodWaK2c

CQBkMIIEqzCCA5OgAwIBAgIQLnmDLpCIh qLjvMabuZ6RDANBgkqhkiG9w0BAQUF

ADCBkzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExh

a2UgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQL

ExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xGzAZBgNVBAMTElVUTiAtIERBVEFD

b3JwIFNHQzAeFw0wNjEyMDEwMDAwMDBaFw0yMDA1MzAxMDQ4MzhaMIGBMQswCQYD

VQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdT

YWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09N

T0RPIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOC

AQ8AMIIBCgKCAQEA0ECLi3LjkRv3UcEbVASY06m/weaKXTuH 7uIzg3jLz8GlvCi

KVCZrts7oVewdFFxze1CkU1B/qnI2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGz

UvAhTaHYujl8HJ6jJJ3ygxaYqhZ8Q5sVW7euNJH 1GImGEaaP vB fGQV useg2L

23IwambV4EajcNxo2f8ESIl33rXp 2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovG

uFVDiOEjPqXSJDlqR6sA1KGzqSX DT nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G

1CEZ0o7KBWFxB3NH5YoZEr0ETc5OnKVIrLsm9wIDAQABo4IBCTCCAQUwHwYDVR0j

BBgwFoAUUzLRs89/ uDxoF2FTpLSnkUdtE8wHQYDVR0OBBYEFAtY5YvGTBU3pECp

79

MKkhvkc2Wlb/MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MCAGA1Ud

JQQZMBcGCisGAQQBgjcKAwMGCWCGSAGG EIEATARBgNVHSAECjAIMAYGBFUdIAAw

bQYDVR0fBGYwZDAxoC gLYYraHR0cDovL2NybC5jb21vZG9jYS5jb20vVVROLURB

VEFDb3JwU0dDLmNybDAvoC2gK4YpaHR0cDovL2NybC5jb21vZG8ubmV0L1VUTi1E

QVRBQ29ycFNHQy5jcmwwDQYJKoZIhvcNAQEFBQADggEBANheksSuFNxDrcKkw2dF

Bx35N6IZxxw3NZETHAfEfUKmDvCGXENrDkTPviRhOkKpzp1Mr3k5cN0OBCBOlZw8

3rdgumNDQO1qD4FJRrsek8BL8/jhNkkbb7YMDfKQV4r8bZPyKMf6hgoosxcOWYou

tr/N4axMZmzyVZFWtzK/seR9teg6ti/bspzaUJOOTsWsmn5cnhI8O03GUHCzZSuO

92uhuyXAALv17BZlgQ771KMhlneaqHS8U6rCOVD/CwIJYcyVt9eIavZcxWjTFJUa

R1/Z y3kL48ThqsxE0ATrG7ttRAwixtQqc7ujMrrfLW5Fj3U m SbR6ivfsCSsVw

vvEwggSmMIIDjqADAgECAhBG6vCWBUzF4/pl6m6fQsZkMA0GCSqGSIb3DQEBBQUA

MG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEmMCQGA1UECxMd

QWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsxIjAgBgNVBAMTGUFkZFRydXN0

IEV4dGVybmFsIENBIFJvb3QwHhcNMDUwNjA3MDgwOTEwWhcNMjAwNTMwMTA0ODM4

WjCBkzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExh

a2UgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQL

ExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xGzAZBgNVBAMTElVUTiAtIERBVEFD

b3JwIFNHQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN/uWBCiK25V

xI6/LkYJ5 AIDy4rehOUG732toCOZQWTAB68r IPjhkNEkfsrK2j i5w N5u 1ZC

FZ4uXO8j3iG5BXYnGQ9P1sOctL6UGWPyphEK61NInL7yKTsW6BqgTKbJ9BhZaMBw

8lMAwF5QgqVWbzb5SuBEhqBNTtZHbklKy2fXpsQFuY4e9Pz/zec24JwFbLIzIhXQ

tODMF8CywPT Mj8pKpV72PKnTg9UfKENgLMJA8H/XN1emj68rrxHimquccofsSq4

X0IFC xGMNFyC8rpVm317994vmG6sqWuBEy8qKxpFZe97 u0jL81 NTD0SgOXDqf

cBgzIHfEoq8CAwEAAaOCARcwggETMB8GA1UdIwQYMBaAFK29mHo0tCb3 sQmVO8D

veAky1QaMB0GA1UdDgQWBBRTMtGzz3/64PGgXYVOktKeRR20TzAOBgNVHQ8BAf8E

BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAgBgNVHSUEGTAXBgorBgEEAYI3CgMDBglg

hkgBhvhCBAEwEQYDVR0gBAowCDAGBgRVHSAAMHsGA1UdHwR0MHIwOKA2oDSGMmh0

dHA6Ly9jcmwuY29tb2RvY2EuY29tL0FkZFRydXN0RXh0ZXJuYWxDQVJvb3QuY3Js

MDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQvQWRkVHJ1c3RFeHRlcm5hbENB

Um9vdC5jcmwwDQYJKoZIhvcNAQEFBQADggEBAGOGkhCxE/o3vo4qthuKQ/Vcrg4U

3/dpQH /GnEACdi/1CRKv CT/wHYC8YP7H5HnLBd93wUnfzAM5KEW9KD9FLiIlh0

80

/EMbP6ejWNoD/bzwOuTtzBK7ybmuewSgBHK/6d4t0qdRZgBz0r1 qp5Tln1pshg

jq1WUH731bD/OWJlgoyWV8OP92D2wo00h/xPQ Xbvxyq9obN5t8RP40H922DE8A4

iDlgoX4w4eOIPqS7Y28s6YpoLO6WaawEYeFPTg6dckz2eTjIx0hpb5QPdLS8yM9X

Tbl1cZYNigYL693Q8Dx9xi6YRmo4xwK1yLiyZXXe2pAItne4UwAly0fKc18wggQ2

MIIDHqADAgECAgEBMA0GCSqGSIb3DQEBBQUAMG8xCzAJBgNVBAYTAlNFMRQwEgYD

VQQKEwtBZGRUcnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQ

IE5ldHdvcmsxIjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3QwHhcN

MDAwNTMwMTA0ODM4WhcNMjAwNTMwMTA0ODM4WjBvMQswCQYDVQQGEwJTRTEUMBIG

A1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFsIFRU

UCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290MIIB

IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/caM byAAQtOeBOW 0fvGwP

zbX6I7bO3psRM5ekKUx9k5 9SryT7QMa44/P5W1QWtaXKZRagLBJetsulf24yr83

OC0ePpFBrXBWx/BPP gynnTKyJBU6cZfD3idmkA8Dqxhql4Uj56HoWpQ3NeaTq8F

s6ZxlJxxs1BgCscTnTgHhgKo6ahpJhiQq0ywTyOrOk E2N/On Fpb7vXQtdrROTH

re5tQV9yWnEIN7N5ZaRZoJQ39wAvDcKSctrQOHLbFKhFxF0qfbe01sTurM0TRLfJ

K91DACX6YblpalgjEbenM49WdVn1zSnXRrcKK2W200JvFbK4e/vv6V1T1TRaJwID

AQABo4HcMIHZMB0GA1UdDgQWBBStvZh6NLQm9/rEJlTvA73gJMtUGjALBgNVHQ8E

BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zCBmQYDVR0jBIGRMIGOgBStvZh6NLQm9/rE

JlTvA73gJMtUGqFzpHEwbzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0

IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5hbCBUVFAgTmV0d29yazEiMCAG

A1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9vdIIBATANBgkqhkiG9w0BAQUF

AAOCAQEAsJvghSXC1iPiD5YGkp1BmJzZhHmB2R5bFAcjNmWPsNh3u6xBbEdgg1Gw

TI95/z2JhPHgBalv1r8h894eYkhmuJMBwqGNbzy3lHE0pa33H5O7nD9HDnrDAJR

FC2OvRbgwd9Gdeckrez0QrSFk3AQZ7qdBjVKGNMresxRQqF6Y9Hmu6HFK8I2vhMN

5r1jfnl7pwkNQKtq3Y Kw/b2jBpCBVHURfWfp2IhaBUgQzyZ53y9JNipkRdziD9W

GzE4GLRxD5rNyA6eji4b4YyYg8sfMfFETMYEc0l2YA/H L0XgGsu6cxMDlqaeQ8g

Ci7VnmMmHlWSlNiCF1p70LzHj06GBDEA</item>

<item key='ca_certificates'>

<dt_array>

<item key='0'>-----BEGIN CERTIFICATE-----

MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU

81

MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs

IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290

MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux

FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h

bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v

dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt

H7xsD821 iO2zt6bETOXpClMfZOfvUq8k 0DGuOPz VtUFrWlymUWoCwSXrbLpX9

uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI eh6FqUNzX

mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW 710LX

a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN

E0S3ySvdQwAl mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77 ldU9U0

WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD

VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0

Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU

cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx

IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN

AQEFBQADggEBALCb4IUlwtYj4g WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH

YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x Tu5w/Rw5

6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC

Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX

c4g/VhsxOBi0cQ azcgOno4uG GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a

mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=

-----END CERTIFICATE-----</item>


MIIEpjCCA46gAwIBAgIQRurwlgVMxeP6Zepun0LGZDANBgkqhkiG9w0BAQUFADBv

MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk

ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF

eHRlcm5hbCBDQSBSb290MB4XDTA1MDYwNzA4MDkxMFoXDTIwMDUzMDEwNDgzOFow

gZMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl

IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY

aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMRswGQYDVQQDExJVVE4gLSBEQVRBQ29y

82

cCBTR0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf7lgQoituVcSO

vy5GCefgCA8uK3oTlBu99raAjmUFkwAevK/iD44ZDRJH7Kyto/oucPjebvtWQhWe

LlzvI94huQV2JxkPT9bDnLS lBlj8qYRCutTSJy 8ik7FugaoEymyfQYWWjAcPJT

AMBeUIKlVm82 UrgRIagTU7WR25JSstn16bEBbmOHvT8/83nNuCcBWyyMyIV0LTg

zBfAssD0/jI/KSqVe9jyp04PVHyhDYCzCQPB/1zdXpo vK68R4pqrnHKH7EquF9C

BQvsRjDRcgvK6VZt9e/feL5hurKlrgRMvKisaRWXve/rtIy/NfjUw9EoDlw6n3AY

MyB3xKKvAgMBAAGjggEXMIIBEzAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73g

JMtUGjAdBgNVHQ4EFgQUUzLRs89/ uDxoF2FTpLSnkUdtE8wDgYDVR0PAQH/BAQD

AgEGMA8GA1UdEwEB/wQFMAMBAf8wIAYDVR0lBBkwFwYKKwYBBAGCNwoDAwYJYIZI

AYb4QgQBMBEGA1UdIAQKMAgwBgYEVR0gADB7BgNVHR8EdDByMDigNqA0hjJodHRw

Oi8vY3JsLmNvbW9kb2NhLmNvbS9BZGRUcnVzdEV4dGVybmFsQ0FSb290LmNybDA2

oDSgMoYwaHR0cDovL2NybC5jb21vZG8ubmV0L0FkZFRydXN0RXh0ZXJuYWxDQVJv

b3QuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQBjhpIQsRP6N76OKrYbikP1XK4OFN/3

aUB/vxpxAAnYv9QkSr/gk/8B2AvGD x R5ywXfd8FJ38wDOShFvSg/RS4iJYdPxD

Gz no1jaA/288Drk7cwSu8m5rnsEoARyv neLdKnUWYAc9K9fqqeU5Z9abIYPo6t

VlB 99Ww/zliZYKMllfDj/dg9sKNNIf8T0Pl278cqvaGzebfET NB/dtgxPAOIg5

YKF MOHjiD6ku2NvLOmKaCzulmmsBGHhT04OnXJM9nk4yMdIaW UD3S0vMjPV025

dXGWDYoGC vd0PA8fcYumEZqOMcCtci4smV13tqQCLZ3uFMAJctHynNf



MIIEqzCCA5OgAwIBAgIQLnmDLpCIh qLjvMabuZ6RDANBgkqhkiG9w0BAQUFADCB

kzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug

Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho

dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xGzAZBgNVBAMTElVUTiAtIERBVEFDb3Jw

IFNHQzAeFw0wNjEyMDEwMDAwMDBaFw0yMDA1MzAxMDQ4MzhaMIGBMQswCQYDVQQG

EwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxm

b3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RP

IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A

MIIBCgKCAQEA0ECLi3LjkRv3UcEbVASY06m/weaKXTuH 7uIzg3jLz8GlvCiKVCZ

rts7oVewdFFxze1CkU1B/qnI2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAh

TaHYujl8HJ6jJJ3ygxaYqhZ8Q5sVW7euNJH 1GImGEaaP vB fGQV useg2L23Iw

83

ambV4EajcNxo2f8ESIl33rXp 2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVD

iOEjPqXSJDlqR6sA1KGzqSX DT nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ

0o7KBWFxB3NH5YoZEr0ETc5OnKVIrLsm9wIDAQABo4IBCTCCAQUwHwYDVR0jBBgw

FoAUUzLRs89/ uDxoF2FTpLSnkUdtE8wHQYDVR0OBBYEFAtY5YvGTBU3pECpMKkh

vkc2Wlb/MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MCAGA1UdJQQZ

MBcGCisGAQQBgjcKAwMGCWCGSAGG EIEATARBgNVHSAECjAIMAYGBFUdIAAwbQYD

VR0fBGYwZDAxoC gLYYraHR0cDovL2NybC5jb21vZG9jYS5jb20vVVROLURBVEFD

b3JwU0dDLmNybDAvoC2gK4YpaHR0cDovL2NybC5jb21vZG8ubmV0L1VUTi1EQVRB

Q29ycFNHQy5jcmwwDQYJKoZIhvcNAQEFBQADggEBANheksSuFNxDrcKkw2dFBx35

N6IZxxw3NZETHAfEfUKmDvCGXENrDkTPviRhOkKpzp1Mr3k5cN0OBCBOlZw83rdg

umNDQO1qD4FJRrsek8BL8/jhNkkbb7YMDfKQV4r8bZPyKMf6hgoosxcOWYoutr/N

4axMZmzyVZFWtzK/seR9teg6ti/bspzaUJOOTsWsmn5cnhI8O03GUHCzZSuO92uh

uyXAALv17BZlgQ771KMhlneaqHS8U6rCOVD/CwIJYcyVt9eIavZcxWjTFJUaR1/Z

y3kL48ThqsxE0ATrG7ttRAwixtQqc7ujMrrfLW5Fj3U m SbR6ivfsCSsVwvvE=



MIIFAzCCA ugAwIBAgIQGLLLuqME8aAPwfLzJkYqSjANBgkqhkiG9w0BAQUFADCB

gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G

A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV

BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw

MDBaFw0xOTEyMzEyMzU5NTlaMHIxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVh

dGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9E

TyBDQSBMaW1pdGVkMRgwFgYDVQQDEw9Fc3NlbnRpYWxTU0wgQ0EwggEiMA0GCSqG

SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt8AiwcsargxIxF3CJhakgEtSYau2A1NHf

5I5ZLdOWIY120j8YC0YZYwvHIPPlC92AGvFaoL0dds23Izp0XmEbdaqb1IX04XiR

0y3hr/yYLgbSeT1awB8hLRyuIVPGOqchfr7tZ291HRqfalsGs2rjsQuqag7nbWzD

ypWMN84hHzWQfdvaGlyoiBSyD8gSIF/F03/o4Tjg27z5H6Gq1huQByH6RSRQXScq

oChBRVt9vKCiL6qbfltTxfEFFld Edc7tNkBdtzffRDPUanlOPJ7FAB1WfnwWdsX

Pvev5gItpHnBXaIcw5rIp6gLSApqLn8tl2X2xQScRMiZln5 pN0vAgMBAAGjggGD

MIIBfzAfBgNVHSMEGDAWgBQLWOWLxkwVN6RAqTCpIb5HNlpW/zAdBgNVHQ4EFgQU

2svqrVsIXcz//CZUzknlVcY49PgwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQI

84

MAYBAf8CAQAwIAYDVR0lBBkwFwYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMD4GA1Ud

IAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21v

ZG8uY29tL0NQUzBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vY3JsLmNvbW9kb2Nh

LmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBsBggrBgEFBQcB

AQRgMF4wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NvbW9k

b1VUTlNHQ0NBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2Eu

Y29tMA0GCSqGSIb3DQEBBQUAA4IBAQAtlzR6QDLqcJcvgTtLeRJ3rvuq1xqo2l/z

odueTZbLN3qo6u6bldudu Ennv1F7Q5Slqz0J790qpL0pcRDAB8OtXj5isWMcL2a

ejGjKdBZa0wztSz4iw SY1dWrCRnilsvKcKxudokxeRiDn55w/65g onO7wdQ7Vu

F6r7yJiIatnyfKH2cboZT7g440LX8NqxwCPf3dfxp 0Jj1agq8MLy6SSgIGSH6lv

Wwz3D5XxqfyH8wqfOQsTEZf6/Nh9yvENZ NWPU6g0QO2JOsTGvMd/QDzczc4BxL

XSXaPV7Od4rhPsbXlM1wSTz/Dr0ISKvlUhQVnQ6cGodWaK2cCQBk


</dt_array>

</item>

<item key='certificate'>-----BEGIN CERTIFICATE-----

MIIFSzCCBDOgAwIBAgIQKBqJ8LG7xMORrbudRYUgPjANBgkqhkiG9w0BAQUFADBy

MQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD

VQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDEYMBYGA1UE

AxMPRXNzZW50aWFsU1NMIENBMB4XDTExMTAwNTAwMDAwMFoXDTEyMTAwNTIzNTk1

OVowgYUxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEeMBwGA1UE

CxMVSG9zdGVkIGJ5IFR1Y293cyBJbmMuMR4wHAYDVQQLExVFc3NlbnRpYWxTU0wg

V2lsZGNhcmQxIDAeBgNVBAMUFyoucmVnNC5xYXJlZ3Jlc3Npb24ub3JnMIIBIjAN

BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukPlCL1vnnl9kgRhdRZ XQ2yo3Fq

