SSL Checker API - Verify and Monitor SSL Certificate Chains
The SSL Checker API allows you to quickly verify SSL certificate chains, check expiration dates, and access detailed issuer information. With this API, you can ensure your SSL certificates are always valid, secure, and fully compliant. Easily perform a domain certificate lookup to retrieve comprehensive details about SSL certificates, including their validity, issuer information, and encryption methods. Keep your certificates up-to-date and properly configured to avoid security risks and downtime.
By utilizing our SSL certificate lookup feature, you can efficiently check the expiration dates of SSL certificates across multiple domains. This is especially valuable for IT administrators and web developers who need to maintain certificate compliance and avoid potential security risks associated with expired or misconfigured certificates. The API also supports retrieving the complete SSL certificate chain, from the domain certificate to the root Certificate Authority (CA), providing a clear view of the entire certification path.
10K Free Credits, No Credit Card Required
Features
SSL Certificate Chain Lookup
Retrieve the complete chain of SSL certificates, from the domain certificate to the root Certificate Authority (CA). This feature helps verify the integrity and trustworthiness of the entire certification path, ensuring a secure certification chain.
Detailed SSL Certificate Lookup
Access comprehensive details about SSL certificates, including expiry date, issuer information, and encryption methods. This feature is essential for confirming that your certificates are correctly configured and up-to-date.
Well-Structured & Raw SSL Data
Access both well-structured and raw SSL certificate data through our API. The well-structured data provides organized and detailed information about SSL certificates, ideal for integration and analysis. For advanced use cases such as machine learning models or custom processing, you can retrieve the raw, unprocessed SSL data. This flexibility allows you to leverage the data for a wide range of applications.
Documentation
API Endpoint
Access SSL Certificate Details without Chain
To retrieve comprehensive SSL certificate information without including the chain, use the following endpoint:
LANGUAGE
Python
PHP
Java
Node
Ruby
$ pip install requests
Retrieve SSL Certificate Chain
Obtain the complete SSL certificate chain from the root Certificate Authority (CA) to the end-user certificate with the following endpoint:
LANGUAGE
Python
PHP
Java
Node
Ruby
$ pip install requests
API Request
| Parameter | Required | Type | Default | Description |
|---|---|---|---|---|
| domainName | Yes | String | Domain name or URL whose SSL certificate lookup is required | |
| sslRaw | No | Boolean | false | For getting the raw openSSL response of the domain. |
API Response
| Field | Type | Requirement | Description |
|---|---|---|---|
| domainName | String | Mandatory | Domain for which the certificate is queried |
| queryTime | String | Mandatory | Time when the query was made |
| sslCertificates | List<CertificateInfo> | Mandatory | List of certificates |
| sslRaw | String | Optional | Raw SSL certificate if "sslRaw" param is true |
CertificateInfo object contains following fields:
| Field | Type | Requirement | Description |
|---|---|---|---|
| chainOrder | String | Mandatory | Chain order of certificate (e.g., end-user, intermediate, root) |
| authenticationType | String | Mandatory | Type of authentication used in the certificate |
| validityStartDate | String | Mandatory | Start date of the certificate's validity |
| validityEndDate | String | Mandatory | End date of the certificate's validity |
| serialNumber | String | Mandatory | Unique serial number of the certificate |
| signatureAlgorithm | String | Mandatory | Algorithm used for the certificate's signature |
| subject | Object | Mandatory | Subject details of the certificate |
| subject.commonName | String | Mandatory | Common name of the subject |
| subject.organization | String | Optional | Organization name of the subject |
| subject.organizationalUnit | String | Optional | Organizational unit of the subject |
| subject.locality | String | Optional | Locality of the subject |
| subject.state | String | Optional | State of the subject |
| subject.country | String | Optional | Country of the subject |
| subject.incCountry | String | Optional | Incorporated country |
| subject.incState | String | Optional | Incorporated state |
| subject.businessCategory | String | Optional | Category of the business |
| subject.street | String | Optional | Street address of the subject |
| subject.postalCode | String | Optional | Postal code of the subject |
| subject.serialNumber | String | Optional | Serial number of the subject |
| issuer.commonName | String | Mandatory | Common name of the issuer |
| issuer.organization | String | Optional | Organization name of the issuer |
| issuer.organizationalUnit | String | Optional | Organizational unit of the issuer |
| issuer.locality | String | Optional | Locality of the issuer |
| issuer.state | String | Optional | State of the issuer |
| issuer.country | String | Optional | Country of the issuer |
| issuer.incCountry | String | Optional | Incorporated country of the issuer |
| issuer.incState | String | Optional | Incorporated state of the issuer |
| issuer.businessCategory | String | Optional | Business category of the issuer |
| issuer.street | String | Optional | Street address of the issuer |
| issuer.postalCode | String | Optional | Postal code of the issuer |
| issuer.serialNumber | String | Optional | Serial number of the issuer |
| publicKey.keySize | String | Mandatory | Size of the public key |
| publicKey.keyAlgorithm | String | Mandatory | Algorithm used for the public key |
| publicKey.pemRaw | String | Mandatory | Raw certificate in PEM format |
| extensions.authorityKeyIdentifier | String | Mandatory | Identifier of the authority key |
| extensions.subjectKeyIdentifier | String | Mandatory | Identifier of the subject key |
| extensions.keyUsages | List<String> | Mandatory | Set of key usages |
| extensions.extendedKeyUsages | List<String> | Mandatory | Set of extended key usages |
| extensions.crlDistributionPoints | List<String> | Optional | Distribution points for CRLs |
| extensions.authorityInfoAccess | Object | Mandatory | Authority info access details |
| extensions.authorityInfoAccess .issuers | List<String> | Mandatory | Set of issuer access points |
| extensions.authorityInfoAccess .ocsp | List<String> | Mandatory | Set of OCSP access points |
| extensions.subjectAlternativeNames.dnsNames | HashSet<string> | Optional | Set of DNS names |
| extensions.subjectAlternativeNames.emailAddresses | HashSet<string> | Optional | Set of email addresses |
| extensions.subjectAlternativeNames.ipAddresses | HashSet<string> | Optional | Set of IP addresses |
| extensions.subjectAlternativeNames.uris | HashSet<string> | Optional | Set of URIs |
| extensions.certificatePolicies.policyId | String | Mandatory | Policy identifier |
| extensions.certificatePolicies.policyQualifier | Object | Optional | Policy qualifier details |
| extensions.certificatePolicies.policyQualifier.oid | String | Optional | Object identifier |
| extensions.certificatePolicies.policyQualifier.cpsUri | String | Optional | URI of the CPS |
| extensions.certificatePolicies.policyQualifier.userNotice | Object | Optional | User notice details |
| extensions.certificatePolicies.policyQualifier.userNotice.explicitText | String | Optional | Explicit text notice |
| extensions.certificatePolicies.policyQualifier.userNotice.noticeRef | Object | Optional | Notice reference details |
| extensions.certificatePolicies.policyQualifier.userNotice.NoticeRef.organization | String | Optional | Organization providing the notice |
| extensions.certificatePolicies.policyQualifier.userNotice.NoticeRef.noticeNumbers | String | Optional | Notice numbers |
| extensions.pemRaw | String | Optional | Raw certificate in PEM format |
HTTP Error Codes
| HTTP Status | Reasons |
|---|---|
| 400 | Please pass domain param correct value e.g. whoisfreaks.com, https://whoisfreaks.com, http://whoisfreaks.com [For Technical Support: support@whoisfreaks.com] |
| 403 | Unavailable domain extension. |
| 404 | No Ssl Certificate exists for this Domain |
| 500 | Internal Server error occurred. |
| 503 | Service is unavailable. |
| 504 | Request is timed-out. |
How to Guides
Domain-Specific Check
To perform domain-specific checks and obtain detailed SSL certificate information, including expiration dates, include the domainName request parameter in your API request. Specify the hostname for which you require the SSL certificate details. After sending the request, review the response to access comprehensive information about the SSL certificate, such as expiry dates and other crucial data. This approach enables efficient management and monitoring of SSL certificates for individual domains.
