SSL Certificates
SSL Certificates API
Manage SSL certificates for domains and subdomains, including Let's Encrypt issuance, custom cert upload, and auto-renewal.
Roles: All authenticated users manage their own certificates. Admin sees all.
Domain SSL
Get SSL Status
GET /api/v1/domains/{name}/ssl
Response:
{
"domain": "example.com",
"owner": "john",
"enabled": true,
"issuer": "Let's Encrypt",
"subject": "CN=example.com",
"not_before": "2026-01-01T00:00:00Z",
"not_after": "2026-04-01T00:00:00Z",
"auto_renew": true,
"cert_path": "/etc/letsencrypt/live/example.com/fullchain.pem",
"key_path": "/etc/letsencrypt/live/example.com/privkey.pem"
}
Issue SSL Certificate
POST /api/v1/domains/{name}/ssl/issue
{
"type": "letsencrypt",
"include_www": true
}
type options: "letsencrypt", "selfsigned"
include_www: null = auto (main domains only), true = always, false = never
Upload Custom Certificate
POST /api/v1/domains/{name}/ssl/upload
{
"certificate": "-----BEGIN CERTIFICATE-----\n...",
"private_key": "-----BEGIN PRIVATE KEY-----\n...",
"ca_bundle": "-----BEGIN CERTIFICATE-----\n..."
}
Renew Certificate
POST /api/v1/domains/{name}/ssl/renew
Remove Certificate
DELETE /api/v1/domains/{name}/ssl
Toggle Auto-Renew
PUT /api/v1/domains/{name}/ssl/auto-renew
{ "auto_renew": true }
Toggle Force HTTPS
PUT /api/v1/domains/{name}/ssl/force-https
{ "force_https": true }
Global SSL Management
List All Certificates
GET /api/v1/ssl
Issue Certificate (standalone)
POST /api/v1/ssl/issue
{
"domain": "example.com",
"type": "letsencrypt",
"include_www": null
}
Upload Certificate (standalone)
POST /api/v1/ssl/upload
Renew by ID
POST /api/v1/ssl/{id}/renew
Toggle Auto-Renew by ID
PUT /api/v1/ssl/{id}/auto-renew
Delete by ID
DELETE /api/v1/ssl/{id}
Issue Wildcard Certificate
POST /api/v1/ssl/{domain}/wildcard
Get SSL Status Summary
GET /api/v1/ssl/status
Get Expiring Certificates
GET /api/v1/ssl/expiring
Query: ?days=30 (default: 30 days)
CSR (Certificate Signing Request)
Generate CSR
POST /api/v1/ssl/csr/generate
{
"domain": "example.com",
"country": "US",
"state": "California",
"city": "San Francisco",
"organization": "My Company",
"org_unit": "IT",
"email": "[email protected]"
}
Get CSR
GET /api/v1/ssl/csr/{domain}
Install Cert for CSR
POST /api/v1/ssl/csr/{domain}/install
{
"certificate": "-----BEGIN CERTIFICATE-----\n...",
"ca_bundle": "-----BEGIN CERTIFICATE-----\n..."
}
Delete CSR
DELETE /api/v1/ssl/csr/{domain}
ACME Providers
GET /api/v1/ssl/acme/providers
POST /api/v1/ssl/acme/issue
Issue:
{
"domain": "example.com",
"provider": "letsencrypt",
"include_www": true
}
Best-Match Certificate
GET /api/v1/ssl/best-match/{domain}
POST /api/v1/ssl/best-match/{domain}/apply
GET /api/v1/ssl/available/{domain}
SSL Settings (Admin Only)
GET /api/v1/ssl/settings
PUT /api/v1/ssl/settings
{
"default_provider": "letsencrypt",
"auto_renew_days_before": 30,
"auto_renew_enabled": true
}
GET /api/v1/ssl/renewal-status
POST /api/v1/ssl/renewal-trigger