nFbGIBZkjg2dJ8X3M/hM Lat5u /A1rkHP3kNvchwjf2kOmh29Hul6JLkfFlv6Zf

YNsTva/28P4RMZ38CBiTomAEwsxxrU5zDZmOLOqY3mg1sifhXT7lma0tgGSCil8R

u9NF/jbAnShJx/MdvRdKORo1LGYplwg0 Esho5ODbIOlgEY18qgEDg8f0ir3jlOd

sUzH1A/qyl332eowlzztSmaJkbkjOJhMl9WaGfp0LeybNk7nGiSyIMWsHotlrQdi

aftERg6SkS9eDFljYGXEnoexa5BbQGO0mpAGO5WbeB0KNWUyRAHYPdaZ1wIDAQAB

o4IBxzCCAcMwHwYDVR0jBBgwFoAU2svqrVsIXcz//CZUzknlVcY49PgwHQYDVR0O

BBYEFLLQDNSlCLlxPNKvHiVYCm/SBridMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB

85

Af8EAjAAMDQGA1UdJQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoD

AwYJYIZIAYb4QgQBMEUGA1UdIAQ MDwwOgYLKwYBBAGyMQECAgcwKzApBggrBgEF

BQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwOwYDVR0fBDQwMjAw

oC6gLIYqaHR0cDovL2NybC5jb21vZG9jYS5jb20vRXNzZW50aWFsU1NMQ0EuY3Js

MG4GCCsGAQUFBwEBBGIwYDA4BggrBgEFBQcwAoYsaHR0cDovL2NydC5jb21vZG9j

YS5jb20vRXNzZW50aWFsU1NMQ0FfMi5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9v

Y3NwLmNvbW9kb2NhLmNvbTA5BgNVHREEMjAwghcqLnJlZzQucWFyZWdyZXNzaW9u

Lm9yZ4IVcmVnNC5xYXJlZ3Jlc3Npb24ub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQBo

8rwMrpd2iSi45Vl69urPeUwMTeuEugN1V5zW26gxUE7nMLuOwwaFKKJFnOrxYSLb

YK7ez61Oujx9AyNwRyCja/0JdMEV9PHJHsn/mkLjXLnkgFmoxX75dsISBpIjy5f

Q0t5xzbkVxBV3ZGW5OHRIy76h0gyrsRTNVr2BK3j apQUfQkdlPLq2DxHtJjuL5X

rkVj 4mnUESS8Suhb8nEebc367kyXlVr453dHuQKfOUHtTmNOh5hin9yYOt0c1Dc

yqsmue7TkHwniAryq4QsukxckiTyIAU4q 2BjO0gULy9C/3Nu8guFtLof DEO9t2

g0sPCFcn9QtLIdF oeMN


</dt_assoc>

</item>

<item key='expiry_date'>2012-10-05T00:00:00.000-04:00</item>

<item key='state'>active</item>

<item key='product_type'>truebizid_wildcard</item>

<item key='domain'>*.example.com</item>

<item key='issue_date'>2011-10-05T00:00:00.000-04:00</item>


<item key='contact_email'>[email protected]</item>

<item key='start_date'>2011-10-05T00:00:00.000-04:00</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

86

Example 2

Uses the product ID to retrieve the properties for a Trust Service product.



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>get_cert</item>



<dt_assoc>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


87

</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>

<item key='cert_data'>

<dt_assoc>

<item key='certificate'>-----BEGIN CERTIFICATE-----

MIIEUTCCAzmgAwIBAgIDAX8yMA0GCSqGSIb3DQEBBQUAME8xCzAJBgNVBAYTAlVT

MRUwEwYDVQQKEwxHZW9UcnVzdCBJbmMxKTAnBgNVBAMTIEdlb1RydXN0IFByZS1Q

cm9kdWN0aW9uIFNVQiBDQSAzMB4XDTEyMDQyODIzNDIzMFoXDTEyMDUwODExMzQ0

OVowgZoxEzARBgNVBAsTCkdUMDgzMjUxNzMxMTAvBgNVBAsTKFNlZSB3d3cucmFw

aWRzc2wuY29tL3Jlc291cmNlcy9jcHMgKGMpMTIxLzAtBgNVBAsTJkRvbWFpbiBD

b250cm9sIFZhbGlkYXRlZCAtIFJhcGlkU1NMKFIpMR8wHQYDVQQDExZyYXBpZC5x

YXJlZ3Jlc3Npb24ub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA

01fy13nKyEaR7BcXW/ZOzrgNbW/v57Q4HtJsFLhakoVU30C6N+xUwZMVMTpMlq5f

xmHjC8/bJN1vho9l3EI9W+QEFXcyh3O9F/11SPqFxStjA/F1R5uzIQuMwMpe4Z3o

EPAusTDDEZDn6KtDMrsjgDRXNUL6IjWHTErj9G4bl13bwqBUy6LyCQoGOpME5qNA

skJ3HWdv99xJy4b1XjOw5qekIrYYXcslV3INDnV+V+jR/LuU+JuqTaZKL5fnIp5i

n6WDTK1EYQ7L1KnA4WlXL0cOy7xCnH2AjR5iV+gOX0mypJ0RbCYWMWfQC+1BxLVP

/wlljvTkIaZkiGkJPz3KUwIDAQABo4HpMIHmMB8GA1UdIwQYMBaAFGV1riJo592U

KxNo1SwYK4YYVaDFMA4GA1UdDwEB/wQEAwIFoDAhBgNVHREEGjAYghZyYXBpZC5x

YXJlZ3Jlc3Npb24ub3JnMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly90ZXN0LWNy

bC5nZW90cnVzdC5jb20vY3Jscy9wcmVwcm9kc3ViY2EzLmNybDAMBgNVHRMBAf8E

88

AjAAMB0GA1UdDgQWBBQDOAEoYLLChTqOW8wOPRiHwcgQMjAdBgNVHSUEFjAUBggr

BgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQEFBQADggEBAMBPQE2zs+68mvwQ

xWs5ajDPkDerr5IGWwAPx9n9YonnIydHuB5wqAN6tr34f8wT4hqwMhGO1JPZzEyF

I3flV4Ca5P14bpLC96G4O8/XDG0off2tDYf5OVQgbNP/s93mvMhSo3jAHN3Enpn0

iLDRXuc+UVFmiakLrANsVGKzMReBeWtk0tej6ONSC0Ds6PGrlzHSXcWHR9WD1dVF

+1vKnaS2pp4nXBQthh1wbvk8+VekrYRaPy/5h3/9hRHVb85rb8hbLWSBfN6oyLRw

KZnecg3wOB449Hfi072JKEgEViBkuYJLr94KQ8gTSEtDlGmSLGCZaGsrtgmNbyne

aNzofSA=


</dt_assoc>

</item>









</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

89

get_order_info

Description

Action & object

action = get_order_info


Usage

Queries the Trust Service order information.

Request parameters for get_order_info

Standard parameters

action = get_order_info


attributes

Attributes



order_id Required The ID of the order to query.

Response parameters for get_order_info

Standard parameters

action = reply





90

Attributes

Parameters within the attributes associative array for Trust Service orders are described below.


approver_email Returned for domain vetted certificates if is_success = true.

One of the approver emails.


The email contact from the order.

contact_set Returned if is_success = true

The current contact information for organization, admin, billing, and tech contacts.

csr Optional The Certificate Signing Request for the certificate.

domain Optional The full domain name for which the SSL Certificate was purchased.

notes_list Returned if is_success = true

Event logging for the Trust Service order.

For more information, see the Notes_list table below.


The ID of the Trust Service order.

period Returned if is_success = true

The number of years of the registration period. Allowed values are 1 – 4, depending on the Trust Service.

comodo_ev—1 to 2




comodo_ssl—1 to 4


malwarescan—1

91


quickssl—1 to 4


securesite—1 to 4





sitelock_basic—1



ssl123—1 to 4




truebizid—1 to 4



truste_hpp—1 to 3

truste_tps—1 to 3





price Returned if is_success = true

The price charged for the Trust Service.

product_id Returned if order is complete and is_success = true

The ID number of the Trust Service product.


The product type from the SSL Certificate inventory. The product types are detailed in the allowed values section for this key.