# Check SSL Certificate for a host-name{ "domainName": "google.com", "queryTime": "2024-08-20 08:37:01", "sslCertificates": [ { "chainOrder": "end-user", "authenticationType": "domain", "validityStartDate": "2024-07-30 12:32:53 UTC", "validityEndDate": "2024-10-22 12:32:52 UTC", "serialNumber": "71:8d:f8:a4:d1:48:8a:78:09:cc:ed:27:10:7d:81:84", "signatureAlgorithm": "SHA256-RSA", "subject": { "commonName": "*.google.com" }, "issuer": { "commonName": "WR2", "organization": "Google Trust Services", "country": "US" }, "publicKey": { "keySize": "256 bit", "keyAlgorithm": "ECDSA", "pemRaw": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE5pmvk0aXn2OXWW5QrASzaMP+E+cwyEFf2INKxtGITffWsIyD2qFFdLbALW6Xz1tDkK+0OELhrCFHyF+RCl3zsQ==\n-----END PUBLIC KEY-----\n" }, "extensions": { "authorityKeyIdentifier": "DE:1B:1E:ED:79:15:D4:3E:37:24:C3:21:BB:EC:34:39:6D:42:B2:30", "subjectKeyIdentifier": "B6:08:C9:95:06:20:D1:F4:31:6A:19:57:B7:CD:94:87:5B:7A:CA:83", "keyUsages": [ "Digital Signature" ], "extendedKeyUsages": [ "TLS Web Server Authentication" ], "crlDistributionPoints": [ "http://c.pki.goog/wr2/oBFYYahzgVI.crl" ], "authorityInfoAccess": { "issuers": [ "http://i.pki.goog/wr2.crt" ], "ocsp": [ "http://o.pki.goog/wr2" ] }, "subjectAlternativeNames": { "dnsNames": [ "android.clients.google.com", "*.google.de", "*.crowdsource.google.com", "googlesyndication-cn.com", "*.yt.be", "*.datacompute.google.com", "*.gkecnapps.cn", "*.googlesyndication-cn.com", "*.googlevideo.com", "admob-cn.com", "*.gstatic.cn", "recaptcha-cn.net", "*.safenup.googlesandbox-cn.com", "*.gvt2.com", "*.googletagmanager-cn.com", "google.com", "*.googletraveladservices-cn.com", "*.google.es", "googletraveladservices-cn.com", "yt.be", "*.google.com.co", "*.doubleclick.cn", "*.google-analytics.com", "doubleclick-cn.net", "*.gstatic.com", "*.2mdn-cn.net", "*.gcpcdn.gvt1.com", "*.google.com", "googlesandbox-cn.com", "*.google.com.tr", "*.doubleclick-cn.net", "*.googledownloads.cn", "*.google.fr", "gkecnapps.cn", "*.appengine.google.com", "*.google.co.uk", "googledownloads.cn", "*.youtubekids.com", "android.com", "*.googleflights-cn.net", "*.bdn.dev", "doubleclick.cn", "*.google.nl", "*.recaptcha-cn.net", "*.ampproject.org.cn", "googlevads-cn.com", "googletagmanager-cn.com", "*.fls.doubleclick.cn", "*.google.com.mx", "*.google-analytics-cn.com", "googleadservices-cn.com", "*.gstatic-cn.com", "googletagservices-cn.com", "*.googlecommerce.com", "youtube.com", "*.googleapps-cn.com", "googleoptimize-cn.com", "*.origin-test.bdn.dev", "widevine.cn", "*.google.com.vn", "ampproject.net.cn", "*.android.google.cn", "gvt1-cn.com", "g.co", "g.cn", "*.fls.doubleclick-cn.net", "*.app-measurement-cn.com", "*.google.hu", "*.safeframe.googlesyndication-cn.com", "*.android.com", "*.googlecnapps.cn", "*.gvt1.com", "*.music.youtube.com", "*.urchin.com", "*.cloud.google.com", "urchin.com", "*.google.pt", "youtu.be", "*.google.pl", "*.chrome.google.cn", "*.googleapis.cn", "*.googleapis-cn.com", "*.gcp.gvt2.com", "*.recaptcha.net.cn", "music.youtube.com", "googlecnapps.cn", "googleapps-cn.com", "*.google.it", "ampproject.org.cn", "*.metric.gstatic.com", "app-measurement-cn.com", "*.youtubeeducation.com", "ggpht.cn", "*.youtube.com", "*.dartsearch-cn.net", "gvt2-cn.com", "googleapis-cn.com", "*.google.co.jp", "goo.gl", "*.googlevads-cn.com", "*.googleoptimize-cn.com", "*.youtube-nocookie.com", "*.gvt2-cn.com", "*.g.doubleclick.cn", "*.gvt1-cn.com", "*.widevine.cn", "*.developers.google.cn", "*.google.com.br", "google-analytics-cn.com", "*.admob-cn.com", "2mdn-cn.net", "youtubeeducation.com", "*.google.co.in", "*.ampproject.net.cn", "*.g.doubleclick-cn.net", "*.flash.android.com", "youtubekids.com", "googleflights-cn.net", "*.ytimg.com", "*.google.cl", "dartsearch-cn.net", "*.ggpht.cn", "*.googleadservices-cn.com", "recaptcha.net.cn", "*.url.google.com", "*.googletagservices-cn.com", "*.google.com.ar", "google-analytics.com", "*.google.com.au", "*.googlesandbox-cn.com", "www.goo.gl", "*.g.co", "*.google.ca", "*.g.cn", "googlecommerce.com" ] }, "certificatePolicies": [ { "policyId": "2.23.140.1.2.1" } ] }, "pemRaw": "-----BEGIN CERTIFICATE-----\nMIIODDCCDPSgAwIBAgIQcY34pNFIingJzO0nEH2BhDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMQwwCgYDVQQDEwNXUjIwHhcNMjQwNzMwMTIzMjUzWhcNMjQxMDIyMTIzMjUyWjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATmma+TRpefY5dZblCsBLNow/4T5zDIQV/Yg0rG0YhN99awjIPaoUV0tsAtbpfPW0OQr7Q4QuGsIUfIX5EKXfOxo4IL+TCCC/UwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFLYIyZUGINH0MWoZV7fNlIdbesqDMB8GA1UdIwQYMBaAFN4bHu15FdQ+NyTDIbvsNDltQrIwMFgGCCsGAQUFBwEBBEwwSjAhBggrBgEFBQcwAYYVaHR0cDovL28ucGtpLmdvb2cvd3IyMCUGCCsGAQUFBzAChhlodHRwOi8vaS5wa2kuZ29vZy93cjIuY3J0MIIJzQYDVR0RBIIJxDCCCcCCDCouZ29vZ2xlLmNvbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghUqLm9yaWdpbi10ZXN0LmJkbi5kZXaCEiouY2xvdWQuZ29vZ2xlLmNvbYIYKi5jcm93ZHNvdXJjZS5nb29nbGUuY29tghgqLmRhdGFjb21wdXRlLmdvb2dsZS5jb22CCyouZ29vZ2xlLmNhggsqLmdvb2dsZS5jbIIOKi5nb29nbGUuY28uaW6CDiouZ29vZ2xlLmNvLmpwgg4qLmdvb2dsZS5jby51a4IPKi5nb29nbGUuY29tLmFygg8qLmdvb2dsZS5jb20uYXWCDyouZ29vZ2xlLmNvbS5icoIPKi5nb29nbGUuY29tLmNvgg8qLmdvb2dsZS5jb20ubXiCDyouZ29vZ2xlLmNvbS50coIPKi5nb29nbGUuY29tLnZuggsqLmdvb2dsZS5kZYILKi5nb29nbGUuZXOCCyouZ29vZ2xlLmZyggsqLmdvb2dsZS5odYILKi5nb29nbGUuaXSCCyouZ29vZ2xlLm5sggsqLmdvb2dsZS5wbIILKi5nb29nbGUucHSCDyouZ29vZ2xlYXBpcy5jboIRKi5nb29nbGV2aWRlby5jb22CDCouZ3N0YXRpYy5jboIQKi5nc3RhdGljLWNuLmNvbYIPZ29vZ2xlY25hcHBzLmNughEqLmdvb2dsZWNuYXBwcy5jboIRZ29vZ2xlYXBwcy1jbi5jb22CEyouZ29vZ2xlYXBwcy1jbi5jb22CDGdrZWNuYXBwcy5jboIOKi5na2VjbmFwcHMuY26CEmdvb2dsZWRvd25sb2Fkcy5jboIUKi5nb29nbGVkb3dubG9hZHMuY26CEHJlY2FwdGNoYS5uZXQuY26CEioucmVjYXB0Y2hhLm5ldC5jboIQcmVjYXB0Y2hhLWNuLm5ldIISKi5yZWNhcHRjaGEtY24ubmV0ggt3aWRldmluZS5jboINKi53aWRldmluZS5jboIRYW1wcHJvamVjdC5vcmcuY26CEyouYW1wcHJvamVjdC5vcmcuY26CEWFtcHByb2plY3QubmV0LmNughMqLmFtcHByb2plY3QubmV0LmNughdnb29nbGUtYW5hbHl0aWNzLWNuLmNvbYIZKi5nb29nbGUtYW5hbHl0aWNzLWNuLmNvbYIXZ29vZ2xlYWRzZXJ2aWNlcy1jbi5jb22CGSouZ29vZ2xlYWRzZXJ2aWNlcy1jbi5jb22CEWdvb2dsZXZhZHMtY24uY29tghMqLmdvb2dsZXZhZHMtY24uY29tghFnb29nbGVhcGlzLWNuLmNvbYITKi5nb29nbGVhcGlzLWNuLmNvbYIVZ29vZ2xlb3B0aW1pemUtY24uY29tghcqLmdvb2dsZW9wdGltaXplLWNuLmNvbYISZG91YmxlY2xpY2stY24ubmV0ghQqLmRvdWJsZWNsaWNrLWNuLm5ldIIYKi5mbHMuZG91YmxlY2xpY2stY24ubmV0ghYqLmcuZG91YmxlY2xpY2stY24ubmV0gg5kb3VibGVjbGljay5jboIQKi5kb3VibGVjbGljay5jboIUKi5mbHMuZG91YmxlY2xpY2suY26CEiouZy5kb3VibGVjbGljay5jboIRZGFydHNlYXJjaC1jbi5uZXSCEyouZGFydHNlYXJjaC1jbi5uZXSCHWdvb2dsZXRyYXZlbGFkc2VydmljZXMtY24uY29tgh8qLmdvb2dsZXRyYXZlbGFkc2VydmljZXMtY24uY29tghhnb29nbGV0YWdzZXJ2aWNlcy1jbi5jb22CGiouZ29vZ2xldGFnc2VydmljZXMtY24uY29tghdnb29nbGV0YWdtYW5hZ2VyLWNuLmNvbYIZKi5nb29nbGV0YWdtYW5hZ2VyLWNuLmNvbYIYZ29vZ2xlc3luZGljYXRpb24tY24uY29tghoqLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIkKi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24tY24uY29tghZhcHAtbWVhc3VyZW1lbnQtY24uY29tghgqLmFwcC1tZWFzdXJlbWVudC1jbi5jb22CC2d2dDEtY24uY29tgg0qLmd2dDEtY24uY29tggtndnQyLWNuLmNvbYINKi5ndnQyLWNuLmNvbYILMm1kbi1jbi5uZXSCDSouMm1kbi1jbi5uZXSCFGdvb2dsZWZsaWdodHMtY24ubmV0ghYqLmdvb2dsZWZsaWdodHMtY24ubmV0ggxhZG1vYi1jbi5jb22CDiouYWRtb2ItY24uY29tghRnb29nbGVzYW5kYm94LWNuLmNvbYIWKi5nb29nbGVzYW5kYm94LWNuLmNvbYIeKi5zYWZlbnVwLmdvb2dsZXNhbmRib3gtY24uY29tgg0qLmdzdGF0aWMuY29tghQqLm1ldHJpYy5nc3RhdGljLmNvbYIKKi5ndnQxLmNvbYIRKi5nY3BjZG4uZ3Z0MS5jb22CCiouZ3Z0Mi5jb22CDiouZ2NwLmd2dDIuY29tghAqLnVybC5nb29nbGUuY29tghYqLnlvdXR1YmUtbm9jb29raWUuY29tggsqLnl0aW1nLmNvbYILYW5kcm9pZC5jb22CDSouYW5kcm9pZC5jb22CEyouZmxhc2guYW5kcm9pZC5jb22CBGcuY26CBiouZy5jboIEZy5jb4IGKi5nLmNvggZnb28uZ2yCCnd3dy5nb28uZ2yCFGdvb2dsZS1hbmFseXRpY3MuY29tghYqLmdvb2dsZS1hbmFseXRpY3MuY29tggpnb29nbGUuY29tghJnb29nbGVjb21tZXJjZS5jb22CFCouZ29vZ2xlY29tbWVyY2UuY29tgghnZ3BodC5jboIKKi5nZ3BodC5jboIKdXJjaGluLmNvbYIMKi51cmNoaW4uY29tggh5b3V0dS5iZYILeW91dHViZS5jb22CDSoueW91dHViZS5jb22CEW11c2ljLnlvdXR1YmUuY29tghMqLm11c2ljLnlvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbYIWKi55b3V0dWJlZWR1Y2F0aW9uLmNvbYIPeW91dHViZWtpZHMuY29tghEqLnlvdXR1YmVraWRzLmNvbYIFeXQuYmWCByoueXQuYmWCGmFuZHJvaWQuY2xpZW50cy5nb29nbGUuY29tghMqLmFuZHJvaWQuZ29vZ2xlLmNughIqLmNocm9tZS5nb29nbGUuY26CFiouZGV2ZWxvcGVycy5nb29nbGUuY24wEwYDVR0gBAwwCjAIBgZngQwBAgEwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2MucGtpLmdvb2cvd3IyL29CRllZYWh6Z1ZJLmNybDCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABkQPYFPYAAAQDAEgwRgIhAKY1vswnrCsPY/2Rb9mkMt/QMBsGRK2hBSgm0BqZZrbpAiEA/l5FtZCwtf/zAJzkzAsR1wIGGubVQRimx3emAy8/7qgAdwDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAZED2BTNAAAEAwBIMEYCIQCdt+dIh2hphLzc/ALmRvGtBkXjkw5nieuIg6PVpcb5XgIhAOSXQWUlYiBLpMCW6Ae1meor3YRBeqoQT/zyYTS/+hd1MA0GCSqGSIb3DQEBCwUAA4IBAQB9AO5LRDlvrtxbLu2EQWFJrENvHZxEGOjVjY1FI9LJktoV5IY7YefrnPv10iJqRoBeb805s+tp0wE/SeGdCDwBVtsNyvQ8Q24cvYEO5zaikO2Rt7zvbuwEFe+bZzYlvM6c9A5fCFHAeA9VVOrJNZK2ca5f5hoMyKWKlK9B66WZuZwC47KVZ+m1XJ76ZlnvIpVaRtzZIaJfn4xusB0nVecjzlUT7xEunh09AI0xky//tCNLVj1ezYdSndHq6KNNrz8V/huIO8hDyciGHgx1vOJ53wfQxfp0yUWAhRWSBAJnmp13IqSpnxyuUmj+PdKewP/qyVTxbuFdqS0EnOY97yso\n-----END CERTIFICATE-----\n" } ] }curl --location 'https://api.apifreaks.com/v1.0/domain/ssl/live?domainName=google.com&apiKey=API-KEY'
SSL Certificate Chain Lookup
Include the domainName request parameter to perform a comprehensive SSL certificate chain lookup from the root Certificate Authority (CA) to the end-user certificate. Use the SSL Certificate Chain Lookup API to retrieve the complete certification path, ensuring you get detailed information about each certificate in the chain. This approach allows for thorough verification of SSL certificates, providing valuable insights into the entire certification hierarchy for enhanced security management.
# Get all the certificates in the chain from the root to the end-user{ "domainName": "jfreaks.com", "queryTime": "2024-08-20 08:51:59", "sslCertificates": [ { "chainOrder": "end-user", "authenticationType": "domain", "validityStartDate": "2024-06-22 15:48:19 UTC", "validityEndDate": "2024-09-20 15:48:18 UTC", "serialNumber": "d3:d0:fb:b2:fd:fd:df:88:13:15:42:50:e5:61:20:61", "signatureAlgorithm": "ECDSA-SHA256", "subject": { "commonName": "jfreaks.com" }, "issuer": { "commonName": "WE1", "organization": "Google Trust Services", "country": "US" }, "publicKey": { "keySize": "256 bit", "keyAlgorithm": "ECDSA", "pemRaw": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEco5e/xL2eEaTmAye+oDnF4Ef/LaUsE8MvtTnb5HGk2ExhvV1hVumD3YgxKRVy78CQx7SkyanXLwWqS8vDU81Mw==\n-----END PUBLIC KEY-----\n" }, "extensions": { "authorityKeyIdentifier": "90:77:92:35:67:C4:FF:A8:CC:A9:E6:7B:D9:80:79:7B:CC:93:F9:38", "subjectKeyIdentifier": "35:CD:98:CA:8C:47:95:95:1F:0B:BC:C2:BD:41:7D:43:D6:46:BC:50", "keyUsages": [ "Digital Signature" ], "extendedKeyUsages": [ "TLS Web Server Authentication" ], "crlDistributionPoints": [ "http://c.pki.goog/we1/5RpMhq5ShrY.crl" ], "authorityInfoAccess": { "issuers": [ "http://i.pki.goog/we1.crt" ], "ocsp": [ "http://o.pki.goog/s/we1/09A" ] }, "subjectAlternativeNames": { "dnsNames": [ "*.jfreaks.com", "jfreaks.com" ] }, "certificatePolicies": [ { "policyId": "2.23.140.1.2.1" } ] }, "pemRaw": "-----BEGIN CERTIFICATE-----\nMIIDpTCCA0qgAwIBAgIRANPQ+7L9/d+IExVCUOVhIGEwCgYIKoZIzj0EAwIwOzELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczEMMAoGA1UEAxMDV0UxMB4XDTI0MDYyMjE1NDgxOVoXDTI0MDkyMDE1NDgxOFowFjEUMBIGA1UEAxMLamZyZWFrcy5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARyjl7/EvZ4RpOYDJ76gOcXgR/8tpSwTwy+1OdvkcaTYTGG9XWFW6YPdiDEpFXLvwJDHtKTJqdcvBapLy8NTzUzo4ICUjCCAk4wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDXNmMqMR5WVHwu8wr1BfUPWRrxQMB8GA1UdIwQYMBaAFJB3kjVnxP+ozKnme9mAeXvMk/k4MF4GCCsGAQUFBwEBBFIwUDAnBggrBgEFBQcwAYYbaHR0cDovL28ucGtpLmdvb2cvcy93ZTEvMDlBMCUGCCsGAQUFBzAChhlodHRwOi8vaS5wa2kuZ29vZy93ZTEuY3J0MCUGA1UdEQQeMByCC2pmcmVha3MuY29tgg0qLmpmcmVha3MuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jLnBraS5nb29nL3dlMS81UnBNaHE1U2hyWS5jcmwwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAZBA2UlbAAAEAwBGMEQCICLoV5PvOTbvqFpms4V0K/Cn7Oz7IDFEk+ll3H74/bkaAiAaHtud21GyoRnXUyPy03ORW/d7nT6/8rBiyDbjVTiM6wB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABkEDZSjEAAAQDAEcwRQIhAPoNk59/yMOvdMbJ+fq5shxC7WuY3IBUleeOjz92qkiJAiANb8RM//WY7to5VoyalaC6lEgG7k2RrWUmeuvCN+KoYTAKBggqhkjOPQQDAgNJADBGAiEAu6jhuR4F8EpkF06HQ02Tg54KASHIMyfpj+qZtnerv9cCIQC3SW6LiJUoM4WpagXtEyf+CqvjyJ5uWMSYtymeRVuWdQ==\n-----END CERTIFICATE-----\n" }, { "chainOrder": "intermediate", "authenticationType": "organization", "validityStartDate": "2023-12-13 09:00:00 UTC", "validityEndDate": "2029-02-20 14:00:00 UTC", "serialNumber": "7f:f3:19:77:97:2c:22:4a:76:15:5d:13:b6:d6:85:e3", "signatureAlgorithm": "ECDSA-SHA2384", "subject": { "commonName": "WE1", "organization": "Google Trust Services", "country": "US" }, "issuer": { "commonName": "GTS Root R4", "organization": "Google Trust Services LLC", "country": "US" }, "publicKey": { "keySize": "256 bit", "keyAlgorithm": "ECDSA", "pemRaw": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEb806/mdXR0whA4VAwkddu1hHD0DBXBeFxhk359V87YZLm4HZ1xoTpQoD+JjExuie/xBZjywmmPXmJiW7DwL6Vg==\n-----END PUBLIC