dropdown

Overview

  • Live SSL Certificate Lookup
    SSL cert lookup API allows you to fetch live streaming Secure Sockets Layer (SSL) certificate along with its complete SSL cert chain to provide up-to-date and consistent data in JSON/XML formats.

Authorization

You can make authorized requests to our API by passing API key as a query parameter. To get your API key, login to our billing dashboard and get your API key! If your API key has been compromised, you can change it by clicking on reset button in billing dashboard.


SSL Certificate Lookup

API

GET https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=google.com&chain=true&sslRaw=true
Copied


Input parameters: required

apiKey Get your API key from our billing dashboard.

domainName The domainName for requested ssl data.

Input parameters: optional

chain For getting the chain of all domain ssl certificates sorted from end-user to root. Default value is "false"

SSLRaw For getting the raw openssl response of the domain. Default value is "false"

format Two formats are available JSON, XML. If you don't pass 'format' parameter, default format is JSON.


Code Snippets


curl --location --request GET 'https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true'



var request = require('request');
var options = {
  'method': 'GET',
  'url': 'https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true',
  'headers': {
  }
};
request(options, function (error, response) {
  if (error) throw new Error(error);
  console.log(response.body);
});





OkHttpClient client = new OkHttpClient().newBuilder()
  .build();
Request request = new Request.Builder()
  .url("https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true")
  .method("GET", null)
  .build();
Response response = client.newCall(request).execute();




import http.client

conn = http.client.HTTPSConnection("api.whoisfreaks.com")
payload = ''
headers = {}

conn.request("GET", "/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))




<?php

$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => 'https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true',
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'GET',
));

$response = curl_exec($curl);

curl_close($curl);
echo $response;





require "uri"
require "net/http"

url = URI("https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true")

https = Net::HTTP.new(url.host, url.port)
https.use_ssl = true

request = Net::HTTP::Get.new(url)

response = https.request(request)
puts response.read_body





var requestOptions = {
  method: 'GET',
  redirect: 'follow'
};

fetch("https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true", requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));




var client = new RestClient("https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true");
client.Timeout = -1;
var request = new RestRequest(Method.GET);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);




package main

import (
  "fmt"
  "net/http"
  "io/ioutil"
)

func main() {

  url := "https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true"
  method := "GET"

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, nil)

  if err != nil {
    fmt.Println(err)
    return
  }
  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := ioutil.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}




CURL *curl;
CURLcode res;
curl = curl_easy_init();
if(curl) {
  curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "GET");
  curl_easy_setopt(curl, CURLOPT_URL, "https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true");
  curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
  curl_easy_setopt(curl, CURLOPT_DEFAULT_PROTOCOL, "https");
  struct curl_slist *headers = NULL;
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
  res = curl_easy_perform(curl);
}
curl_easy_cleanup(curl);





import Foundation
#if canImport(FoundationNetworking)
import FoundationNetworking
#endif

var semaphore = DispatchSemaphore (value: 0)

var request = URLRequest(url: URL(string: "https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true")!,timeoutInterval: Double.infinity)
request.httpMethod = "GET"

let task = URLSession.shared.dataTask(with: request) { data, response, error in
  guard let data = data else {
    print(String(describing: error))
    semaphore.signal()
    return
  }
  print(String(data: data, encoding: .utf8)!)
  semaphore.signal()
}

task.resume()
semaphore.wait()




Response

Live SSL Certificate API provides response in JSON/XML formats. You can pass format as parameter to consume API in your required format. Default format is JSON. Following is the complete SSL Certificate data response format.