Allowed values are:

92


comodo_ev

comodo_instantssl

comodo_premiumssl


comodo_ssl

comodo_wildcard

malwarescan

quickssl

quickssl_premium

securesite

securesite_ev

securesite_pro

securesite_pro_ev

sgcsuper_certs

sitelock_basic

sitelock_premium

sitelock_enterprise

ssl123

sslwebserver


sslwebserver_ev

truebizid

truebizid_wildcard

truebizid_ev



trustwave_dv

trustwave_ev



reg_type Returned if is_success = true

Type of order, for example, new, renewal, transfer, upgrade.

93



Allowed values are:


Comodo

apache2

apacheapachessl

apacheopenssl

apacheraven

apachessl

apachessleay

c2net

cobaltseries

cobaltraq3

cobaltraq2

cpanel

domino

dominogo4626

dominogo4625

ensim

hsphere

iis

iis4

iis5

iplanet

ipswitch

netscape

ibmhttp

other

plesk

tomcat

weblogic

apachessl

citrix

domino

ensim

hsphere

iis4

iis6

iis7

iplanet

javawebserver

netscape ibmhttp

novell

oracle

other

plesk

redhat

sap

tomcat

webstar

whmcpanel

94



Comodo

website

webstar

webstar4

zeusv3


special_instructions Optional User defined instructions regarding the Trust Service certificate purchase.


The state of the order

Allowed values are:








supplier_order_id Returned if is_success = true

The ID number for the vendor.

95

Notes_list

Parameters within the notes_list associative array are described below.

Parameter name


date Optional The date that the note was created.

note Optional The text of the note.

type Optional The type of note. Allowed values are:

order_created

order_processed

order_cancelled

order_completed

order_resend_approve_email

money_held, money_unheld

money_charged, money_refunded

supplier_order_cancelled

supplier_appr_confirmed

supplier_appr_rejected

supplier_product_created

supplier_product_rejected

product_renewed, product_active

product_renewing, product_revoked

product_expired, product_updated

product_scan_requested

product_resend_cert_email

Examples for get_order_info

Request <?xml version='1.0' encoding='UTF-8' standalone='no'?>


<OPS_envelope>

96

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>get_order_info</item>



<dt_assoc>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

Response<?xml version='1.0' encoding='UTF-8' standalone='no' ?>


<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>




97





<dt_assoc>



<item key='notes_list'>

<dt_array>

<item key='0'>

<dt_assoc>

<item key='date'>2010-09-20T15:02:43.000-04:00</item>

<item key='type'>order_processed</item>

<item key='note'>Order id [780] has been processed, supplierOrderId is [141777].</item>

</dt_assoc>

</item>

<item key='1'>

<dt_assoc>


<item key='type'>order_created</item>

<item key='note'>Order id [780] has been created.</item>

</dt_assoc>

</item>

<item key='2'>

<dt_assoc>


<item key='type'>money_held</item>

<item key='note'>Money has been held for order id [780].</item>

</dt_assoc>

</item>

98

<item key='3'>

<dt_assoc>


<item key='type'>supplier_product_created</item>

<item key='note'>The supplier product has been created for order id [780].</item>

</dt_assoc>

</item>

<item key='4'>

<dt_assoc>


<item key='type'>money_charged</item>

<item key='note'>The money has been charged for order id [780].</item>

</dt_assoc>

</item>

<item key='5'>

<dt_assoc>


<item key='type'>order_completed</item>

<item key='note'>The order with the id [780] has been completed and product has been created with product id [194].</item>

</dt_assoc>

</item>

</dt_array>

</item>


<item key='state'>completed</item>

<item key='product_type'>truebizid</item>

<item key='domain'>truebiz.example.com</item>




99


</item>

<item key='csr'>-----BEGIN CERTIFICATE REQUEST----- MIIC2jCCAcICAQAwgZQxITAfBgNVBAMTGHRydWViaXoucWFyZWdyZXNzaW9uLm9y

ZzELMAkGA1UEBhMCQ0ExCzAJBgNVBAgTAk9OMRAwDgYDVQQHEwdUb3JvbnRvMQ8w

DQYDVQQKEwZUdWNvd3MxEDAOBgNVBAsTB1FBIERlcHQxIDAeBgkqhkiG9w0BCQEW

EXFhZml2ZUB0dWNvd3MuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC

AQEAo+4AzMq3JeXV5KlAD3BBOGdAOuJYBW3Bz1BooLPX4MGefxqzfVcR8KLGg5MS

PLqdiY4Sqc+/tK8qabpHttdbAZ1WBvgYmviMkhRjpSrbVjOca0CmydPCVsXu5nnE

HMEZODrzhpuHHIzrkclBpGAqEhf9v1g4OFt1sInVB0o8NpeT10aFyvX2HbtsJyfZ

S4RMsP+XjVWzWZ+8v2bH6gapJ0tzXvTKwXzhUzElvVqpldpzO0FgnJtHmfJ/EOs5

gntzVIxzP12ZKFf0dYYUj0OKWU+aQodlic2oVxETyWKCoX5W7jQgpTV/vAF7nQY8

Y9VtV6SE5yQRYPJutDTk2PouEwIDAQABoAAwDQYJKoZIhvcNAQEEBQADggEBAAUr

DUNxyrYpt3t9r0GCIiIDVyQdJvY4tQUFIEJdxcvRo2TUcrgiWPyntGc1OCtUFE9Z

2JX4BNEmFVN1jUdBzh6/0loAA36iGYWTSB6CPVe5+y+dcgbViWcNV4or7FOslzRH

/Eu0CquMGmGtSdaT/DNIrJvM2iGOtuhFBhFyru61YMoeaQLU12i5XvK7bR4wHrG6

8DwlwUdzBRqiaq32rM/ZF2KmMzfLFKug1Hubt3OBQHSKwXz3CR7hrJSzf1q3lF/w

HD47TC982HXaUuskI+E0LcuR/qprLkvAO6hKT60CP+V/yNwcBu79Zjeg1MsAmH/W

SzFmc1swYutlFBxmyLU= -----END CERTIFICATE REQUEST-----</item>

<item key='reg_type'>new</item>

<item key='price'>99.0</item>


<item key='supplier_order_id'>141777</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

100

get_product_info

Description

Action & object

action = get_product_info


Usage

Queries the properties of the specified Trust Service product.

Request parameters for get_product_info

Standard parameters

action = get_product_info


attributes

Attributes



all_info Optional If included and set to 1, the response includes the CSR and contact information. If the certificate was migrated from TPP, the response includes the TPP order ID and inventory ID.

inventory_item_id Optional; may be used for certificates that were migrated from TPP.


This value may be used in place of product_id.

product_id Required The Trust Service ID number.

Note: This value is not required for certificates that were migrated from TPP if inventory_item_id is submitted.

101

Response parameters for get_product_info

Standard parameters

action = reply





Attributes


Parameter name



The administrator email address.

csr Returned if is_success = true

Certificate Signing Request. The Trust Service provider uses this information to generate the certificate.




The date that the Trust Service certificate expires.

inventory_item_id Returned if is_success = true and cert was migrated from TPP


is_renewable Returned if is_success = true

Indicates whether the product is can be renewed at this time. Trust Service products can be renewed between 60 days before the expiry date and 15 days after expiry date.

Allowed values are:

• 0—Product cannot be renewed at this time.

102

Parameter name


• 1—Product can be renewed.


The date that the Trust Service certificate was issued.




The product type from the SSL Certificate inventory. The product types are detailed in the allowed values section for this key.

Allowed values are:

comodo_ev

comodo_instantssl

comodo_premiumssl


comodo_ssl

comodo_wildcard

malwarescan

quickssl

quickssl_premium

securesite

securesite_ev

securesite_pro

securesite_pro_ev

sgcsuper_certs

sitelock_basic

sitelock_premium

sitelock_enterprise

ssl123

sslwebserver

sslwebserver_ev


truebizid

truebizid_ev

103

Parameter name


truebizid_wildcard



trustwave_dv

trustwave_ev






The state of the product. Allowed values are:

expired

active

renewing

renewed

revoked

tpp_order_id Returned if cert was migrated from TPP and is_success = true

The order number that was used in the TPP system.

upgrade_options Returned if is_success = true and product_type = sitelock_basic or sitelock_premium

Indicates the product types to which the existing product could be upgraded.

Currently, this applies to Sitelock products only.

If product_type = sitelock_basic, values returned are sitelock_premium and sitelock_enterprise; if product_type = sitelock_premium, value returned is sitelock_enterprise.

104

Examples for get_product_info

Example 1

Retrieves the properties for a Trust Service product.



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>get_product_info</item>



<dt_assoc>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



105

<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>

<item key='product_type'>truebizid_wildcard</item>

<item key='issue_date'>2010-09-14-04:00</item>

<item key='domain'>*.example.com</item>



<item key='start_date'>2010-09-13-04:00</item>

<item key='expiry_date'>2010-09-22-04:00</item>

<item key='is_renewable'>0</item>

<item key='state'>expired</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

106

Example 2

Retrieves all information for a Trust Service product.


