GET DTA Cert
The GET /dta_cert method is used to return certificates observed by CipherInsights and/or loaded from trust stores. This method returns HTTP 200 OK on a success with the requested records.
Table 10: GET DTA Cert Input Parameters
| Name | In | Description |
|---|---|---|
| columns | query |
An array of strings indicating the columns to return. For example: columns=certIssuerAsn1s&columns=certCommonName&columns=certAltNames&columns=certNotValidAfterEpochSecs&columns=certPublicKeyAlgo
|
| filter | query |
A string indicating a query to limit the results. The default is to return all records. For example (regular expression indicating DNS SAN list contains a domain): certTxt ~* 'DNS:\s*([^.]+\.)*keyexample\.com'
Or, URL encoded: certTxt%20~*%20%27DNS%3A%5Cs%2A%28%5B%5E.%5D%2B%5C.%29%2Akeyexample%5C.com%27
Tip: The filter option on the evidence page when configured with the Cert API Selector can be used to test and build filters for use with the API (see Filtering).
|
| sorts | query |
An array of strings indicating one or more sort keys and whether the sort should be ascending (asc) or descending (desc). The order is required if a sort key is specified. For example (URL encoded): sorts=certPublicKeyAlgo%20desc
|
| offset | query | An integer that specifies how many multiples of the limit to skip and offset by before returning results, to enable paging. |
| limit | query | An integer that specifies how many results to return per page. Very large values can result in long processing time. |
| reportFilteredCount | query |
A Boolean indicating whether to return the total count of rows after the filter is applied (true) or not (false). The default is false. Note: This parameter is ignored when requesting a text/csv response (see Common Request Headers).
|
| reportTotalCount | query |
A Boolean indicating whether to return the total count of rows before the filter is applied (true) or not (false). The default is false. Note: This parameter is ignored when requesting a text/csv response (see Common Request Headers).
|
Table 11: GET DTA Cert Response Data
| Name | Description |
|---|---|
| rows | An array of objects containing the requested records. |
| filteredCount | An integer indicating the total count of rows after the filter was applied, if reportFilteredCount was true. |
| totalCount | An integer indicating the total count of rows before the filter was applied, if reportTotalCount was true. |
The Domain Name System is a service that translates names into IP addresses. SAN The subject alternative name (SAN) is an extension to the X.509 specification that allows you to specify additional values when enrolling for a digital certificate. A variety of SAN formats are supported, with DNS name being the most common. has the referenced domain:
API_KEY='<YOUR-API-KEY>'
HUB='https://<YOUR-HUB-SERVER>'
curl -sS -G "$HUB/api/v1/dta_cert" \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H "x-api-key: $API_KEY" \
--data-urlencode 'columns=certIssuerAsn1s' \
--data-urlencode 'columns=certCommonName' \
--data-urlencode 'columns=certAltNames' \
--data-urlencode 'columns=certNotValidAfterEpochSecs' \
--data-urlencode 'columns=certPublicKeyAlgo' \
--data-urlencode 'sorts=certPublicKeyAlgo desc' \
--data-urlencode 'reportTotalCount=false' \
--data-urlencode 'reportFilteredCount=false' \
--data-urlencode 'limit=20' \
--data-urlencode "filter=certTxt ~* 'DNS:\s*([^.]+\.)*keyexample\.com'"Was this page helpful? Provide Feedback