The Live SSL Lookup API retrieves the real‑time SSL certificate of a domain and, when the chain parameter is set to true, also returns the complete certificate chain. Additionally, you can obtain the raw OpenSSL response by setting the sslRaw parameter to true.
Authorization
You can make authorized requests to our API by passing API key as a query parameter. To get your API key, login to our billing dashboard and get your API key! If your API key has been compromised, you can change it by clicking on reset button in billing dashboard.
Important References
- For details on request limits and handling rate limiting, refer here
- For a complete overview of API credit consumption and usage, refer here
Optional
- chain
For getting the chain of all domain ssl certificates sorted from end-user to root. Default value is "false"
- sslRaw
For getting the raw openssl response of the domain. Default value is "false"
- format
Two formats are available JSON, XML. If you don't specify the 'format' parameter, the default format will be JSON.
Fields Description
domainName
Domain name for which SSL certificate data is returned
whoisfreaks.com
queryTime
Timestamp when the SSL certificate query was executed
2024-10-04 07:17:04
sslCertificates
List of SSL certificates in the certificate chain
chainOrder
Position of certificate in the chain (root, intermediate, end-user)
end-user
authenticationType
Type of certificate authentication
domain
validityStartDate
Certificate validity start date
2024-09-7 23:03:18 UTC
validityEndDate
Certificate expiry date
2024-12-6 23:03:17 UTC
serialNumber
Unique serial number of the certificate
04:8e:90:ab:b3:ec:32:10:1e:de:83:4a:e8:9c:3c:e7:1e:a7
signatureAlgorithm
Algorithm used to sign the certificate
ECDSA-SHA2384
subject
Certificate subject details
commonName
Common name of the subject
whoisfreaks.com
issuer
Certificate issuer details
commonName
Issuer common name
E6
organization
Issuer organization
Let's Encrypt
country
Issuer country
US
publicKey
Public key information of the certificate
keySize
Size of the public key
256 bit
keyAlgorithm
Algorithm of the public key
ECDSA
extensions
X.509 certificate extensions
authorityKeyIdentifier
Identifier of the issuing authority key
93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2
subjectKeyIdentifier
Identifier of the subject key
95:B1:F8:43:43:1B:A9:D9:A0:73:E6:F7:BF:FB:34:D8:DE:69:CC:39
keyUsages
Allowed key usage purposes
Digital Signature
extendedKeyUsages
Extended key usage purposes
TLS Web Server Authentication
authorityInfoAccess
Information access points for issuer and OCSP
issuers
Issuer URL(s) for certificate chain
http://e6.i.lencr.org/
ocsp
OCSP responder URLs
http://e6.o.lencr.org
subjectAlternativeNames
Alternative domain names covered by certificate
dnsNames
List of DNS names covered by certificate
www.whoisfreaks.com
certificatePolicies
Certificate policy identifiers
policyId: 2.23.140.1.2.1
