Web Analytics

Automatically Generate Unique IoT Device Certificates Using Pre-validated Domains

Step 1

Create an account at SSL.com through this link: https://secure.ssl.com/users/new

Go to top

Step 2

Pre-validate a domain. Using your SSL.com account portal, it is possible to pre-validate a domain name before ordering certificates. Domain validation is scoped to teams, so any team member can order certificates for a pre-validated domain. Instructions can be found here: https://www.ssl.com/how-to/domain-name-ssl-tls-pre-validation/

Go to top


Step 3

Refer to this command line: 

curl -k -H "Accept: application/json" -H "Content-type: application/json" -X POST -d "{\"account_key\":\"[REDACTED]\",\"secret_key\":\"[REDACTED]\",\"product\":\"104\",\"period\":\"90\",\"domains\":[\"d-123456.commscope.com\"],\"csr\":\"-----BEGIN CERTIFICATE REQUEST-----\nMIIClDCCAX4CAQAwITEfMB0GA1UEAwwWZC0xMjM0NTYuY29tbXNjb3BlLmNvbTCC\r\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMRLNHVwAljJFFlHWFSOSlLq\r\nKCtAKPmgTMucCMfZ23xwbjGfT7jvz66otJHyKC/ZNVDNew0w37+3aFEbNP4ziW6A\r\neHlI3RT/hZnGvnw70dJ2/7ENyTBInD0R7vd2BUfxhqJtEr68D5YTtl4V+0q0efSm\r\nsl7chMPZ49nHWmJNGRwM/rQdKL7j7x83aRNqzPTRVNUJE1r0MsCvFG0yqR3TpXX1\r\nwFnEFYk/Oo4dJaieCtGALr6dyNfb/UyV6gCIwlkotCZOVnf4CFvy2a8Oe16Nt2nj\r\nwWQKAbOSDk1DL4G5RytMfzpWsh9B6LOunYYW/lhqrT0lqTInQxMj5ypuLt+JcBsC\r\nAwEAAaAwMC4GCSqGSIb3DQEJDjEhMB8wHQYDVR0OBBYEFNX5JakD5Ml6xgx/PLVM\r\n5SD09c7YMAsGCSqGSIb3DQEBCwOCAQEACuc9qm5g8ItFIuSHzZGfrA59PvZlLc66\r\nvDvN4S4hBbmhVu2MNUwNhH+qaY8qcrXy+8N0qsOtKWL2g/ME/jIyA+XTDA61sVdS\r\nCdOG1k3XrtT/QK3RVRMfY0XkZMIUAtPy3VTQLuoRYwqZWqBXsUYa/dnvQxpMpck/\r\nZjbs8OGRVOCAPauTpySpTi2lY0mRw7pwZJyJseuCtt4kY1UKEBNXKjco7vQjH/7H\r\nqD8YHezeM7lL0ZPSw/Vs9cuvjfgBjJiOkIzOGi+iwIeatFQIobwvOkFwIuVMNzFf\r\nyGoAuf5LJNJrKHkqIxCb8Z7zCQMSTxUOCcyowBaG6smYBta9aUhLog==\n-----END CERTIFICATE REQUEST-----\n\"}" https://sws.sslpki.com/certificates
  • REDACTED: This is a placeholder for sensitive information, such as the “account_key” and “secret_key,” for confidentiality or security purposes.

Go to top


Step 4

  1. Once your domain has been pre-validated, you can now instantly issue IoT/SSL certs by making this api call (please use a different Certificate Signing Request (CSR) for each call):
    curl -k -H "Accept: application/json" -H "Content-type: application/json" -X POST -d "{\"account_key\":\"[REDACTED]\",\"secret_key\":\"[REDACTED]\",\"product\":\"105\",\"period\":\"365\",\"domains\":[\"*.yoursix.com\"],\"csr\":\"-----BEGIN CERTIFICATE REQUEST-----\nMIICizCCAXUCAQAwGDEWMBQGA1UEAwwNKi55b3Vyc2l4LmNvbTCCASIwDQYJKoZI\r\nhvcNAQEBBQADggEPADCCAQoCggEBALzGjEr2bDEhAfTigBa61iqZ62mfXSvbfxBt\r\nrtA+i56ubTJdFR2FGfAps3RCODG4jeZKrq6H/CpiVj0mNWj6ajVL0E1XCJAhlzUB\r\niHy7SyfBek8LEHlfszOjvSRugIgxutAWPoGsPG9xGc7dNKbrT4/hoaeptcwfddto\r\n+4xwOj1Sf7g/Dip0BCAlv0FKVcNeXNcdXf0VbtX1Tuqig+6Re+a3atF3Z+i+63Df\r\nrKtiZfIMdVFJP10dMNBLZzw3J2b+nCy7Q+B3XhcO35yhP+gSFwxbxXfEG0STvq4n\r\nz3CBNBIbL1f4okgCsTCs2k58xXJ1VbH7PDNy6nxLPDt39EXQFgcCAwEAAaAwMC4G\r\nCSqGSIb3DQEJDjEhMB8wHQYDVR0OBBYEFG83RRDvaMH5UKQ5T7SL2C1zNd8yMAsG\r\nCSqGSIb3DQEBCwOCAQEAdVdxdLu1nOdAZ4q3XeHP+cBeEdVbp6EXJvOiTBG6VPqb\r\nUcvuixbSOx+qFyZ51Nx8XeP9dmWAejdhHW755iISBIAI1MXCiDftviGOuCBAYhJM\r\n2J6fi6bhSEcfcOVVdD1nZWzOUu+zwyeaita3on2wZKvTC6u+Ac7YnVGVYbJq6buM\r\nujWefRJ5Lo3eO/nZr9fwVCqEKA5T1HqeDg3EVwbkkBrY1YIGL7efrd4p1tE3KFOR\r\nLQGQMVHR/Z3w/7pcUvyKxFdy/1NLrw8pg1TuvK+Uln6e80aMCYHwKN1k8Ne/4v1t\r\nIYQTJO3TfhAjT+qni21CaZC1y20gFyOHhjODMgduZw==\n-----END CERTIFICATE REQUEST-----\n\"}"
  2. You can get your API credentials at: https://secure.ssl.com/team/aef-1epq21m/api_credentials
  3. You will get a return value that looks like so. Pay attention to these parameters:
    1. "ref" – (you’ll need this in case you want to revoke the specific certificate)
    2. "certificates" – contains the complete certificate chain

Revoke a certificate order

To revoke a certificate order, use this call (note that if you have several certificates under the same order, they will ALL be revoked so it is not advisable creating more than 1 certificate per order. 

curl -k -H "Accept: application/json" -H "Content-type: application/json" -X DELETE -d "{\"account_key\":\"[REDACTED]\",\"secret_key\":\"[REDACTED]\",\"reason\":\"development test\",\"ref\":\"co-b31flhph0\"}" https://secure.sslpki.com/certificate/co-b31flhph0

 

SSL Support Team

All Posts

Related How Tos

View All How Tos
Facebook Twitter Youtube Github

Subscribe to SSL.com’s Newsletter

What is SSL/TLS?

Play Video

Subscribe To SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com and stay informed of the latest changes about digital identity and encryption that can impact and enhance your life.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.

Take Survey