{
    "domainName": "whoisfreaks.com",
    "queryTime": "2022-11-24 06:59:05",
    "sslCertificates": [
        {
            "chainOrder": "end-user",
            "authenticationType": "domain",
            "validityStartDate": "2022-09-30 05:33:58 UTC",
            "validityEndDate": "2022-12-29 05:33:57 UTC",
            "serialNumber": "03:ae:75:41:57:24:35:af:33:01:38:15:47:6e:4a:bf:0d:6a",
            "signatureAlgorithm": "SHA256-RSA",
            "subject": {
                "commonName": "whoisfreaks.com"
            },
            "issuer": {
                "commonName": "R3",
                "organization": "Let's Encrypt",
                "country": "US"
            },
            "publicKey": {
                "keySize": "2048 bit",
                "keyAlgorithm": "RSA",
                "pemRaw": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr72X7GNcnc5ysVRebBlfO9i94nZCFihvR3anhutttebaIPcuRvHpYqeHyu9G5fP5JegZJuGVBNJzfPpcN1HO9zFEBQ1fmlwooiXX6szgS9iUlS7xCEvhQt9ipmc1z11DeGNyeQq9IchUHasdO8z+X8vX/C+88If9QBJdXQcEvxS2x11xhMlR/T8hYKrrThngOhUAy+vMpK0hFvr602lYHgS7kfZm3NHCL18a1LFcGq/jBGoS7jqrSGC1biLNKsW23OvVeMl2y6orFu9Y3GVkbHxtPtLz3P584HK8Z/yAcVAfhoS2rctfcLjmQZisZyqembsGEYPDchBQ9aw2JPd2LwIDAQAB\n-----END PUBLIC KEY-----\n"
            },
            "extensions": {
                "authorityKeyIdentifier": "14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6",
                "subjectKeyIdentifier": "80:3A:A3:17:87:E3:3C:EE:F4:FB:9E:A4:39:B0:99:29:24:BE:CD:F6",
                "keyUsages": [
                    "Digital Signature",
                    "Key Encipherment"
                ],
                "extendedKeyUsages": [
                    "TLS Web Server Authentication",
                    "TLS Web Client Authentication"
                ],
                "authorityInfoAccess": {
                    "issuers": [
                        "http://r3.i.lencr.org/"
                    ],
                    "ocsp": [
                        "http://r3.o.lencr.org"
                    ]
                },
                "subjectAlternativeNames": {
                    "dnsNames": [
                        "whoisfreaks.com",
                        "billing.whoisfreaks.com"
                    ]
                },
                "certificatePolicies": [
                    {
                        "policyId": "2.23.140.1.2.1"
                    },
                    {
                        "policyId": "1.3.6.1.4.1.44947.1.1.1",
                        "policyQualifier": {
                            "oid": "1.3.6.1.5.5.7.2.1",
                            "cpsUri": "http://cps.letsencrypt.org"
                        }
                    }
                ]
            },
            "pemRaw": "-----BEGIN CERTIFICATE-----\nMIIFPTCCBCWgAwIBAgISA651QVckNa8zATgVR25Kvw1qMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMjA5MzAwNTMzNThaFw0yMjEyMjkwNTMzNTdaMBoxGDAWBgNVBAMTD3dob2lzZnJlYWtzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK+9l+xjXJ3OcrFUXmwZXzvYveJ2QhYob0d2p4brbbXm2iD3Lkbx6WKnh8rvRuXz+SXoGSbhlQTSc3z6XDdRzvcxRAUNX5pcKKIl1+rM4EvYlJUu8QhL4ULfYqZnNc9dQ3hjcnkKvSHIVB2rHTvM/l/L1/wvvPCH/UASXV0HBL8UtsddcYTJUf0/IWCq604Z4DoVAMvrzKStIRb6+tNpWB4Eu5H2ZtzRwi9fGtSxXBqv4wRqEu46q0hgtW4izSrFttzr1XjJdsuqKxbvWNxlZGx8bT7S89z+fOByvGf8gHFQH4aEtq3LX3C45kGYrGcqnpm7BhGDw3IQUPWsNiT3di8CAwEAAaOCAmMwggJfMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUgDqjF4fjPO70+56kObCZKSS+zfYwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wMwYDVR0RBCwwKoIXYmlsbGluZy53aG9pc2ZyZWFrcy5jb22CD3dob2lzZnJlYWtzLmNvbTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AEHIyrHfIkZKEMahOglCh15OMYsbA+vrS8do8JBilgb2AAABg40aDsEAAAQDAEcwRQIhAIXlo4U/tO48FBOZ+HDGPDTIqO6OQq9o5JRWQ1qiZ6XRAiAeg1bETWNZjPkKNoSaTpusGr72Q1WzM5CpmPch6yOhuQB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw/m1HAAABg40aDvAAAAQDAEcwRQIhANW/qmnuZqzhCvsaRIDGpqo9MN+HVf6vnUWVjgR6cmzDAiADE7M0/ZfyWnF5DmD08sxSs7Ygz4pO5WJ74Xp81r38QDANBgkqhkiG9w0BAQsFAAOCAQEAO6U+zUW+8mDyZlXA0W0gkrSIX8Hv+1FgY+FYsk4/rTu+nj6bEEEPm7PfMVcmkaNfGEBZaupuNy/Qwnv/Om7rhrOCz1BXok2gB539mRqdDWQRViKxb48srVY/HzLr1YE6l38gdJ2rdUgP7UmoxbwWyZ3sivi0o407wKUFAEHK/QQLt6zKIyWqwk3MiPjRqtaei0tLqmUCUOucBkCW83jHGmLnR4TjkIkdZlSPwSome/h8//6N8sJw2DtHVXfMxOgDa+dP5uMSGPugCnziJ5Uz7KT0PbaKp2hfVA0GK0+VQUT/Wlmciq9LnUF1cFVNdskptscjUGWr9tf8Fk7KPX05zw==\n-----END CERTIFICATE-----\n"
        }
    ]
}

