Newcertbro for Linux

Open-source CLI for TLS automation, DNS DCV, and unattended renewals.

Explore certbro
regfish
HostingWordPress
Email
Reference
v1.6.2
Download OpenAPI
YAMLJSON
TLS API
Automate your certificate lifecycle
Modern TLS automation The regfish TLS API lets you order, validate, renew, and manage certificates centrally and efficiently. Build a workflow that handles short lifetimes with confidence and keeps your certificate operations under control.

API reference

All operations are sourced from the contract and enriched with request and response examples.

Certificates

GET/tls/certificate
List TLS certificates
List TLS certificates in the current account.
POST/tls/certificate
Order or renew TLS certificate
Create a new TLS certificate order or renew an existing certificate. When `renewal_of_certificate_id` is set, `validity_days` still describes the purchased base term. If the provider accepts the renewal, any remaining validity from the previous certificate may be added after issuance. OV and EV-style products can return `action_required=true` together with a `completion_url` when additional organization or validation details are needed before submission.
GET/tls/certificate/:certificate_id
Get TLS certificate
Retrieve a single TLS certificate including staged/action-required state, validation details, and provider metadata.
POST/tls/certificate/:certificate_id/complete
Complete staged TLS certificate order
Complete an action-required TLS certificate order by binding it to an existing usable DigiCert organization and submitting the provider order.
GET/tls/certificate/:certificate_id/download/:format
Download TLS certificate
Download the issued TLS certificate either as PEM text or as a ZIP bundle.
POST/tls/certificate/:certificate_id/reissue
Reissue TLS certificate
Reissue an already issued or certificate-revoked TLS certificate with a new CSR while keeping the same order. Optionally, `validity_days` can request a shorter replacement certificate lifetime, but the CA only supports that for eligible multi-year plan orders and never beyond the remaining order contract.
POST/tls/certificate/:certificate_id/cancel
Cancel TLS certificate order
Cancel a pending TLS certificate order. Use `/tls/certificate/{certificate_id}/order-cancel` when an already issued order should be revoked in full.
POST/tls/certificate/:certificate_id/order-cancel
Cancel or revoke TLS certificate order
Cancel a not-yet-issued order before issuance, or revoke the complete issued order within the first 7 days after ordering. A full revocation invalidates all certificate versions on that order and prevents further reissue.
POST/tls/certificate/:certificate_id/revoke
Revoke TLS certificate
Revoke only the currently selected TLS certificate while keeping the order available for later reissue.

Organizations

GET/tls/organization
List TLS organizations
List TLS organizations that can be used for OV and EV certificate orders, including readiness information.
POST/tls/organization
Create TLS organization
Create a DigiCert-backed TLS organization including the local contact record used for OV or EV certificate ordering.
GET/tls/organization/:organization_id
Get TLS organization
Retrieve a single DigiCert-backed TLS organization by its public organization id.
PATCH/tls/organization/:organization_id
Update TLS organization
Update the local TLS organization contact data used for readiness checks and order completion.

Products

GET/tls/products
List TLS products
List available TLS certificate products together with the current account pricing.
Example: order TLS certificate
POST
curl --request POST \
  --url 'https://api.regfish.com/tls/certificate' \
  --header 'x-api-key: YOUR_API_KEY' \
  --header 'content-type: application/json' \
  --data '{
  "sku": "RapidSSL",
  "common_name": "www.example.com",
  "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIIC...\n-----END CERTIFICATE REQUEST-----",
  "dcv_method": "email",
  "validity_days": 199
}'
Example: fetch certificate status
GET
curl --request GET \
  --url 'https://api.regfish.com/tls/certificate/1' \
  --header 'x-api-key: YOUR_API_KEY'
Example: download certificate as PEM
GET
curl --request GET \
  --url 'https://api.regfish.com/tls/certificate/1/download/pem' \
  --header 'x-api-key: YOUR_API_KEY'
Example: revoke certificate
POST
curl --request POST \
  --url 'https://api.regfish.com/tls/certificate/1/revoke' \
  --header 'x-api-key: YOUR_API_KEY' \
  --header 'content-type: application/json' \
  --data '{
  "comment": "key compromise confirmed",
  "revocation_reason": "key_compromise"
}'
Continue with certbro
New

certbro for Linux

If you want to move from the TLS API to operable Linux automation faster, certbro is the direct next step.

Open-source CLI for TLS automation, DNS DCV, and unattended renewals.

Explore certbro
Automate certificate workflows

From order to revocation. The regfish TLS API covers common certificate workflows in a scriptable flow: ordering, status checks, downloads, and revocations can be integrated directly into internal processes and deployments.

The examples below show production-oriented calls for certificate lifecycle management so you can build repeatable operations for shorter lifetimes.

GitHub repositoryCreate account
Community

Become part of the community

The Regfish DNS API is a great solution for developers who want to automate domains and DNS zones. Become part of the community and benefit from DNS automation. The DNS API is available free of charge to every Regfish customer.

More free features
regfish
regfish
Company
Hosting
Domains
Features
Resources
Company
© 2002-2026 regfish GmbH. Regfish is a registered trademark of regfish GmbH. All prices include VAT. No guarantee for completeness. Our Terms and Conditions.
Cart
 
Total
€0.00
All prices include VAT.
We use cookies to provide the best possible experience. Choose your preferences for cookie usage. Privacy policy