Link11 WAAP
v5
v5
  • Link11 WAAP Documentation
  • Release Notes
  • Known Issues
  • User Guide
    • Introduction to Link11 WAAP
  • How Link11 WAAP Works
    • Traffic Filtering Process
    • Traffic Reporting and Analytics
    • Policy Mapping and Traffic Routing
    • Tagging
    • UI Overview and Common Elements
  • Console UI Walkthrough
    • Analytics
      • Dashboard
      • Events Log
    • Security
      • Global Filters
      • Flow Control Policies
      • Security Policies
      • Rate Limit Rules
      • ACL Profiles
      • Actions
      • Dynamic Rules
      • Quarantined
      • Content Filter
        • Content Filter Profiles
        • Content Filter Rules
    • Sites
      • Server Groups
      • Proxy Templates
      • Mobile Application Groups
      • Backend Services
      • Edge Functions
      • DNS Records
      • SSL
        • Load Balancers
        • Certificates
    • System
      • Interactive Challenge
      • SSO Configuration
      • Purge CDN Cache
      • Users Management
      • Security Alerts
      • Log Exporters
      • Version Control
      • System DB
      • Publish Changes
    • Account
  • Using the product
    • Best Practices
      • Saving and Publishing Your Changes
      • Enabling Passive Challenges
      • Understanding and Diagnosing Traffic Issues
    • How Do I...
      • Authenticate mobile app users
      • Ban, unban, and allowlist traffic sources
      • Bypass Link11 WAAP for loadtesting or other purposes
      • Configure a new path/section of a site
      • Control caching behavior
      • Enable GraphQL traffic
      • Enable mTLS (mutual TLS)
      • Protect sensitive information in logs and analytics
      • Quickly block an attacker
      • Redirect or block HTTP traffic
      • Run custom code
      • Set rate limits and exemptions
      • Stream event data to a SIEM solution or other destination
    • The Link11 WAAP API
      • Overview
      • Internal data structures
      • Using Swagger UI
      • Using curl
  • Reference Information
    • Acronyms
    • API
      • API access to traffic data
      • Types of namespaces
      • Namespace reference
        • ACL Profiles
        • Actions
        • Backend Services
        • Certificates
        • Configs
        • Content Filter Profiles
        • Content Filter Rules
        • Data queries
        • Dynamic Rules
        • Edge Functions
        • Flow Control Policies
        • Global Filters
        • Load Balancers
        • Log Exporters
        • Mobile Application Groups
        • Planets
        • Proxy Templates
        • Rate Limit Rules
        • Security Alerts
        • Security Policies
        • Server Groups
        • Tags
        • Tools
        • Users
    • Hostile Bot Detection / LWCSI
      • Environmental detection and browser verification
      • Client authentication
      • Biometric behavioral verification
    • HTTP Response Codes
    • Log Exporter Output
    • Pattern Matching Syntax
    • Query Filter Syntax and Best Practices
  • Support
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Reference Information
  2. API
  3. Namespace reference

Certificates

PreviousBackend ServicesNextConfigs

Last updated 2 months ago

Was this helpful?

List Certificates

get

Get a list of the planet's certificates for a configuration

Path parameters
configstringRequired
Responses
200
Certificates were retrieved successfully
application/json
500
Internal Server Error
application/json
get
GET /api/v4.0/conf/{config}/certificates HTTP/1.1
Host: 
Accept: */*
{
  "total": 1,
  "items": [
    {
      "cert_body": "text",
      "expires": "2025-05-17",
      "id": "text",
      "issuer": "text",
      "le_auto_renew": true,
      "le_auto_replace": true,
      "le_hash": "",
      "private_key": "text",
      "san": [
        "text"
      ],
      "subject": "text",
      "uploaded": "2025-05-17T17:46:33.038Z",
      "revoked": false,
      "crl": [
        "text"
      ],
      "cdp": [
        "text"
      ],
      "side": "server"
    }
  ]
}