KEY-----\n" }, "extensions": { "authorityKeyIdentifier": "80:4C:D6:EB:74:FF:49:36:A3:D5:D8:FC:B5:3E:C5:6A:F0:94:1D:8C", "subjectKeyIdentifier": "90:77:92:35:67:C4:FF:A8:CC:A9:E6:7B:D9:80:79:7B:CC:93:F9:38", "keyUsages": [ "CRL Sign", "Digital Signature", "Certificate Sign" ], "extendedKeyUsages": [ "TLS Web Server Authentication", "TLS Web Client Authentication" ], "crlDistributionPoints": [ "http://c.pki.goog/r/r4.crl" ], "authorityInfoAccess": { "issuers": [ "http://i.pki.goog/r4.crt" ] }, "certificatePolicies": [ { "policyId": "2.23.140.1.2.1" } ] }, "pemRaw": "-----BEGIN CERTIFICATE-----\nMIICnzCCAiWgAwIBAgIQf/MZd5csIkp2FV0TttaF4zAKBggqhkjOPQQDAzBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjQwHhcNMjMxMjEzMDkwMDAwWhcNMjkwMjIwMTQwMDAwWjA7MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMQwwCgYDVQQDEwNXRTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARvzTr+Z1dHTCEDhUDCR127WEcPQMFcF4XGGTfn1XzthkubgdnXGhOlCgP4mMTG6J7/EFmPLCaY9eYmJbsPAvpWo4H+MIH7MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUkHeSNWfE/6jMqeZ72YB5e8yT+TgwHwYDVR0jBBgwFoAUgEzW63T/STaj1dj8tT7FavCUHYwwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzAChhhodHRwOi8vaS5wa2kuZ29vZy9yNC5jcnQwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2MucGtpLmdvb2cvci9yNC5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwCgYIKoZIzj0EAwMDaAAwZQIxAOcCq1HW90OVznX+0RGU1cxAQXomvtgM8zItPZCuFQ8jSBJSjz5keROv9aYsAm5VsQIwJonMaAFi54mrfhfoFNZEfuNMSQ6/bIBiNLiyoX46FohQvKeIoJ99cx7sUkFN7uJW\n-----END CERTIFICATE-----\n" }, { "chainOrder": "intermediate", "authenticationType": "organization", "validityStartDate": "2023-11-15 03:43:21 UTC", "validityEndDate": "2028-01-28 00:00:42 UTC", "serialNumber": "7f:e5:30:bf:33:13:43:be:dd:82:16:10:49:3d:8a:1b", "signatureAlgorithm": "SHA256-RSA", "subject": { "commonName": "GTS Root R4", "organization": "Google Trust Services LLC", "country": "US" }, "issuer": { "commonName": "GlobalSign Root CA", "organization": "GlobalSign nv-sa", "organizationalUnit": "Root CA", "country": "BE" }, "publicKey": { "keySize": "384 bit", "keyAlgorithm": "ECDSA", "pemRaw": "-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE83Rzp2iLYK5DuDXFgTB7S0md+8FhzubeRr1r1WEYNa5A3XP3iZEwWus87oV8okB2O6nGuEfYKueSkWpz6bFyOZ8pn6KY019eWIZlD6GEZQbR3IvJx3PIjGov5cSr0R2K\n-----END PUBLIC KEY-----\n" }, "extensions": { "authorityKeyIdentifier": "60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B", "subjectKeyIdentifier": "80:4C:D6:EB:74:FF:49:36:A3:D5:D8:FC:B5:3E:C5:6A:F0:94:1D:8C", "keyUsages": [ "CRL Sign", "Digital Signature", "Certificate Sign" ], "extendedKeyUsages": [ "TLS Web Server Authentication", "TLS Web Client Authentication" ], "crlDistributionPoints": [ "http://c.pki.goog/r/gsr1.crl" ], "authorityInfoAccess": { "issuers": [ "http://i.pki.goog/gsr1.crt" ] }, "certificatePolicies": [ { "policyId": "2.23.140.1.2.1" } ] }, "pemRaw": "-----BEGIN CERTIFICATE-----\nMIIDejCCAmKgAwIBAgIQf+UwvzMTQ77dghYQST2KGzANBgkqhkiG9w0BAQsFADBXMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UECxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIzMTExNTAzNDMyMVoXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFI0MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE83Rzp2iLYK5DuDXFgTB7S0md+8FhzubeRr1r1WEYNa5A3XP3iZEwWus87oV8okB2O6nGuEfYKueSkWpz6bFyOZ8pn6KY019eWIZlD6GEZQbR3IvJx3PIjGov5cSr0R2Ko4H/MIH8MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUgEzW63T/STaj1dj8tT7FavCUHYwwHwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswNgYIKwYBBQUHAQEEKjAoMCYGCCsGAQUFBzAChhpodHRwOi8vaS5wa2kuZ29vZy9nc3IxLmNydDAtBgNVHR8EJjAkMCKgIKAehhxodHRwOi8vYy5wa2kuZ29vZy9yL2dzcjEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA0GCSqGSIb3DQEBCwUAA4IBAQAYQrsPBtYDh5bjP2OBDwmkoWhIDDkic574y04tfzHpn+cJodI2D4SseesQ6bDrarZ7C30ddLibZatoKiws3UL9xnELz4ct92vID24FfVbiI1hY+SW6FoVHkNeWIP0GCbaM4C6uVdF5dTUsMVs/ZbzNnIdCp5Gxmx5ejvEau8otR/CskGN+hr/W5GvT1tMBjgWKZ1i4//emhA1JG1BbPzoLJQvyEotc03lXjTaCzv8mEbep8RqZ7a2CPsgRbuvTPBwcOMBBmuFeU88+FSBX6+7iP0il8b4Z0QFqIwwMHfs/L6K1vepuoxtGzi4CZ68zJpiq1UvSqTbFJjtbD4seiMHl\n-----END CERTIFICATE-----\n" }, { "chainOrder": "root", "authenticationType": "self-signed-ca", "validityStartDate": "1998-09-1 12:00:00 UTC", "validityEndDate": "2028-01-28 12:00:00 UTC", "serialNumber": "04:00:00:00:00:01:15:4b:5a:c3:94", "signatureAlgorithm": "SHA1-RSA", "subject": { "commonName": "GlobalSign Root CA", "organization": "GlobalSign nv-sa", "organizationalUnit": "Root CA", "country": "BE" }, "issuer": { "commonName": "GlobalSign Root CA", "organization": "GlobalSign nv-sa", "organizationalUnit": "Root CA", "country": "BE" }, "publicKey": { "keySize": "2048 bit", "keyAlgorithm": "RSA", "pemRaw": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2g7mmY3Oo+NPin778YuDJWvqSB/xKrC5lREEvfBj0eJnZs8c3c8bSCvujYmOmq8pgGWr6cctEsurHExwB6E9CjDNFY1P+N3UjFAVHO9Q7sQu9/zpUvKRfeBt1TUwjl5Dc/JB6dVq47KJOlY5OG8GPIhpWypNxadUuGyJzJv5PMrl/Yn1EjySeJbW3HRuk0Rh0Y3HRrJ1DoboGYrVbWzVeBaVounICjjr8iQTT3NUkxOFOhu8HjS1iwWMuXeLsdsfIJGrCVNukM57N3S5cEeRIlFjFnmusa5BJgjIGSvRRqpI1mQq14M0/ywqwWwZQ0oHhefTfPYhaO/q8lKff5OQzwIDAQAB\n-----END PUBLIC KEY-----\n" }, "extensions": { "subjectKeyIdentifier": "60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B", "keyUsages": [ "CRL Sign", "Certificate Sign" ] }, "pemRaw": "-----BEGIN CERTIFICATE-----\nMIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAwMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZjc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N89iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOzyj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymPAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUadDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbMEHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==\n-----END CERTIFICATE-----\n" } ] }curl --location 'https://api.apifreaks.com/v1.0/domain/ssl/live/chain?domainName=jfreaks.com&apiKey=API-KEY'
Access Both Raw and Structured SSL Data
To access raw SSL data in addition to structured information, set the sslRaw request parameter to true. This option is available for both API endpoints—whether you are retrieving SSL certificate details with or without the chain. When enabled with the chain endpoint, the API will provide raw SSL data for the entire certificate chain, from the root Certificate Authority (CA) to the end-user certificate. This feature allows for comprehensive analysis, providing both structured and raw data to meet various needs, including advanced processing and detailed security assessments.