<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>





<dt_assoc>

<item key='all_info'>1</item>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


107

</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>

<item key='csr_data'>

<dt_assoc>


<item key='organization_unit'>QA Dept</item>

<item key='valid_true_domain'>1</item>


<item key='locality'>Santa Clara</item>


<item key='domain'>abc123.example.org</item>

<item key='valid_quick_domain'>1</item>

<item key='has_bad_extensions'>0</item>

<item key='organization'>Example Co.</item>

</dt_assoc>

</item>


<dt_array>

<item key='0'>

<dt_assoc>


108

<item key='type'>product_active</item>

<item key='note'>The product with the id [2071] has been created.</item>

</dt_assoc>

</item>

</dt_array>

</item>




<item key='domain'>trust.example.org</item>






<dt_assoc>

<item key='admin'>

<dt_assoc>














109

<item key='fax'>+1.4165550125</item>

</dt_assoc>

</item>

<item key='tech'>

<dt_assoc>

<item key='first_name'>Tim</item>

<item key='last_name'>Tucker</item>

<item key='title'/>










<item key='fax'>+1.4165550125</item>


</dt_assoc>

</item>

<item key='organization'>

<dt_assoc>

<item key='first_name'>Jim</item>

<item key='last_name'>Johnson</item>

<item key='title'>Director</item>






110






<item key='fax'>+1.4165550126</item>

</dt_assoc>

</item>

<item key='billing'>

<dt_assoc>

<item key='first_name'>Bill</item>

<item key='last_name'>Burton</item>

<item key='title'/>










<item key='fax'>+1.4165550136</item>


</dt_assoc>

</item>

</dt_assoc>

</item>

<item key='csr'>-----BEGIN CERTIFICATE REQUEST----- MIIC2TCCAcECAQAwgZMxIDAeBgNVBAMTF3NzbDEyMy5xYXJlZ3Jlc3Npb24ub3Jn MQswCQYDVQQGEwJDQTELMAkGA1UECBMCT04xEDAOBgNVBAcTB1Rvcm9udG8xDzAN BgNVBAoTBlR1Y293czEQMA4GA1UECxMHUUEgRGVwdDEgMB4GCSqGSIb3DQEJARYR cWFmaXZlQHR1Y293cy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDpKz48gJG4ImyJi76kH3AdDZoGNZCC8xgWBUDk4yNXPqe3NxJvZooZIoctP2o8

111

CX6+xoK8p6jMb9iIz7ZVC9LuoUmoYZZWdoatMUwaz3xIa4Fq7HeLtCE3misKMcZq +QomhLFv2yMSgyzWWitHdW5oVDuT83Xs8FTZG33rI8gut1J9+5fhJV4WKuncfLwM xMrj+5iWm+KwoE86dTarGAPwYhC2FepcblszVbz87Dp1clTJLaN4potMES83RHo1 teHHmJAilNzy2PfRoylbzlQ38x1n10wbhqjMcoDYk6CSB40PlduqbsMjpkOClwu4 H92c2Hmo3bqRGWM2K5SXkj29AgMBAAGgADANBgkqhkiG9w0BAQQFAAOCAQEAKUh6 WH4WtC/LtlJhj+p5i3sLEG/L//8DQh30eOxwMxrSGGZUGTfLBT4RaeDA5JEIF5pK v4MxvDw1+NExMQW3h/9eVWXpGGjvC2EoLgya3ri3OJlQNOyqSzOvNunk0EPaWoO+ v9o2yKdH88e7NQZp8Pw5jhE9RV9u3+mNw2sztqpzcXYDXW3kKI2UiIP3eur2/iiH nSAIRl5NfUPgAzCem/zpM1lc3s+EVKysn2wF4bwOkNyYPo4DmgHCb7ggSQyhh5vN UAoDkyqu2ZScDZTyDG7YOdobMqwbsCT5er5Bq+NWOZyUE+3zO/1VQpznJehaGLrQ N7UAJliUAO+SFFGdxQ== -----END CERTIFICATE REQUEST-----</item>

<item key='upgrade_options'>sitelock_enterprise</item>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

Example 3

Retrieves all information for a Trust Service product that was migrated from the TPP system.


<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>




112


<dt_assoc>

<item key='all_info'>1</item>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>

<item key='tpp_order_id'>9997602</item>


<dt_assoc>

113


<item key='organization_unit'>QA Dept</item>





<item key='domain'>renewtest.example.org</item>



<item key='organization'>Example Co.</item>

</dt_assoc>

</item>


<dt_array>

<item key='0'>

<dt_assoc>


<item key='type'>product_active</item>

<item key='note'>The product with the id [2076] has been created.</item>

</dt_assoc>

</item>

<item key='1'>

<dt_assoc>


<item key='type'>product_renewing</item>

<item key='note'>The product with the id [2076] is in the process

of being renewed.</item>

</dt_assoc>

</item>

<item key='2'>

114

<dt_assoc>


<item key='type'>product_renewed</item>

<item key='note'>The product with the id [2076] has been renewed.</item>

</dt_assoc>

</item>

</dt_array>

</item>


<item key='inventory_item_id'>8887602</item>

<item key='state'>renewed</item>


<item key='domain'>renewtest.example.org</item>






<dt_assoc>

<item key='admin'>

<dt_assoc>











115



<item key='fax'>+1.4165550125</item>


</dt_assoc>

</item>

<item key='tech'>

<dt_assoc>

<item key='first_name'>Ted</item>

<item key='last_name'>Tucker</item>

<item key='title'/>










<item key='fax'>+1.4165550125</item>


</dt_assoc>

</item>

<item key='organization'>

<dt_assoc>

<item key='first_name'>Jim</item>

<item key='last_name'>Johnson</item>

<item key='title'>Director</item>



116









<item key='fax'>+1.4165550126</item>

</dt_assoc>

</item>

<item key='billing'>

<dt_assoc>

<item key='first_name'>Bill</item>

<item key='last_name'>Burton</item>

<item key='title'/>










<item key='fax'>+1.4165550136</item>


</dt_assoc>

</item>

</dt_assoc>

</item>

117

<item key='csr'>-----BEGIN CERTIFICATE REQUEST----- MIIC3DCCAcQCAQAwgZYxIzAhBgNVBAMTGnJlbmV3dGVzdC5xYXJlZ3Jlc3Npb24ub3JnMQswCQYDVQQGEwJDQTELMAkGA1UECBMCT04xEDAOBgNVBAcTB1Rvcm9udG8x DzANBgNVBAoTBlR1Y293czEQMA4GA1UECxMHUUEgRGVwdDEgMB4GCSqGSIb3DQEJARYRcWFmaXZlQHR1Y293cy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDS7+XQflaRIXlWlRv9MRwa5vidu4uKciZdthDVkWo50lYPVZcwSY1v5bhTwIGpGna22ak3snH+GDcYKqy9umY0cVbJRM16jsWNiVc4xgylR6JD/rGxG7DVlUu/ qJK1T8tl09PGLz9yRWnLSb9BbZ85tRgq1+up57/O4zXNgznRZhxibr5mgb4w/5yWga/elUat6GJNLsbvZo+k516JgCk2trudH9+tr72454T8ZR5fbdw23GruqvQGilUY UsKe1Uywv8vgml1AIGTPctPwfxcFhRPMdWbZ/YmmaxNvd1/DBXZKL8F0wh672aGNEx5DXTkso2tVPwpadgyLJFqMaHdzAgMBAAGgADANBgkqhkiG9w0BAQQFAAOCAQEA YYLY/3lGaxxxQASKwm4mUY4QAytqp24A0/i1OSOJNG86OOR8ws7VtFSGKa2B//gx6y2KAI6zomWL4Zpl4DcD8ttckv343DqFwjzJWn5P5/uLBg1z1QVJfVXAyWOt7PQb qx3EfaiVMgoHYCyQgXx50/iKg1w+k2Q2PUGPVJQFTBdXKBn5eaRJJW2JNJVhaNok9peAgsEadXTUGMrKpU0iaExWTvHBN3v9jjF1tow/hhbUqBGk80OVb2MGsa5Rp5aP WG8wWgI67EYcDe2IKvRfoPfzKw6WsLHq2GHp+qqJjXAUB4TBP3/cb3nIrAA8+h9lR3UCZ0LyB0rQM7pkk0t9Jw== -----END CERTIFICATE REQUEST-----</item>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

118

get_products

Description

Action & object

action = get_products


Usage

Returns a list of the Trust Service products whose expiry dates are within a specific date range.

Request parameters for get_products

Standard parametersaction = get_productsobject = trust_service

attributes

Attributes


Parameter name

ObligationDefinition/Value

max_expiry_date Required Used in conjunction with min_expiry_date attribute. The latest expiry date to use to generate a list of Trust Service products.

Date must be in the format YYYY-MM-DD.

min_expiry_date Required Used in conjunction with max_expiry_date attribute. The earliest expiry date to use to generate a list of Trust Service products.