Get Certificate

get

Get a specific Certificate for a configuration

Path parameters
configstringRequired
entry_idstringRequired
Responses
200
Certificate was retrieved successfully
application/json
422
Validation Error
application/json
500
Internal Server Error
application/json
get
GET /api/v4.0/conf/{config}/certificates/{entry_id} HTTP/1.1
Host: 
Accept: */*
{
  "links": [
    {
      "link": "text",
      "provider": "text",
      "region": "text"
    }
  ],
  "cert_body": "text",
  "expires": "2025-05-17",
  "id": "text",
  "issuer": "text",
  "le_auto_renew": true,
  "le_auto_replace": true,
  "le_hash": "",
  "private_key": "text",
  "san": [
    "text"
  ],
  "subject": "text",
  "uploaded": "2025-05-17T17:46:33.038Z",
  "revoked": false,
  "crl": [
    "text"
  ],
  "cdp": [
    "text"
  ],
  "side": "server"
}

Modify Certificate

put

Change settings for a specific certificate. ("le_" parameters refer to Let's Encrypt.)

Path parameters
configstringRequired
entry_idstringRequired
Query parameters
le_auto_renewbooleanOptionalDefault: true
le_auto_replacebooleanOptionalDefault: true
replace_cert_idstringOptional
Responses
200
Certificate modified successfully
422
Validation Error
application/json
put
PUT /api/v4.0/conf/{config}/certificates/{entry_id} HTTP/1.1
Host: 
Accept: */*

No content

Delete Certificate

delete

Delete an individual Certificate from the specified configuration

Path parameters
configstringRequired
entry_idstringRequired
Responses
200
Certificate deleted successfully
400
Input Error
application/json
422
Validation Error
application/json
500
Internal Server Error
application/json
delete
DELETE /api/v4.0/conf/{config}/certificates/{entry_id} HTTP/1.1
Host: 
Accept: */*

No content

Get Certificate PEM

get
Path parameters
configstringRequired
entry_idstringRequired
Responses
200
Certificate's PEM retrieved successfully
application/x-pem-file
Responsestring · binary
400
Input Error
application/json
422
Validation Error
application/json
500
Internal Server Error
application/json
get
GET /api/v4.0/conf/{config}/certificates/{entry_id}/pem HTTP/1.1
Host: 
Accept: */*
binary

Get Certificate PFX

get
Path parameters
configstringRequired
entry_idstringRequired
Responses
200
Certificate's PFX retrieved successfully
application/json
Responsestring · binary
400
Input Error
application/json
422
Validation Error
application/json
500
Internal Server Error
application/json
get
GET /api/v4.0/conf/{config}/certificates/{entry_id}/pfx HTTP/1.1
Host: 
Accept: */*
binary
  • GETList Certificates
  • GETGet Certificate
  • PUTModify Certificate
  • POSTAdd Certificate
  • DELETEDelete Certificate
  • GETGet Certificate PEM
  • GETGet Certificate PFX

Add Certificate

post

Create new certificate for a specific list of domains. Generate new certificate or upload existing one based on input parameters. "le_" parameters refer to Let's Encrypt.

Path parameters
configstringRequired
entry_idstringRequiredPattern: (?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)
Query parameters
domainsstring[]OptionalDefault: []
Body
all ofOptionalDefault: {"id":"","le_auto_renew":true,"le_auto_replace":true,"le_hash":"","provider_links":[]}
Responses
201
Certificate created
application/json
422
Validation Error
application/json
post
POST /api/v4.0/conf/{config}/certificates/{entry_id} HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 350

{
  "provider_links": [
    {
      "link": "text",
      "provider": "text",
      "region": "text"
    }
  ],
  "cert_body": "text",
  "expires": "2025-05-17",
  "id": "text",
  "issuer": "text",
  "le_auto_renew": true,
  "le_auto_replace": true,
  "le_hash": "",
  "private_key": "text",
  "san": [
    "text"
  ],
  "subject": "text",
  "uploaded": "2025-05-17T17:46:33.038Z",
  "revoked": false,
  "crl": [
    "text"
  ],
  "cdp": [
    "text"
  ],
  "side": "server"
}
{
  "message": "Successfully created entry"
}