# Get SSL Raw data along with structured SSL data for each SSL certificate in the chain{ "domainName": "jfreaks.com", "queryTime": "2024-08-20 08:54:28", "sslCertificates": [ { "chainOrder": "end-user", "authenticationType": "domain", "validityStartDate": "2024-06-22 15:48:19 UTC", "validityEndDate": "2024-09-20 15:48:18 UTC", "serialNumber": "d3:d0:fb:b2:fd:fd:df:88:13:15:42:50:e5:61:20:61", "signatureAlgorithm": "ECDSA-SHA256", "subject": { "commonName": "jfreaks.com" }, "issuer": { "commonName": "WE1", "organization": "Google Trust Services", "country": "US" }, "publicKey": { "keySize": "256 bit", "keyAlgorithm": "ECDSA", "pemRaw": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEco5e/xL2eEaTmAye+oDnF4Ef/LaUsE8MvtTnb5HGk2ExhvV1hVumD3YgxKRVy78CQx7SkyanXLwWqS8vDU81Mw==\n-----END PUBLIC KEY-----\n" }, "extensions": { "authorityKeyIdentifier": "90:77:92:35:67:C4:FF:A8:CC:A9:E6:7B:D9:80:79:7B:CC:93:F9:38", "subjectKeyIdentifier": "35:CD:98:CA:8C:47:95:95:1F:0B:BC:C2:BD:41:7D:43:D6:46:BC:50", "keyUsages": [ "Digital Signature" ], "extendedKeyUsages": [ "TLS Web Server Authentication" ], "crlDistributionPoints": [ "http://c.pki.goog/we1/5RpMhq5ShrY.crl" ], "authorityInfoAccess": { "issuers": [ "http://i.pki.goog/we1.crt" ], "ocsp": [ "http://o.pki.goog/s/we1/09A" ] }, "subjectAlternativeNames": { "dnsNames": [ "*.jfreaks.com", "jfreaks.com" ] }, "certificatePolicies": [ { "policyId": "2.23.140.1.2.1" } ] }, "pemRaw": "-----BEGIN CERTIFICATE-----\nMIIDpTCCA0qgAwIBAgIRANPQ+7L9/d+IExVCUOVhIGEwCgYIKoZIzj0EAwIwOzELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczEMMAoGA1UEAxMDV0UxMB4XDTI0MDYyMjE1NDgxOVoXDTI0MDkyMDE1NDgxOFowFjEUMBIGA1UEAxMLamZyZWFrcy5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARyjl7/EvZ4RpOYDJ76gOcXgR/8tpSwTwy+1OdvkcaTYTGG9XWFW6YPdiDEpFXLvwJDHtKTJqdcvBapLy8NTzUzo4ICUjCCAk4wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDXNmMqMR5WVHwu8wr1BfUPWRrxQMB8GA1UdIwQYMBaAFJB3kjVnxP+ozKnme9mAeXvMk/k4MF4GCCsGAQUFBwEBBFIwUDAnBggrBgEFBQcwAYYbaHR0cDovL28ucGtpLmdvb2cvcy93ZTEvMDlBMCUGCCsGAQUFBzAChhlodHRwOi8vaS5wa2kuZ29vZy93ZTEuY3J0MCUGA1UdEQQeMByCC2pmcmVha3MuY29tgg0qLmpmcmVha3MuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jLnBraS5nb29nL3dlMS81UnBNaHE1U2hyWS5jcmwwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAZBA2UlbAAAEAwBGMEQCICLoV5PvOTbvqFpms4V0K/Cn7Oz7IDFEk+ll3H74/bkaAiAaHtud21GyoRnXUyPy03ORW/d7nT6/8rBiyDbjVTiM6wB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABkEDZSjEAAAQDAEcwRQIhAPoNk59/yMOvdMbJ+fq5shxC7WuY3IBUleeOjz92qkiJAiANb8RM//WY7to5VoyalaC6lEgG7k2RrWUmeuvCN+KoYTAKBggqhkjOPQQDAgNJADBGAiEAu6jhuR4F8EpkF06HQ02Tg54KASHIMyfpj+qZtnerv9cCIQC3SW6LiJUoM4WpagXtEyf+CqvjyJ5uWMSYtymeRVuWdQ==\n-----END CERTIFICATE-----\n" }, { "chainOrder": "intermediate", "authenticationType": "organization", "validityStartDate": "2023-12-13 09:00:00 UTC", "validityEndDate": "2029-02-20 14:00:00 UTC", "serialNumber": "7f:f3:19:77:97:2c:22:4a:76:15:5d:13:b6:d6:85:e3", "signatureAlgorithm": "ECDSA-SHA2384", "subject": { "commonName": "WE1", "organization": "Google Trust Services", "country": "US" }, "issuer": { "commonName": "GTS Root R4", "organization": "Google Trust Services LLC", "country": "US" }, "publicKey": { "keySize": "256 bit", "keyAlgorithm": "ECDSA", "pemRaw": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEb806/mdXR0whA4VAwkddu1hHD0DBXBeFxhk359V87YZLm4HZ1xoTpQoD+JjExuie/xBZjywmmPXmJiW7DwL6Vg==\n-----END PUBLIC KEY-----\n" }, "extensions": { "authorityKeyIdentifier": "80:4C:D6:EB:74:FF:49:36:A3:D5:D8:FC:B5:3E:C5:6A:F0:94:1D:8C", "subjectKeyIdentifier": "90:77:92:35:67:C4:FF:A8:CC:A9:E6:7B:D9:80:79:7B:CC:93:F9:38", "keyUsages": [ "CRL Sign", "Digital Signature", "Certificate Sign" ], "extendedKeyUsages": [ "TLS Web Server Authentication", "TLS Web Client Authentication" ], "crlDistributionPoints": [ "http://c.pki.goog/r/r4.crl" ], "authorityInfoAccess": { "issuers": [ "http://i.pki.goog/r4.crt" ] }, "certificatePolicies": [ { "policyId": "2.23.140.1.2.1" } ] }, "pemRaw": "-----BEGIN CERTIFICATE-----\nMIICnzCCAiWgAwIBAgIQf/MZd5csIkp2FV0TttaF4zAKBggqhkjOPQQDAzBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjQwHhcNMjMxMjEzMDkwMDAwWhcNMjkwMjIwMTQwMDAwWjA7MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMQwwCgYDVQQDEwNXRTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARvzTr+Z1dHTCEDhUDCR127WEcPQMFcF4XGGTfn1XzthkubgdnXGhOlCgP4mMTG6J7/EFmPLCaY9eYmJbsPAvpWo4H+MIH7MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUkHeSNWfE/6jMqeZ72YB5e8yT+TgwHwYDVR0jBBgwFoAUgEzW63T/STaj1dj8tT7FavCUHYwwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzAChhhodHRwOi8vaS5wa2kuZ29vZy9yNC5jcnQwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2MucGtpLmdvb2cvci9yNC5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwCgYIKoZIzj0EAwMDaAAwZQIxAOcCq1HW90OVznX+0RGU1cxAQXomvtgM8zItPZCuFQ8jSBJSjz5keROv9aYsAm5VsQIwJonMaAFi54mrfhfoFNZEfuNMSQ6/bIBiNLiyoX46FohQvKeIoJ99cx7sUkFN7uJW\n-----END CERTIFICATE-----\n" }, { "chainOrder": "intermediate", "authenticationType": "organization", "validityStartDate": "2023-11-15 03:43:21 UTC", "validityEndDate": "2028-01-28 00:00:42 UTC", "serialNumber": "7f:e5:30:bf:33:13:43:be:dd:82:16:10:49:3d:8a:1b", "signatureAlgorithm": "SHA256-RSA", "subject": { "commonName": "GTS Root R4", "organization": "Google Trust Services LLC", "country": "US" }, "issuer": { "commonName": "GlobalSign Root CA", "organization": "GlobalSign nv-sa", "organizationalUnit": "Root CA", "country": "BE" }, "publicKey": { "keySize": "384 bit", "keyAlgorithm": "ECDSA", "pemRaw": "-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE83Rzp2iLYK5DuDXFgTB7S0md+8FhzubeRr1r1WEYNa5A3XP3iZEwWus87oV8okB2O6nGuEfYKueSkWpz6bFyOZ8pn6KY019eWIZlD6GEZQbR3IvJx3PIjGov5cSr0R2K\n-----END PUBLIC KEY-----\n" }, "extensions": { "authorityKeyIdentifier": "60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B", "subjectKeyIdentifier": "80:4C:D6:EB:74:FF:49:36:A3:D5:D8:FC:B5:3E:C5:6A:F0:94:1D:8C", "keyUsages": [ "CRL Sign", "Digital Signature", "Certificate Sign" ], "extendedKeyUsages": [ "TLS Web Server Authentication", "TLS Web Client Authentication" ], "crlDistributionPoints": [ "http://c.pki.goog/r/gsr1.crl" ], "authorityInfoAccess": { "issuers": [ "http://i.pki.goog/gsr1.crt" ] }, "certificatePolicies": [ { "policyId": "2.23.140.1.2.1" } ] }, "pemRaw": "-----BEGIN