Date must be in the format YYYY-MM-DD.

state Optional The state of the Trust Service products that you want returned. Allowed values are:

• activated

• active

• expired

• renewed

119

Parameter name

ObligationDefinition/Value

• revoked

• upgraded

Response parameters for get_products






Attributes


Parameter name


product_list Returned if is_success = true

An array that lists the products whose expiry dates are within a specific date range.

For more information, see the product_list table below.

product_list

Parameters within the product_list associative array are described below.

Parameter name



The email contact from the order.


The domain or hostname to which the Trust Service applies.

120

Parameter name



The date that the Trust Service product expires.

is_renewable Returned if is_success = true

Indicates whether the product is can be renewed at this time. Trust Service products can be renewed between 60 days before the expiry date and 15 days after expiry date.

Allowed values are:

• 0—Product cannot be renewed at this time.

• 1—Product can be renewed.


The date that the Trust Service product was issued.


The ID number of the Trust Service product


The product type from the SSL Certificate inventory.

Allowed values are:

comodo_ev

comodo_instantssl

comodo_premiumssl


comodo_ssl

comodo_wildcard

malwarescan

quickssl

quickssl_premium

securesite

securesite_ev

securesite_pro

securesite_pro_ev

sgcsuper_certs

sitelock_basic

121

Parameter name


sitelock_premium

sitelock_enterprise

ssl123

sslwebserver

sslwebserver_ev


truebizid

truebizid_ev

truebizid_wildcard



trustwave_dv

trustwave_ev






The state of the Trust Service product.

Allowed values are:

• approver-confirmed—Owner has confirmed the domain vetted certificate.

• awaiting-approval—Order processed successfully; waiting for supplier approval.

• cancelled —Pending order was cancelled.

• completed—Order is complete.

• declined—Order cancelled after it was processed or declined by the supplier.

• in-progress—Order is in progress.

• pending—Order saved as pending.

122

Examples for get_products



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>get_products</item>



<dt_assoc>

<item key='min_expiry_date'>2012-04-23</item>


<item key='max_expiry_date'>2012-09-22</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>

123


</header>

<body>

<data_block>

<dt_assoc>







<dt_assoc>

<item key='product_list'>

<dt_array>

<item key='0'>

<dt_assoc>










</dt_assoc>

</item>

<item key='1'>

<dt_assoc>

124



<item key='product_type'>securesite_pro</item>


<item key='domain'>example.net</item>





</dt_assoc>

</item>

</dt_array>

</item>

</dt_assoc>

</item>


</dt_assoc>

</data_block>

</body>

</OPS_envelope>

125

parse csr

Description

Action & object

action = parse_csr


Usage

Parses the CSR and identifies its data elements.

Request parameters for parse_csr

Standard parametersaction = parse_csr

object = trust_serviceattributes

Attributes


Parameter name


csr Required A Certificate Signing Request for the required SSL Certificate.



Allowed values are:

comodo_ev

comodo_instantssl

comodo_premiumssl


quickssl

quickssl_premium

126

Parameter name


securesite

securesite_ev

securesite_pro

securesite_pro_ev

sgcsuper_certs

ssl123

sslwebserver

sslwebserver_ev


truebizid

truebizid_ev

truebizid_wildcard

trustwave_dv

trustwave_ev



Response parameters for parse_csr





127

Attributes


Parameter name


csr_data Returned if is_success = true

A list of the data elements of the CSR. For more information, see the csr_data table.

csr_data

Parameters within the csr_data associative array are described below.


country Required The country specified in the CSR.

domain Required The domain specified in the CSR.

email Required The email address specified in the CSR.

has_bad_extensions Required Indicates whether the CSR contains any unsupported extensions.

Allowed values are:

0—the CSR can be used.

1—re-generate the CSR without the unsupported extensions.

locality Required The city specified in the CSR.

organization Required The organization specified in the CSR.

organization_unit Required The organization unit specified in the CSR.

state Required The state specified in the CSR.

valid_quick_domain Required for QuickSSL Certificates only

Indicates whether the CSR is valid for QuickSSL certificates.

Allowed values are:

0—No

1—Yes

128


valid_true_domain Required for True BusinessID Certificates only

Indicates whether the CSR is valid for True BusinessID certificates.

Allowed values:

0—No

1—Yes

Examples for parse_csr

Request<?xml version='1.0' encoding='UTF-8' standalone='no' ?>


<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>parse_csr</item>



<dt_assoc>


<item key='csr'>-----BEGIN CERTIFICATE REQUEST----- MIIBqTCCARICAQAwaTELMAkGA1UEBhMCQ0ExCzAJBgNVBAgTAm9uMRAwDgYDVQQH

Ewd0b3JvbnRvMQ8wDQYDVQQKEwZ0dWNvd3MxCzAJBgNVBAsTAnFhMR0wGwYDVQQD

ExR3d3cucWFyZWdyZXNzaW9uLm9yZzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC

gYEAz+hbqqnE5BSW0THf7txxsJxF8Vtca2uL52iutI1SRTm9J6NNtAjgMbL9upOm

SFnObpWKriUIlvxKrecygGWkjiMeyU/F6auAS9/vwDdxYEVT2szK+Q2At1FgU433

Pds53v2J/vyB6SL+k/w54H2gF4ORpU1hjUggo7fM353TeeMCAwEAAaAAMA0GCSqG

129

SIb3DQEBBAUAA4GBAIYvVThVeocN7N7HbsO/au9AXnx6LULQ5LMDWx6FlyBB5g9h

5HYZa6xieYCYDxYIsjLjR3qx1BWl9+0kSL2MW4EdDPzbcrZvHAtrw2/hPrm9EGA3

2w3a26W79N3clCkrahnpcNFLFyzU3CtZASJ+VuixGXTEkdiBAliqtGp+QBhf -----END

CERTIFICATE REQUEST-----</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>


<dt_assoc>


130

<item key='organization_unit'>qa</item>




<item key='email'/>

<item key='domain'>www.example.com</item>



<item key='organization'>Example Inc.</item>

</dt_assoc>

</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

131

process_pending

Description

Action & object

action = process_pending


Usage

Processes pending Trust Service orders; also applicable to any order that is declined. The order is cancelled and a new order is created. Can also be used to process cancelled orders, provided the cancelled order was a new order.

Request parameters for process_pending

Standard parametersaction = process_pending


Attributes


Parameter name


order_id Required The ID of the order to be processed.

Response parameters for process_pending



132



Attributes


Parameter name





The ID of the order.





supplier_order_id

Returned if is_success = true

The ID number for the vendor.

Examples for process_pending



<OPS_envelope>

<header>


<msg_id>2.21765911726198</msg_id>

<msg_type>standard</msg_type>

</header>

<body>

133

<data_block>

<dt_assoc>


<item key="action">process_pending</item>



<dt_assoc>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








134

<dt_assoc>



<item key="supplier_order_id">219</item>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

135

query_approver_list

Description

Action & object

action = query_approver_list


Usage

Queries the list of approvers for the Trust Service that is associated with the specified domain.

Note: This command is currently not supported for Trustwave certificates.

Request parameters for query_approver_list

Standard parametersaction = query_approver_list


Attributes


Parameter name


domain Required The domain to which the Trust Service approver list belongs.


Allowed values are:

comodo_ev

comodo_instantssl

comodo_premiumssl


quickssl

quickssl_premium

136

Parameter name


securesite

securesite_pro

securesite_ev

securesite_pro_ev

sgcsuper_certs

ssl123

sslwebserver

sslwebserver_ev


truebizid

truebizid_wildcard

truebizid_ev

Response parameters for query_approver_list






Attributes


Parameter name


approver_list Returned if is_success = true

The list of approvers and their properties. For more information, see the approver_list table.

137

Approver_list

Parameters within the approver_list associative array are described below.

Parameter name


domain Always returned

The domain to which the Trust Service applies.

email Always returned

Trust Service approver email address.

type Always returned

Trust Service approver type. Allowed values are:

generic—Generated by pre-pending predefined list of prefixes to the domain name. Prefixes include admin, administrator, hostmaster, root, webmaster, postmaster, and support.

manual—A list of support addresses taken from WHOIS.

Examples for query_approver_list



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>query_approver_list</item>



138

<dt_assoc>



</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>

<item key='approver_list'>

<dt_array>

<item key='0'>

<dt_assoc>

139



<item key='type'>MANUAL</item>

</dt_assoc>

</item>

<item key='1'>

<dt_assoc>




</dt_assoc>

</item>

<item key='2'>

<dt_assoc>



<item key='type'>GENERIC</item>

</dt_assoc>

</item>

<item key='3'>

<dt_assoc>




</dt_assoc>

</item>

<item key='4'>

<dt_assoc>




140

</dt_assoc>

</item>

<item key='5'>

<dt_assoc>




</dt_assoc>

</item>

<item key='6'>

<dt_assoc>




</dt_assoc>

</item>

<item key='7'>

<dt_assoc>




</dt_assoc>

</item>

<item key='8'>

<dt_assoc>




</dt_assoc>

</item>

</dt_array>

141

</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

142

request_on_demand_scan

Description

Action & object

action = request_on_demand_scan


Usage

If you have a Symantec or SiteLock seal, or the GeoTrust Web Site Anti-Malware Scan product, and you have corrected a malware issue on your site, you can ask the Trust Service provider to rescan your system immediately and reinstate the seal.

