This is the current API to CAcert:
Certificate issuing
This interface can be used to issue new personal client certificates NOT server sertificates or organisation certificates: The interface is made available through a single HTTPS call.
Parameters:
URL |
|
Action |
can be POST or GET ($_REQUEST), POST is recommended |
username |
username of the account that is used to issue the certificate |
password |
password of the account that is used to issue the certificate |
email[0] |
First email address for the certificate |
email[1] |
Second email address for the certificate (and [2], [3] etc.) |
name |
the name which should go into the certificate (Firstname Lastname or Firstname Middlename Lastname) |
codesign |
1 or 0, whether it should be a codesigning certificate or not |
optionalCSR |
The client CSR, which despite the name is a required parameter |
Example:
https://www.cacert.org/api/ccsr.php?username=user@example.org&password=secret&email[0]=user@domain.org&name=Mr.%20Mueller&codesign=0
This interface is currently lacking the possiblity to select the root certificate (class1/class3). If you need this feature, please contact us.
Account status interface
This interfaces tells you the email addresses that are verified in the account, the names of the person of the account, and whether the account is permitted to issue CodeSigning(CS) certificates or not.
Parameters:
URL |
|
Action |
can be POST or GET ($_REQUEST) |
username |
username of the account that is used to issue the certificate |
password |
password of the account that is used to issue the certificate |
Request example:
https://www.cacert.org/api/cemails.php?username=john@doe.com&password=johnny
Returns:
200,Authentication Ok CS=0 NAME=CAcert WoT User NAME=John Doe NAME=JOhn M. Doe EMAIL=john@doe.com EMAIL=john@super.com EMAIL=j@doe.au
John Doe can not issue code-signing certificates, he can choose between the three names, and can include any of the 3 email addresses in the certificate.
Future API ideas
We have collected several ideas for additional interfaces:
http://wiki.cacert.org/Software/IntegrationInterface
http://wiki.cacert.org/Software/VendorAPI