CERTIFICATE-----\nMIIDejCCAmKgAwIBAgIQf+UwvzMTQ77dghYQST2KGzANBgkqhkiG9w0BAQsFADBXMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UECxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIzMTExNTAzNDMyMVoXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFI0MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE83Rzp2iLYK5DuDXFgTB7S0md+8FhzubeRr1r1WEYNa5A3XP3iZEwWus87oV8okB2O6nGuEfYKueSkWpz6bFyOZ8pn6KY019eWIZlD6GEZQbR3IvJx3PIjGov5cSr0R2Ko4H/MIH8MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUgEzW63T/STaj1dj8tT7FavCUHYwwHwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswNgYIKwYBBQUHAQEEKjAoMCYGCCsGAQUFBzAChhpodHRwOi8vaS5wa2kuZ29vZy9nc3IxLmNydDAtBgNVHR8EJjAkMCKgIKAehhxodHRwOi8vYy5wa2kuZ29vZy9yL2dzcjEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA0GCSqGSIb3DQEBCwUAA4IBAQAYQrsPBtYDh5bjP2OBDwmkoWhIDDkic574y04tfzHpn+cJodI2D4SseesQ6bDrarZ7C30ddLibZatoKiws3UL9xnELz4ct92vID24FfVbiI1hY+SW6FoVHkNeWIP0GCbaM4C6uVdF5dTUsMVs/ZbzNnIdCp5Gxmx5ejvEau8otR/CskGN+hr/W5GvT1tMBjgWKZ1i4//emhA1JG1BbPzoLJQvyEotc03lXjTaCzv8mEbep8RqZ7a2CPsgRbuvTPBwcOMBBmuFeU88+FSBX6+7iP0il8b4Z0QFqIwwMHfs/L6K1vepuoxtGzi4CZ68zJpiq1UvSqTbFJjtbD4seiMHl\n-----END CERTIFICATE-----\n" }, { "chainOrder": "root", "authenticationType": "self-signed-ca", "validityStartDate": "1998-09-1 12:00:00 UTC", "validityEndDate": "2028-01-28 12:00:00 UTC", "serialNumber": "04:00:00:00:00:01:15:4b:5a:c3:94", "signatureAlgorithm": "SHA1-RSA", "subject": { "commonName": "GlobalSign Root CA", "organization": "GlobalSign nv-sa", "organizationalUnit": "Root CA", "country": "BE" }, "issuer": { "commonName": "GlobalSign Root CA", "organization": "GlobalSign nv-sa", "organizationalUnit": "Root CA", "country": "BE" }, "publicKey": { "keySize": "2048 bit", "keyAlgorithm": "RSA", "pemRaw": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2g7mmY3Oo+NPin778YuDJWvqSB/xKrC5lREEvfBj0eJnZs8c3c8bSCvujYmOmq8pgGWr6cctEsurHExwB6E9CjDNFY1P+N3UjFAVHO9Q7sQu9/zpUvKRfeBt1TUwjl5Dc/JB6dVq47KJOlY5OG8GPIhpWypNxadUuGyJzJv5PMrl/Yn1EjySeJbW3HRuk0Rh0Y3HRrJ1DoboGYrVbWzVeBaVounICjjr8iQTT3NUkxOFOhu8HjS1iwWMuXeLsdsfIJGrCVNukM57N3S5cEeRIlFjFnmusa5BJgjIGSvRRqpI1mQq14M0/ywqwWwZQ0oHhefTfPYhaO/q8lKff5OQzwIDAQAB\n-----END PUBLIC KEY-----\n" }, "extensions": { "subjectKeyIdentifier": "60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B", "keyUsages": [ "CRL Sign", "Certificate Sign" ] }, "pemRaw": "-----BEGIN CERTIFICATE-----\nMIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAwMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZjc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N89iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOzyj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymPAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUadDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbMEHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==\n-----END CERTIFICATE-----\n" } ], "sslRaw": "\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\nd3:d0:fb:b2:fd:fd:df:88:13:15:42:50:e5:61:20:61\n Signature Algorithm: ecdsa-with-SHA256\n Issuer: C = US, O = Google Trust Services, CN = WE1\n Validity\n Not Before: Jun 22 15:48:19 2024 GMT\n Not After : Sep 20 15:48:18 2024 GMT\n Subject: CN = jfreaks.com\n Subject Public Key Info:\n Public Key Algorithm: id-ecPublicKey\n Public-Key: (256 bit)\n pub:\n 04:72:8e:5e:ff:12:f6:78:46:93:98:0c:9e:fa:80:\n e7:17:81:1f:fc:b6:94:b0:4f:0c:be:d4:e7:6f:91:\n c6:93:61:31:86:f5:75:85:5b:a6:0f:76:20:c4:a4:\n 55:cb:bf:02:43:1e:d2:93:26:a7:5c:bc:16:a9:2f:\n 2f:0d:4f:35:33\n ASN1 OID: prime256v1\n NIST CURVE: P-256\n X509v3 extensions:\n X509v3 Key Usage: critical\n Digital Signature\n X509v3 Extended Key Usage: \n TLS Web Server Authentication\n X509v3 Basic Constraints: critical\n CA:FALSE\n X509v3 Subject Key Identifier: \n 35:CD:98:CA:8C:47:95:95:1F:0B:BC:C2:BD:41:7D:43:D6:46:BC:50\n X509v3 Authority Key Identifier: \n 90:77:92:35:67:C4:FF:A8:CC:A9:E6:7B:D9:80:79:7B:CC:93:F9:38\n Authority Information Access: \n OCSP - URI:http://o.pki.goog/s/we1/09A\n CA Issuers - URI:http://i.pki.goog/we1.crt\n X509v3 Subject Alternative Name: \n DNS:jfreaks.com, DNS:*.jfreaks.com\n Policy: 2.23.140.1.2.1\n Policy: 2.23.140.1.2.1\n X509v3 CRL Distribution Points: \n Full Name:\n URI:http://c.pki.goog/we1/5RpMhq5ShrY.crl\n CT Precertificate SCTs: \n Signed Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:\n B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74\n Timestamp : Jun 22 16:48:20.315 2024 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:44:02:20:22:E8:57:93:EF:39:36:EF:A8:5A:66:B3:\n 85:74:2B:F0:A7:EC:EC:FB:20:31:44:93:E9:65:DC:7E:\n F8:FD:B9:1A:02:20:1A:1E:DB:9D:DB:51:B2:A1:19:D7:\n 53:23:F2:D3:73:91:5B:F7:7B:9D:3E:BF:F2:B0:62:C8:\n 36:E3:55:38:8C:EB\n Signed Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:\n 91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB\n Timestamp : Jun 22 16:48:20.529 2024 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:45:02:21:00:FA:0D:93:9F:7F:C8:C3:AF:74:C6:C9:\n F9:FA:B9:B2:1C:42:ED:6B:98:DC:80:54:95:E7:8E:8F:\n 3F:76:AA:48:89:02:20:0D:6F:C4:4C:FF:F5:98:EE:DA:\n 39:56:8C:9A:95:A0:BA:94:48:06:EE:4D:91:AD:65:26:\n 7A:EB:C2:37:E2:A8:61\n Signature Algorithm: ecdsa-with-SHA256\n Signature Value:\n 30:46:02:21:00:bb:a8:e1:b9:1e:05:f0:4a:64:17:4e:87:43:\n 4d:93:83:9e:0a:01:21:c8:33:27:e9:8f:ea:99:b6:77:ab:bf:\n d7:02:21:00:b7:49:6e:8b:88:95:28:33:85:a9:6a:05:ed:13:\n 27:fe:0a:ab:e3:c8:9e:6e:58:c4:98:b7:29:9e:45:5b:96:75\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEco5e/xL2eEaTmAye+oDnF4Ef/LaU\nsE8MvtTnb5HGk2ExhvV1hVumD3YgxKRVy78CQx7SkyanXLwWqS8vDU81Mw==\n-----END PUBLIC