Note: You can only request a scan if the Trust Seal order is complete.

Request parameters for request_on_demand_scan

Standard parameters

action = request_on_demand_scan


attributes

Attributes


Note: You must specify at least one of these parameters.




143

Response parameters for request_on_demand_scan






Attributes




The Trust Service product ID number.

Examples for request_on_demand_scan

Example 1

This example requests a scan for a site by submitting the product ID.



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>

144


<item key='action'>request_on_demand_scan</item>



<dt_assoc>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>


145

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

Example 2

This example requests a scan for a site by submitting the order ID.



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>request_on_demand_scan</item>


<item key='action'>REQUEST_ON_DEMAND_SCAN</item>

<attributes>


</attributes>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

146



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

147

resend_approve_email

Description

Action & object

action = resend_approve_email


Usage

Resends the Approver email.

Note: This command is not supported for SiteLock products or for Comodo EV SSL certificates or for Trustwave Premium EV, Premium SSL and Premium SSL Wildcard certificates, or the GeoTrust Web Site Anti-Malware Scan product. For TRUSTe products, this command resends the confirmation email after the order is submitted.

Request parameters for resend_approve_email

Standard parametersaction = resend_approve_emailobject = trust_service

attributes

Attributes


Parameter name


order_id Required The ID number of the Trust Service order.

148

Response parameters for resend_approve_email

Standard parameters

action = reply





Attributes


Parameter name




Examples for resend_approve_email



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>resend_approve_email</item>

149



<dt_assoc>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>


</dt_assoc>

</item>

150

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

151

resend_cert_email

Description

Action & object

action = resend_cert_email


Usage

Resends the certificate email.

In order to request the SSL Certificate email, the order must be completed.

Note: This command is not supported for SiteLock or Comodo certs, or the GeoTrust Web Site Anti-Malware Scan product. For TRUSTe products, this command resends the fulfillment email after the order is completed.

Request parameters for resend_cert_email

Standard parameters

action = resend_cert_email


attributes

Attributes


Parameter name


order_id Required The ID number of the Trust Service order.

152

Response parameters for resend_cert_email






Attributes





Examples for resend_cert_email



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>resend_cert_email</item>


153


<dt_assoc>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>


</dt_assoc>

</item>

</dt_assoc>

154

</data_block>

</body>

</OPS_envelope>

155

update_order

Description

Action & object

action = update_order


Usage

Submits a Trust Service order update to the OpenSRS system.

When updating existing trust service orders, the general rules are:

Include the parameters and values that you want to change. To remove a remove a value, submit the parameter with an empty value. Omit any parameters that you do not want to change.

Note: This command can only be used on pending orders.

Important: If you are using this command to add or change the additional domains for a SAN certificate order, you must specify all of the domains that will be secured by the certificate. The additional_domains list specified in this command overwrites the additional_domains list in the original order.

Request parameters for update_order

Standard parametersaction = update_orderobject = trust_service

attributes

156

Attributes


Parameter name


additional_domains

Optional. May be used for SAN certificates.

The list of additional domains or other entities (other than the primary domain) that will be secured by the SSL certificate.

This list overwrites the previous list in the order, so be sure to specify all of the domains that you want to secure with this certificate. For more information, see “Request parameters for sw_register (trust_service)”

approver_email Optional The email of one of the individuals who can approve the Trust Service order. The Trust Service provider sends the approver email to the address that you specify.

contact_set Optional The SSL Certificate contact information.

Most products require: admin, billing and tech contacts.

All organization vetted certificates require an organization contact.

For admin, tech, and billing contacts for thawte, Symantec, and all EV certificates, title is required.

For more information, see Contact Set.

csr Optional The certificate signing request for the required certificate. The Trust Service provider uses this information to generate the certificate.


end_user_auth_info

Optional - used only for SiteLock and TRUSTe

Specify the username and password that the end user will use to log in to the Domain Admin interface where they can manage their account. The login credentials will be sent to the specified email_address. If you resend the Domain Admin login information (through the Control Panel), this is the address to which the Domain

157

Parameter name


Admin login credentials are sent.

Please note the following conditions:

• If you specify username and password and the user already exists, the command will fail.

• If you specify username but not password, and the user does not already exist, the user credentials cannot be created and the command will fail.

• If you specify username but not password, and the user already exists, the service will be associated with the existing end user profile.

If you want to associate the Trust Service product with an existing account, you only need to include the username value.

For more information see the End user auth info table below.

order_id Required The ID of the Trust Service order.

period Optional The number of years of the registration period. Allowed values are 1 – 4, depending on the Trust Service that is ordered.

comodo_ev—1 to 2




comodo_ssl—1 to 4


malwarescan—1

quickssl—1 to 4


securesite—1 to 4





158

Parameter name


sitelock_basic—1



ssl123—1 to 4




truebizid—1 to 4



truste_hpp—1 to 3

truste_tps—1 to 3





product_type Optional The product type from the SSL Certificate inventory. The product types are detailed in the allowed values section for this key.

Allowed values are:

comodo_ev

comodo_instantssl

comodo_premiumssl


comodo_ssl

comodo_wildcard

malwarescan

quickssl

quickssl_premium

securesite

securesite_ev

securesite_pro

securesite_pro_ev

159

Parameter name


sgcsuper_certs

sitelock_basic

sitelock_premium

sitelock_enterprise

ssl123

sslwebserver

sslwebserver_ev


truebizid

truebizid_ev

truebizid_wildcard



trustwave_dv

trustwave_ev



reg_type Optional The type of registration being requested:

• new = submit a new or Trust Service order.

• renew = renew a Trust Service offering.

• upgrade = Upgrade a SiteLock Basic or Premium SSL certificate to a higher level certificate. When you upgrade, the product_type changes, you are charged the price for a one year term at the new level, and the new expiry date is one year from the date of the upgrade. Note: This feature is currently available only for SiteLock certificates.

160

Parameter name


server_count Required when product_type = securesite*, ssl123, sgcsuper_certs, sslwebserver, sslwebserver_wildcard, sslwebserver_ev, comodo_premiumssl_wildcard, comodo_wildcard

The number of servers on which the Trust Service product will be installed.


Allowed values are:


Comodo

apache2

apacheapachessl

apacheopenssl

apacheraven

apachessl

apachessleay

c2net

cobaltseries

cobaltraq3

cobaltraq2

cpanel

domino

dominogo4626

dominogo4625

ensim

hsphere

apachessl

citrix

domino

ensim

hsphere

iis4

iis6

iis7

iplanet

javawebserver

netscape

ibmhttp

novell

oracle

other

plesk

161

Parameter name



Comodo

iis

iis4

iis5

iplanet

ipswitch

netscape

ibmhttp

other

plesk

tomcat

weblogic

website

webstar

webstar4

zeusv3

redhat

sap

tomcat

webstar

whmcpanel


special_instructions Optional Any special instructions regarding the Trust Service purchase.

End_user_auth_info

Parameters within the end_user_auth_info associative array are described below.

Parameter name


email_address Optional - used only for SiteLock and TRUSTe to send Domain Admin credentials

Specify the email address to which you want to send the login credentials (username and password) for Domain Admin.

Note: If you want to associate the Trust Service product with an existing account, only username is required.

162

Parameter name


password Optional - used only for SiteLock and TRUSTe to create Domain Admin credentials

The password must be at least eight characters.

username Optional - used only for SiteLock and TRUSTe to create Domain Admin credentials

The username must be at least six characters.

Response parameters for update_order






Attributes








The state of the order. Allowed values are


awaiting-approval—Order processed successfully; waiting for

163


supplier approval.






Examples for update_order

Example 1

This example changes the information associated with an order, but does not change it's processing state.