            


HTTP Error Codes

Below mentioned possible type of error and desc.

HTTP Code
Error Message
404 No Ssl Certificate exists for this Domain 400 Please pass domain param correct value[For Technical Support: support@whoisfreaks.com] 401 Provided API key is invalid. [For Technical Support: support@whoisfreaks.com] 401 Provided API key is inactive. [For Technical Support: support@whoisfreaks.com] 401 Please buy subscription plan or add api credits then use this api key. [For Technical Support: support@whoisfreaks.com] 413 You have exceeded the limit of api credits requests [allowed_request_no].Please upgrade your plan [For Technical Support: support@whoisfreaks.com] 412 You have exceeded the limit of api plan requests and your subscription canceled.Please contact our technical support team: support@whoisfreaks.com] 413 You have exceeded the limit of Surcharge Requests [allowed_surcharge_request_no]. Please upgrade your plan [For Technical Support: support@whoisfreaks.com] 401 Your subscription is deactivated.Please buy new plan or add api credits for using whoisfreaks api's [For Technical Support: support@whoisfreaks.com] 401 Your subscription is deactivated due to many time payment failure.Please buy new plan or add api credits for using whoisfreaks api's 401 Your account is deactivated.[For Technical Support: support@whoisfreaks.com]

Credits Usage API

You need credits in order to use Whoisfreaks API. Live SSL Certificate Lookup service will charge 1 credit per successfull query for a domain without chaining. With chaining enabled, 1 credit will be charge for every 2 certificates in the response. You can fetch credits usage and remaining credits information through an API with a time lag of 8 minutes.

GET https://api.whoisfreaks.com/v1.0/whoisapi/usage?apiKey=API_KEY
Copied

Input parameters: required

apiKey Get your API key from our billing dashboard.

Input parameters: optional

format Two formats are available JSON, XML. If you don't pass 'format' parameter, default format is JSON.


Response

You can get API key from our billing dashboard.

                    
{
    "apiKey": "API_KEY",
    "apiCredits": {
        "totalCredits": 1020079,
        "servedRequest": 1533
    },
    "apiSubscription": {
        "subscriptionStatus": "deactivated",
        "requestLimit": 0,
        "servedRequests": 18,
        "surchargeRequestLimit": 0,
        "servedSurchargeRequests": 0
    }
}
                    
            

FAQs

What is the SSL certificate?

SSL (Secure Sockets Layer) is a cryptographic protocol that ensures data transferred between the web browser and the web server remains private. It also prevents cybercriminals from reading and modifying any transaction done between them such as the transmission of sensitive information like credit card while doing online shopping.



What is meant by SSL Certificate Chain?

The SSL chain is a list of certificates used to authenticate an end-user. The path, begins with the certificate of that end-user and each cert in the chain is signed by the entity identified by the next cert in the chain. The chain ends with a root CA cert. The signatures of all certs in the chain must be verified until the root CA certificate is reached.



Which TLDs are supported by your system?

All available TLDs are supported by SSL certificate lookup API.



Do you have notification service when API credits are near to an end?

Yes, we will inform you via an email. We send notification email on 80%,90%,100% usage. You can get credits/ subscription usage information from our billing portal or through API.



What happened if API credits have been utilized and my system is using whois API?

We provide surcharge requests on all active API credits subscriptions. You can fetch credits and surcharge requests information through our API. Each subscription plan has different surcharge requests limit.



Do you charge credit on 4xx error status codes in response?

No, We do not charge credits on 4xx status codes in response. All Whois APIs follow same rule for 4xx status codes in response.