KEY-----\nMIIDpTCCA0qgAwIBAgIRANPQ+7L9/d+IExVCUOVhIGEwCgYIKoZIzj0EAwIwOzEL\nMAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczEMMAoG\nA1UEAxMDV0UxMB4XDTI0MDYyMjE1NDgxOVoXDTI0MDkyMDE1NDgxOFowFjEUMBIG\nA1UEAxMLamZyZWFrcy5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARyjl7/\nEvZ4RpOYDJ76gOcXgR/8tpSwTwy+1OdvkcaTYTGG9XWFW6YPdiDEpFXLvwJDHtKT\nJqdcvBapLy8NTzUzo4ICUjCCAk4wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoG\nCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDXNmMqMR5WVHwu8wr1B\nfUPWRrxQMB8GA1UdIwQYMBaAFJB3kjVnxP+ozKnme9mAeXvMk/k4MF4GCCsGAQUF\nBwEBBFIwUDAnBggrBgEFBQcwAYYbaHR0cDovL28ucGtpLmdvb2cvcy93ZTEvMDlB\nMCUGCCsGAQUFBzAChhlodHRwOi8vaS5wa2kuZ29vZy93ZTEuY3J0MCUGA1UdEQQe\nMByCC2pmcmVha3MuY29tgg0qLmpmcmVha3MuY29tMBMGA1UdIAQMMAowCAYGZ4EM\nAQIBMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jLnBraS5nb29nL3dlMS81UnBN\naHE1U2hyWS5jcmwwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQB2/4g/Crb7lVHC\nYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAZBA2UlbAAAEAwBGMEQCICLoV5PvOTbv\nqFpms4V0K/Cn7Oz7IDFEk+ll3H74/bkaAiAaHtud21GyoRnXUyPy03ORW/d7nT6/\n8rBiyDbjVTiM6wB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAAB\nkEDZSjEAAAQDAEcwRQIhAPoNk59/yMOvdMbJ+fq5shxC7WuY3IBUleeOjz92qkiJ\nAiANb8RM//WY7to5VoyalaC6lEgG7k2RrWUmeuvCN+KoYTAKBggqhkjOPQQDAgNJ\nADBGAiEAu6jhuR4F8EpkF06HQ02Tg54KASHIMyfpj+qZtnerv9cCIQC3SW6LiJUo\nM4WpagXtEyf+CqvjyJ5uWMSYtymeRVuWdQ==\n-----END CERTIFICATE-----\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n7f:f3:19:77:97:2c:22:4a:76:15:5d:13:b6:d6:85:e3\n Signature Algorithm: ecdsa-with-SHA384\n Issuer: C = US, O = Google Trust Services LLC, CN = GTS Root R4\n Validity\n Not Before: Dec 13 09:00:00 2023 GMT\n Not After : Feb 20 14:00:00 2029 GMT\n Subject: C = US, O = Google Trust Services, CN = WE1\n Subject Public Key Info:\n Public Key Algorithm: id-ecPublicKey\n Public-Key: (256 bit)\n pub:\n 04:6f:cd:3a:fe:67:57:47:4c:21:03:85:40:c2:47:\n 5d:bb:58:47:0f:40:c1:5c:17:85:c6:19:37:e7:d5:\n 7c:ed:86:4b:9b:81:d9:d7:1a:13:a5:0a:03:f8:98:\n c4:c6:e8:9e:ff:10:59:8f:2c:26:98:f5:e6:26:25:\n bb:0f:02:fa:56\n ASN1 OID: prime256v1\n NIST CURVE: P-256\n X509v3 extensions:\n X509v3 Key Usage: critical\n Digital Signature, Certificate Sign, CRL Sign\n X509v3 Extended Key Usage: \n TLS Web Server Authentication, TLS Web Client Authentication\n X509v3 Basic Constraints: critical\n CA:TRUE, pathlen:0\n X509v3 Subject Key Identifier: \n 90:77:92:35:67:C4:FF:A8:CC:A9:E6:7B:D9:80:79:7B:CC:93:F9:38\n X509v3 Authority Key Identifier: \n 80:4C:D6:EB:74:FF:49:36:A3:D5:D8:FC:B5:3E:C5:6A:F0:94:1D:8C\n Authority Information Access: \n CA Issuers - URI:http://i.pki.goog/r4.crt\n X509v3 CRL Distribution Points: \n Full Name:\n URI:http://c.pki.goog/r/r4.crl\n Policy: 2.23.140.1.2.1\n Policy: 2.23.140.1.2.1\n Signature Algorithm: ecdsa-with-SHA384\n Signature Value:\n 30:65:02:31:00:e7:02:ab:51:d6:f7:43:95:ce:75:fe:d1:11:\n 94:d5:cc:40:41:7a:26:be:d8:0c:f3:32:2d:3d:90:ae:15:0f:\n 23:48:12:52:8f:3e:64:79:13:af:f5:a6:2c:02:6e:55:b1:02:\n 30:26:89:cc:68:01:62:e7:89:ab:7e:17:e8:14:d6:44:7e:e3:\n 4c:49:0e:bf:6c:80:62:34:b8:b2:a1:7e:3a:16:88:50:bc:a7:\n 88:a0:9f:7d:73:1e:ec:52:41:4d:ee:e2:56\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEb806/mdXR0whA4VAwkddu1hHD0DB\nXBeFxhk359V87YZLm4HZ1xoTpQoD+JjExuie/xBZjywmmPXmJiW7DwL6Vg==\n-----END PUBLIC KEY-----\nMIICnzCCAiWgAwIBAgIQf/MZd5csIkp2FV0TttaF4zAKBggqhkjOPQQDAzBHMQsw\nCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\nMBIGA1UEAxMLR1RTIFJvb3QgUjQwHhcNMjMxMjEzMDkwMDAwWhcNMjkwMjIwMTQw\nMDAwWjA7MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZp\nY2VzMQwwCgYDVQQDEwNXRTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARvzTr+\nZ1dHTCEDhUDCR127WEcPQMFcF4XGGTfn1XzthkubgdnXGhOlCgP4mMTG6J7/EFmP\nLCaY9eYmJbsPAvpWo4H+MIH7MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggr\nBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU\nkHeSNWfE/6jMqeZ72YB5e8yT+TgwHwYDVR0jBBgwFoAUgEzW63T/STaj1dj8tT7F\navCUHYwwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzAChhhodHRwOi8vaS5wa2ku\nZ29vZy9yNC5jcnQwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2MucGtpLmdvb2cv\nci9yNC5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwCgYIKoZIzj0EAwMDaAAwZQIx\nAOcCq1HW90OVznX+0RGU1cxAQXomvtgM8zItPZCuFQ8jSBJSjz5keROv9aYsAm5V\nsQIwJonMaAFi54mrfhfoFNZEfuNMSQ6/bIBiNLiyoX46FohQvKeIoJ99cx7sUkFN\n7uJW\n-----END CERTIFICATE-----\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n7f:e5:30:bf:33:13:43:be:dd:82:16:10:49:3d:8a:1b\n Signature Algorithm: sha256WithRSAEncryption\n Issuer: C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA\n Validity\n Not Before: Nov 15 03:43:21 2023 GMT\n Not After : Jan 28 00:00:42 2028 GMT\n Subject: C = US, O = Google Trust Services LLC, CN = GTS Root R4\n Subject Public Key Info:\n Public Key Algorithm: id-ecPublicKey\n Public-Key: (384 bit)\n pub:\n 04:f3:74:73:a7:68:8b:60:ae:43:b8:35:c5:81:30:\n 7b:4b:49:9d:fb:c1:61:ce:e6:de:46:bd:6b:d5:61:\n 18:35:ae:40:dd:73:f7:89:91:30:5a:eb:3c:ee:85:\n 7c:a2:40:76:3b:a9:c6:b8:47:d8:2a:e7:92:91:6a:\n 73:e9:b1:72:39:9f:29:9f:a2:98:d3:5f:5e:58:86:\n 65:0f:a1:84:65:06:d1:dc:8b:c9:c7:73:c8:8c:6a:\n 2f:e5:c4:ab:d1:1d:8a\n ASN1 OID: secp384r1\n NIST CURVE: P-384\n X509v3 extensions:\n X509v3 Key Usage: critical\n Digital Signature, Certificate Sign, CRL Sign\n X509v3 Extended Key Usage: \n TLS Web Server Authentication, TLS Web Client Authentication\n X509v3 Basic Constraints: critical\n CA:TRUE\n X509v3 Subject Key Identifier: \n 80:4C:D6:EB:74:FF:49:36:A3:D5:D8:FC:B5:3E:C5:6A:F0:94:1D:8C\n X509v3 Authority Key Identifier: \n 60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B\n Authority Information Access: \n CA Issuers - URI:http://i.pki.goog/gsr1.crt\n X509v3 CRL Distribution Points: \n Full Name:\n URI:http://c.pki.goog/r/gsr1.crl\n Policy: 2.23.140.1.2.1\n Policy: 2.23.140.1.2.1\n Signature Algorithm: sha256WithRSAEncryption\n Signature Value:\n 18:42:bb:0f:06:d6:03:87:96:e3:3f:63:81:0f:09:a4:a1:68:\n 48:0c:39:22:73:9e:f8:cb:4e:2d:7f:31:e9:9f:e7:09:a1:d2:\n 36:0f:84:ac:79:eb:10:e9:b0:eb:6a:b6:7b:0b:7d:1d:74:b8:\n 9b:65:ab:68:2a:2c:2c:dd:42:fd:c6:71:0b:cf:87:2d:f7:6b:\n c8:0f:6e:05:7d:56:e2:23:58:58:f9:25:ba:16:85:47:90:d7:\n 96:20:fd:06:09:b6:8c:e0:2e:ae:55:d1:79:75:35:2c:31:5b:\n 3f:65:bc:cd:9c:87:42:a7:91:b1:9b:1e:5e:8e:f1:1a:bb:ca:\n 2d:47:f0:ac:90:63:7e:86:bf:d6:e4:6b:d3:d6:d3:01:8e:05:\n 8a:67:58:b8:ff:f7:a6:84:0d:49:1b:50:5b:3f:3a:0b:25:0b:\n f2:12:8b:5c:d3:79:57:8d:36:82:ce:ff:26:11:b7:a9:f1:1a:\n 99:ed:ad:82:3e:c8:11:6e:eb:d3:3c:1c:1c:38:c0:41:9a:e1:\n 5e:53:cf:3e:15:20:57:eb:ee:e2:3f:48:a5:f1:be:19:d1:01:\n 6a:23:0c:0c:1d:fb:3f:2f:a2:b5:bd:ea:6e:a3:1b:46:ce:2e:\n 02:67:af:33:26:98:aa:d5:4b:d2:a9:36:c5:26:3b:5b:0f:8b:\n 1e:88:c1:e5\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE83Rzp2iLYK5DuDXFgTB7S0md+8Fhzube\nRr1r1WEYNa5A3XP3iZEwWus87oV8okB2O6nGuEfYKueSkWpz6bFyOZ8pn6KY019e\nWIZlD6GEZQbR3IvJx3PIjGov5cSr0R2K\n-----END PUBLIC