## page was renamed from CertApi
This is the current API to CAcert:

[[Software | Software ]]

== Certificate issuing ==

This interface can be used to issue new personal client certificates NOT server sertificates or organisation certificates:
The interface is made available through a single HTTPS call.

Parameters:
||URL||https://www.cacert.org/api/ccsr.php||
||Action||can be POST or GET ($_REQUEST), POST is recommended||
||username||username of the account that is used to issue the certificate||
||password||password of the account that is used to issue the certificate||
||email[0]||First email address for the certificate||
||email[1]||Second email address for the certificate (and [2], [3] etc.)||
||name||the name which should go into the certificate (Firstname Lastname or Firstname Middlename Lastname)||
||codesign||1 or 0, whether it should be a codesigning certificate or not||
||optionalCSR||The client CSR, which despite the name is a required parameter||

Example:
{{{
https://www.cacert.org/api/ccsr.php?username=user@example.org&password=secret&email[0]=user@domain.org&name=Mr.%20Mueller&codesign=0
}}}

This interface is currently lacking the possiblity to select the root certificate (class1/class3). If you need this feature, please contact us.

== Account status interface ==

This interfaces tells you the email addresses that are verified in the account, the names of the person of the account, and whether the account is permitted to issue CodeSigning(CS) certificates or not.

Parameters:
||URL||https://www.cacert.org/api/cemails.php||
||Action||can be POST or GET ($_REQUEST)||
||username||username of the account that is used to issue the certificate||
||password||password of the account that is used to issue the certificate||

Request example:
{{{
https://www.cacert.org/api/cemails.php?username=john@doe.com&password=johnny
}}}

Returns:
{{{
200,Authentication Ok
CS=0
NAME=CAcert WoT User
NAME=John Doe
NAME=JOhn M. Doe
EMAIL=john@doe.com
EMAIL=john@super.com
EMAIL=j@doe.au
}}}
John Doe can not issue code-signing certificates, he can choose between the three names, and can include any of the 3 email addresses in the certificate.


== Future API ideas ==

We have collected several ideas for additional interfaces:<<BR>>
http://wiki.cacert.org/Software/IntegrationInterface <<BR>>
http://wiki.cacert.org/Software/VendorAPI