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>update_order</item>



<dt_assoc>


<item key='special_instructions'></item>

164


<item key='csr'>-----BEGIN CERTIFICATE REQUEST----- MIIC3DCCAcQCAQAwgZYxJTAjBgNVBAMTHHVwZGF0ZW9yZGVyLnFhcmVncmVzc2lv

bi5vcmcxCzAJBgNVBAYTAkNBMQswCQYDVQQIEwJPTjEQMA4GA1UEBxMHVG9yb250

bzENMAsGA1UEChMEVGVzdDEQMA4GA1UECxMHUUEgRGVwdDEgMB4GCSqGSIb3DQEJ

ARYRcWFmaXZlQHR1Y293cy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK

AoIBAQDkMouJLDenKrVS9FdcmdY3BHrJ9iS5o8TbNSAKf2loYF1afa6tJyxO6bCj

Mk6WegE+Yugb42ONAgz0zhJq5bNTuWb9FvBZLEuN/jUBR/iVdTlf//W/BPoE2CmK

lbgskzFooQ7v3SSAoYl3TjwfN8iPWwni/yLDMJYJekxcZtsro7vugtl2HZDRhxLy

B0WB0y8Kx3lh1c7xC9CbXfqjJf+j1sKiGEh+cy1H71VdcakleoG+Tll8qvtWreEf

pZYczmeyn1pPZfbDzVw9AR9x1Yohrwaah1KNZoMIp0taVTkMe/NNEdMP2Rm7Y8ak

Eof49VBrRfDGkW135EYYJCHxBvXJAgMBAAGgADANBgkqhkiG9w0BAQQFAAOCAQEA

nQHOcqylM/b7NUqFuoWRG9R1GP6/gjixHqyyV4fe2c66HlBHcKR1Tm88cpT8mfu2

oE2Hw55DVUtkrBfNdVZqVXEK8yfiuF2EKuVk+34anCwwIQOg4o6Oy3xBU1oIKpqX

1x0Z7HZJ097DK6uwUqFsviEWyxrNCfJ3DYU5TfrZtnzIdOB6ztI3wBv1IYZyYzk/

zU65N4MDv64yUazmqjZKgxvl4THhWeFVPPy+4dk8k8dkuPkcqhdxeJVwntG7tQIw

utv8IShy2ckHVC0URV1RHbr660ygD/fAE3hGjzPbdgwu1DLlC5ANlpSfgeJc3feK

sqC2b/EfPHfdbtu6+eJgGw== -----END CERTIFICATE REQUEST-----</item>




</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

165

<header>


</header>

<body>

<data_block>

<dt_assoc>








<dt_assoc>

<item key='domain'>updateorder.example.com</item>


<item key='state'>pending</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

Example 2

This example creates login credentials for Domain Admin and changes the processing instruction for the order from save to process.



<OPS_envelope>

<header>


166

</header>

<body>

<data_block>

<dt_assoc>





<dt_assoc>




<item key='end_user_auth_info'>

<dt_assoc>

<item key='email_address'>[email protected]</item>

<item key='username'>customer111</item>

<item key='password'>changeit</item>

</dt_assoc>

</item>

</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

167

<body>

<data_block>

<dt_assoc>








<dt_assoc>

<item key='domain'>example.ca</item>



</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

Example 3

This example updates the list of domains that are secured by the Trust Service product.



<OPS_envelope>

<header>


</header>

<body>

168

<data_block>

<dt_assoc>





<dt_assoc>

<item key='additional_domains'>

<dt_array>

<item key='0'>upadditional1.example.org</item>





</dt_array>

</item>

<item key='handle'>save</item>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

169

<body>

<data_block>

<dt_assoc>







<dt_assoc>



<item key='state'>pending</item>

</dt_assoc>

</item>


</dt_assoc>

</data_block>

</body>

</OPS_envelope>

170

update_product

Description

Action & object

action = update_product


Usage

Updates the Trust Service product . Also used to enable or disable the Symantec Trust Seal and/or the Symantec Search-in-Seal.

Note: In order to enable the Symantec Search-in-Seal, Trust Seal must be enabled.

Request parameters for update_product

Standard parametersaction = update_productobject = trust_service

attributes

Attributes


Parameter name


contact_email Optional The email address for the new Trust Service contact.

let_expire Optional Specifies whether renewal reminder email messages will be sent for the Trust Service product. This parameter may be used for any active Trust Service product.

Allowed values are:

• 0—Send renewal reminder emails when the certificate is approaching its expiry date. This is the default.

• 1—Do not send any renewal reminder emails.

171

Parameter name


product_id Required The ID number for the Trust Service.

seal_in_search Optional Specifies whether to enable the Symantec Seal-in-Search which displays the Symantec seal next to the link for your web site in online search results. Allowed values are:

0—Do not enable Symantec's Seal-in-Search.

1—Enable Symantec's Seal-in-Search

Important: If you submit this parameter, you must also submit the trust_seal parameter with the value equal to 1.

trust_seal Optional Specifies whether to enable the Symantec Trust Seal on your website. Allowed values are:

0—Do not enable Symantec's Trust Seal.

1—Enable Symantec's Trust Seal.

Response parameters for update_product






Attributes


Parameter name


contact_email Optional The email address for the new Trust Service contact.

let_expire Optional Indicates whether renewal reminder email messages will be sent for the Trust Service product.

172

Parameter name


Allowed values are: • 0—Send renewal reminder emails when the

certificate is approaching its expiry date. This is the default.

• 1—Do not send any renewal reminder emails.



seal_in_search Optional The status of the Symantec Seal-in-Search. Allowed values are:

0—Not enabled.

1—Enabled.

trust_seal Optional The status of the Symantec Trust Seal. Allowed values are:

0—Not enabled.

1—Enabled.

Examples for update_product

Request <?xml version='1.0' encoding='UTF-8' standalone='no' ?>


<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>


<item key='action'>update_product</item>

173



<dt_assoc>




<item key='let_expire'>1</item>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>



<OPS_envelope>

<header>


</header>

<body>

<data_block>

<dt_assoc>








174

<dt_assoc>




<item key='let_expire'>1</item>


</dt_assoc>

</item>

</dt_assoc>

</data_block>

</body>

</OPS_envelope>

175

mailto:[email protected]

Revisions

September 20, 2012

• You can now secure more than one domain under a single SSL certicate for these products:◦ GeoTrust Quick—SSL Premium (subdomains only), TrueBusiness ID

EV, and TrueBusiness ID◦ Symantec—Secure Site EV, Secure Site Pro EV, Secure Site Pro, and

Secure Site◦ Thawte—SGC Super Certs, SSL Web Server EV, and SSL Web Server

Certificate• You can now use the update_product command to specify whether or not

renewal reminder emails are sent when a Trust Service product is approaching its expiry date.

• You can now use the update_order command to add or change the additional domains in a Trust Service order.

• Added information about the get_products command, which returns a list of the Trust Service products whose expiry dates are within a specific date range.

• Incremented version to 4.0.8.

May 15, 2012

• Added information about the get_cert command, which returns the certificate for the specified Trust Service product as well as associated product information.


April 17, 2012• As of April 17, 2012, you can use the OpenSRS API to renew and manage

SSL certificates that were ordered through the TPP API. All SSL orders that were placed through the TPP system will be migrated to the OpenSRS API by April 20, after which all purchasing and management of OpenSRS Trust products must be done through the OpenSRS API or the OpenSRS Control Panel as the TPP API and the RWI2 are decommissioned.

• The get_product_info command now includes two additional request parameters - all_info and inventory_item_id - that facilitate searches of products that were migrated from TPP. For products that were migrated from TPP, the command result includes the following parameters: tpp_order_id and inventory_item_id.

176

• The sw_register command now includes the new parameter base_order_id, which allows you to create a new order based on a previous order.

• The maximum registration period for Trust Service products is now four years.

• VeriSign Trust Service products are now called Symantec Trust Service products.


November 15, 2011• Free 30 day trials are available for the following Trust Service products:

• GeoTrust—True BusinessID with EV• TRUSTe—Hosted Privacy Policy (HPP) and Privacy Policy with Seal

(TPS)• VeriSign—SecureSite, Secure Site Pro, Secure Site with EV, and

Secure Site Pro with EV• Incremented version to 3.9.5.

October 20, 2011• Added the following Trust Service product: GeoTrust Web Site Anti-

Malware Scan.• You can now specify the email address to which the Domain Admin

credentials are sent for SiteLock and TRUSTe products.• Incremented version to 3.9.4.

October 6, 2011• Added the following Trust Service products:

• Comodo SSL• Comodo SSL Wildcard

• At any time during the current term, you can now upgrade SiteLock SSL certificates to a higher level SiteLock certificate.


September 13, 2011 Added the following Trust Service products:

SiteLock Basic SiteLock Premium SiteLock SMB Enterprise Secure TRUSTe HPP (Hosted Privacy Policy)

177

TRUSTe TPS (TRUSTe Privacy Policy with seal) Incremented version to 3.9.

April 1, 2011 Added information about the process_pending command.

March 15, 2011 Added the following Trust Service products:

Comodo EV (Extended Validation) SSL Comodo Instant SSL Comodo Premium SSL Comodo Premium SSL Wildcard Trustwave DV (Domain Vetted) SSL Certificate Trustwave Premium EV (Extended Validation) SSL Trustwave Premium SSL Trustwave Premium SSL Wildcard

Incremented version to 3.7.

November 30, 2010 The query_approver_list and parse_csr commands now require the

product_type parameter.

178

OpenSRS Trust Service API Command Reference · Step 1 – Use the parse_csr command to parse the...

Documents

Transcript of OpenSRS Trust Service API Command Reference · Step 1 – Use the parse_csr command to parse the...