KEY-----\nMIIDejCCAmKgAwIBAgIQf+UwvzMTQ77dghYQST2KGzANBgkqhkiG9w0BAQsFADBX\nMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE\nCxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIzMTEx\nNTAzNDMyMVoXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoT\nGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFI0\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE83Rzp2iLYK5DuDXFgTB7S0md+8Fhzube\nRr1r1WEYNa5A3XP3iZEwWus87oV8okB2O6nGuEfYKueSkWpz6bFyOZ8pn6KY019e\nWIZlD6GEZQbR3IvJx3PIjGov5cSr0R2Ko4H/MIH8MA4GA1UdDwEB/wQEAwIBhjAd\nBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAd\nBgNVHQ4EFgQUgEzW63T/STaj1dj8tT7FavCUHYwwHwYDVR0jBBgwFoAUYHtmGkUN\nl8qJUC99BM00qP/8/UswNgYIKwYBBQUHAQEEKjAoMCYGCCsGAQUFBzAChhpodHRw\nOi8vaS5wa2kuZ29vZy9nc3IxLmNydDAtBgNVHR8EJjAkMCKgIKAehhxodHRwOi8v\nYy5wa2kuZ29vZy9yL2dzcjEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA0GCSqG\nSIb3DQEBCwUAA4IBAQAYQrsPBtYDh5bjP2OBDwmkoWhIDDkic574y04tfzHpn+cJ\nodI2D4SseesQ6bDrarZ7C30ddLibZatoKiws3UL9xnELz4ct92vID24FfVbiI1hY\n+SW6FoVHkNeWIP0GCbaM4C6uVdF5dTUsMVs/ZbzNnIdCp5Gxmx5ejvEau8otR/Cs\nkGN+hr/W5GvT1tMBjgWKZ1i4//emhA1JG1BbPzoLJQvyEotc03lXjTaCzv8mEbep\n8RqZ7a2CPsgRbuvTPBwcOMBBmuFeU88+FSBX6+7iP0il8b4Z0QFqIwwMHfs/L6K1\nvepuoxtGzi4CZ68zJpiq1UvSqTbFJjtbD4seiMHl\n-----END CERTIFICATE-----\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n04:00:00:00:00:01:15:4b:5a:c3:94\n Signature Algorithm: sha1WithRSAEncryption\n Issuer: C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA\n Validity\n Not Before: Sep 1 12:00:00 1998 GMT\n Not After : Jan 28 12:00:00 2028 GMT\n Subject: C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA\n Subject Public Key Info:\n Public Key Algorithm: rsaEncryption\n Public-Key: (2048 bit)\n Modulus:\n 00:da:0e:e6:99:8d:ce:a3:e3:4f:8a:7e:fb:f1:8b:\n 83:25:6b:ea:48:1f:f1:2a:b0:b9:95:11:04:bd:f0:\n 63:d1:e2:67:66:cf:1c:dd:cf:1b:48:2b:ee:8d:89:\n 8e:9a:af:29:80:65:ab:e9:c7:2d:12:cb:ab:1c:4c:\n 70:07:a1:3d:0a:30:cd:15:8d:4f:f8:dd:d4:8c:50:\n 15:1c:ef:50:ee:c4:2e:f7:fc:e9:52:f2:91:7d:e0:\n 6d:d5:35:30:8e:5e:43:73:f2:41:e9:d5:6a:e3:b2:\n 89:3a:56:39:38:6f:06:3c:88:69:5b:2a:4d:c5:a7:\n 54:b8:6c:89:cc:9b:f9:3c:ca:e5:fd:89:f5:12:3c:\n 92:78:96:d6:dc:74:6e:93:44:61:d1:8d:c7:46:b2:\n 75:0e:86:e8:19:8a:d5:6d:6c:d5:78:16:95:a2:e9:\n c8:0a:38:eb:f2:24:13:4f:73:54:93:13:85:3a:1b:\n bc:1e:34:b5:8b:05:8c:b9:77:8b:b1:db:1f:20:91:\n ab:09:53:6e:90:ce:7b:37:74:b9:70:47:91:22:51:\n 63:16:79:ae:b1:ae:41:26:08:c8:19:2b:d1:46:aa:\n 48:d6:64:2a:d7:83:34:ff:2c:2a:c1:6c:19:43:4a:\n 07:85:e7:d3:7c:f6:21:68:ef:ea:f2:52:9f:7f:93:\n 90:cf\n Exponent: 65537 (0x10001)\n X509v3 extensions:\n X509v3 Key Usage: critical\n Certificate Sign, CRL Sign\n X509v3 Basic Constraints: critical\n CA:TRUE\n X509v3 Subject Key Identifier: \n 60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B\n Signature Algorithm: sha1WithRSAEncryption\n Signature Value:\n d6:73:e7:7c:4f:76:d0:8d:bf:ec:ba:a2:be:34:c5:28:32:b5:\n 7c:fc:6c:9c:2c:2b:bd:09:9e:53:bf:6b:5e:aa:11:48:b6:e5:\n 08:a3:b3:ca:3d:61:4d:d3:46:09:b3:3e:c3:a0:e3:63:55:1b:\n f2:ba:ef:ad:39:e1:43:b9:38:a3:e6:2f:8a:26:3b:ef:a0:50:\n 56:f9:c6:0a:fd:38:cd:c4:0b:70:51:94:97:98:04:df:c3:5f:\n 94:d5:15:c9:14:41:9c:c4:5d:75:64:15:0d:ff:55:30:ec:86:\n 8f:ff:0d:ef:2c:b9:63:46:f6:aa:fc:df:bc:69:fd:2e:12:48:\n 64:9a:e0:95:f0:a6:ef:29:8f:01:b1:15:b5:0c:1d:a5:fe:69:\n 2c:69:24:78:1e:b3:a7:1c:71:62:ee:ca:c8:97:ac:17:5d:8a:\n c2:f8:47:86:6e:2a:c4:56:31:95:d0:67:89:85:2b:f9:6c:a6:\n 5d:46:9d:0c:aa:82:e4:99:51:dd:70:b7:db:56:3d:61:e4:6a:\n e1:5c:d6:f6:fe:3d:de:41:cc:07:ae:63:52:bf:53:53:f4:2b:\n e9:c7:fd:b6:f7:82:5f:85:d2:41:18:db:81:b3:04:1c:c5:1f:\n a4:80:6f:15:20:c9:de:0c:88:0a:1d:d6:66:55:e2:fc:48:c9:\n 29:26:69:e0\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2g7mmY3Oo+NPin778YuD\nJWvqSB/xKrC5lREEvfBj0eJnZs8c3c8bSCvujYmOmq8pgGWr6cctEsurHExwB6E9\nCjDNFY1P+N3UjFAVHO9Q7sQu9/zpUvKRfeBt1TUwjl5Dc/JB6dVq47KJOlY5OG8G\nPIhpWypNxadUuGyJzJv5PMrl/Yn1EjySeJbW3HRuk0Rh0Y3HRrJ1DoboGYrVbWzV\neBaVounICjjr8iQTT3NUkxOFOhu8HjS1iwWMuXeLsdsfIJGrCVNukM57N3S5cEeR\nIlFjFnmusa5BJgjIGSvRRqpI1mQq14M0/ywqwWwZQ0oHhefTfPYhaO/q8lKff5OQ\nzwIDAQAB\n-----END PUBLIC KEY-----\nMIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG\nA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv\nb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw\nMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i\nYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT\naWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ\njc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp\nxy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp\n1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG\nsnUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ\nU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8\n9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E\nBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B\nAQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz\nyj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE\n38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP\nAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad\nDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME\nHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==\n-----END CERTIFICATE-----" }curl --location 'https://api.apifreaks.com/v1.0/domain/ssl/live/chain?sslRaw=true&domainName=jfreaks.com&apiKey=API-KEY'
Pricing
To perform an SSL certificate lookup through the API, you will need API credits. Credits are only deducted for successful queries, defined by a 2xx status code. If a request results in a 4xx or 5xx status code, no credits will be deducted, and any credits already charged will be refunded.
- SSL Certificate Lookup: For each successful request without the certificate chain, 16 credits will be charged.
- SSL Certificate Chain Lookup: For each successfully retrieved certificate in the chain, 8 credits will be charged. To use the SSL certificate chain lookup feature, you must have a minimum of 32 credits available in your plan.
Utilize the Credits Usage API to efficiently monitor your recent consumption of both one-off and subscription credits. This API provides a streamlined way to track and manage your credit usage, ensuring you stay informed about your remaining balance and can optimize your resource allocation effectively.