© 2002-2026 regfish GmbH. Regfish is a registered trademark of regfish GmbH. All prices include VAT. No guarantee for completeness. Our Terms and Conditions.
POST
/tls/certificate
TLSCertificates
Authentication
Request body
TLS certificate order payload
tlsCertificateRequesttlsCertificateRequest
{
"sku": "RapidSSL",
"common_name": "www.example.com",
"csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIIC...\n-----END CERTIFICATE REQUEST-----",
"dcv_method": "dns-cname-token"
}Fields
Name
Type
Format
Required
Description
sku
string
—
Required
regfish TLS certificate product identifier.
common_name
string
—
Required
Fully Qualified Domain Name.
dns_names
array<string>
—
Optional
—
csr
string
—
Required
PEM encoded certificate signing request (CSR).
dcv_method
string
—
Required
—
dcv_emails
array<string>
—
Optional
—
org_id
string
—
Optional
Public TLS organization ID
renewal_of_certificate_id
string
—
Optional
Public TLS certificate ID
validity_days
integer
—
Optional
Purchased base order validity in days. For renewal orders this value is not reduced by any expected remaining-validity bonus from the previous certificate. If the provider credits remaining validity, the issued certificate may end up with a longer effective lifetime than this value.
Request example
POST
curl --request POST \
--url 'https://api.regfish.com/tls/certificate' \
--header 'x-api-key: YOUR_API_KEY' \
--header 'content-type: application/json' \
--data '{
"sku": "RapidSSL",
"common_name": "www.example.com",
"csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIIC...\n-----END CERTIFICATE REQUEST-----",
"dcv_method": "dns-cname-token"
}'Responses
200
TLS certificate order created
Response example 200
{
"success": true,
"code": 0,
"response": {
"id": "ABCDEFGHJKM23",
"status": "pending",
"common_name": "example.com",
"product": "RapidSSL",
"provider": "digicert",
"dns_names": [
"www.example.com"
],
"order_state": "PENDING",
"action_required": false,
"pending_reason": "validation_pending",
"pending_message": "The TLS certificate order is waiting for domain validation.",
"completion_url": "",
"organization_id": null,
"validity_days": 199,
"certificate_pem_available": false,
"validation": {
"method": "dns-cname-token",
"dns_records": [
{
"name": "_dnsauth.example.com.",
"type": "CNAME",
"value": "0123456789abcdef.dcv.digicert.com."
}
]
}
}
}400
Invalid request payload, TLS product, or CSR
Response example 400
{
"success": false,
"message": "Invalid request payload, TLS product, or CSR",
"error": "Invalid request payload, TLS product, or CSR"
}401
Unauthorized
Response example 401
{
"success": false,
"message": "Unauthorized",
"error": "Unauthorized"
}404
Renewal source TLS certificate not found
Response example 404
{
"success": false,
"message": "Renewal source TLS certificate not found",
"error": "Renewal source TLS certificate not found"
}409
The TLS certificate order cannot be submitted in its current state, for example because the renewal is invalid or a usable CA organization is missing
Response example 409
{
"success": false,
"message": "The TLS certificate order cannot be submitted in its current state, for example because the renewal is invalid or a usable CA organization is missing",
"error": "The TLS certificate order cannot be submitted in its current state, for example because the renewal is invalid or a usable CA organization is missing"
}500
Unexpected error
Response example 500
{
"success": false,
"message": "Unexpected error",
"error": "Unexpected error"
}502
Upstream TLS provider error
Response example 502
{
"success": false,
"message": "Upstream TLS provider error",
"error": "Upstream TLS provider error"
}