Overview
-
Live SSL Certificate Lookup
SSL cert lookup API allows you to fetch live streaming Secure Sockets Layer (SSL) certificate along with its complete SSL cert chain to provide up-to-date and consistent data in JSON/XML formats.
Authorization
You can make authorized requests to our API by passing API key as a query parameter. To get your API key, login to our billing dashboard and get your API key! If your API key has been compromised, you can change it by clicking on reset button in billing dashboard.
SSL Certificate Lookup
API

Input parameters: required
apiKey Get your API key from our billing dashboard.
domainName The domainName for requested ssl data.
Input parameters: optional
chain For getting the chain of all domain ssl certificates sorted from end-user to root. Default value is "false"
SSLRaw For getting the raw openssl response of the domain. Default value is "false"
format Two formats are available JSON, XML. If you don't pass 'format' parameter, default format is JSON.
Code Snippets
curl --location --request GET 'https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true'
var request = require('request');
var options = {
'method': 'GET',
'url': 'https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true',
'headers': {
}
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});
OkHttpClient client = new OkHttpClient().newBuilder()
.build();
Request request = new Request.Builder()
.url("https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true")
.method("GET", null)
.build();
Response response = client.newCall(request).execute();
import http.client
conn = http.client.HTTPSConnection("api.whoisfreaks.com")
payload = ''
headers = {}
conn.request("GET", "/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
require "uri"
require "net/http"
url = URI("https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true")
https = Net::HTTP.new(url.host, url.port)
https.use_ssl = true
request = Net::HTTP::Get.new(url)
response = https.request(request)
puts response.read_body
var requestOptions = {
method: 'GET',
redirect: 'follow'
};
fetch("https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
var client = new RestClient("https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true");
client.Timeout = -1;
var request = new RestRequest(Method.GET);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
package main
import (
"fmt"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true"
method := "GET"
client := &http.Client {
}
req, err := http.NewRequest(method, url, nil)
if err != nil {
fmt.Println(err)
return
}
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
CURL *curl;
CURLcode res;
curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "GET");
curl_easy_setopt(curl, CURLOPT_URL, "https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true");
curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
curl_easy_setopt(curl, CURLOPT_DEFAULT_PROTOCOL, "https");
struct curl_slist *headers = NULL;
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
res = curl_easy_perform(curl);
}
curl_easy_cleanup(curl);
import Foundation
#if canImport(FoundationNetworking)
import FoundationNetworking
#endif
var semaphore = DispatchSemaphore (value: 0)
var request = URLRequest(url: URL(string: "https://api.whoisfreaks.com/v1.0/ssl/live?apiKey=API_KEY&domainName=whoisfreaks.com&chain=true&sslRaw=true")!,timeoutInterval: Double.infinity)
request.httpMethod = "GET"
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
semaphore.signal()
return
}
print(String(data: data, encoding: .utf8)!)
semaphore.signal()
}
task.resume()
semaphore.wait()
Response
Live SSL Certificate API provides response in JSON/XML formats. You can pass format as parameter to consume API in your required format. Default format is JSON. Following is the complete SSL Certificate data response format.
{
"domainName": "whoisfreaks.com",
"queryTime": "2022-11-24 06:59:05",
"sslCertificates": [
{
"chainOrder": "end-user",
"authenticationType": "domain",
"validityStartDate": "2022-09-30 05:33:58 UTC",
"validityEndDate": "2022-12-29 05:33:57 UTC",
"serialNumber": "03:ae:75:41:57:24:35:af:33:01:38:15:47:6e:4a:bf:0d:6a",
"signatureAlgorithm": "SHA256-RSA",
"subject": {
"commonName": "whoisfreaks.com"
},
"issuer": {
"commonName": "R3",
"organization": "Let's Encrypt",
"country": "US"
},
"publicKey": {
"keySize": "2048 bit",
"keyAlgorithm": "RSA",
"pemRaw": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr72X7GNcnc5ysVRebBlfO9i94nZCFihvR3anhutttebaIPcuRvHpYqeHyu9G5fP5JegZJuGVBNJzfPpcN1HO9zFEBQ1fmlwooiXX6szgS9iUlS7xCEvhQt9ipmc1z11DeGNyeQq9IchUHasdO8z+X8vX/C+88If9QBJdXQcEvxS2x11xhMlR/T8hYKrrThngOhUAy+vMpK0hFvr602lYHgS7kfZm3NHCL18a1LFcGq/jBGoS7jqrSGC1biLNKsW23OvVeMl2y6orFu9Y3GVkbHxtPtLz3P584HK8Z/yAcVAfhoS2rctfcLjmQZisZyqembsGEYPDchBQ9aw2JPd2LwIDAQAB\n-----END PUBLIC KEY-----\n"
},
"extensions": {
"authorityKeyIdentifier": "14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6",
"subjectKeyIdentifier": "80:3A:A3:17:87:E3:3C:EE:F4:FB:9E:A4:39:B0:99:29:24:BE:CD:F6",
"keyUsages": [
"Digital Signature",
"Key Encipherment"
],
"extendedKeyUsages": [
"TLS Web Server Authentication",
"TLS Web Client Authentication"
],
"authorityInfoAccess": {
"issuers": [
"http://r3.i.lencr.org/"
],
"ocsp": [
"http://r3.o.lencr.org"
]
},
"subjectAlternativeNames": {
"dnsNames": [
"whoisfreaks.com",
"billing.whoisfreaks.com"
]
},
"certificatePolicies": [
{
"policyId": "2.23.140.1.2.1"
},
{
"policyId": "1.3.6.1.4.1.44947.1.1.1",
"policyQualifier": {
"oid": "1.3.6.1.5.5.7.2.1",
"cpsUri": "http://cps.letsencrypt.org"
}
}
]
},
"pemRaw": "-----BEGIN CERTIFICATE-----\nMIIFPTCCBCWgAwIBAgISA651QVckNa8zATgVR25Kvw1qMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMjA5MzAwNTMzNThaFw0yMjEyMjkwNTMzNTdaMBoxGDAWBgNVBAMTD3dob2lzZnJlYWtzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK+9l+xjXJ3OcrFUXmwZXzvYveJ2QhYob0d2p4brbbXm2iD3Lkbx6WKnh8rvRuXz+SXoGSbhlQTSc3z6XDdRzvcxRAUNX5pcKKIl1+rM4EvYlJUu8QhL4ULfYqZnNc9dQ3hjcnkKvSHIVB2rHTvM/l/L1/wvvPCH/UASXV0HBL8UtsddcYTJUf0/IWCq604Z4DoVAMvrzKStIRb6+tNpWB4Eu5H2ZtzRwi9fGtSxXBqv4wRqEu46q0hgtW4izSrFttzr1XjJdsuqKxbvWNxlZGx8bT7S89z+fOByvGf8gHFQH4aEtq3LX3C45kGYrGcqnpm7BhGDw3IQUPWsNiT3di8CAwEAAaOCAmMwggJfMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUgDqjF4fjPO70+56kObCZKSS+zfYwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wMwYDVR0RBCwwKoIXYmlsbGluZy53aG9pc2ZyZWFrcy5jb22CD3dob2lzZnJlYWtzLmNvbTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AEHIyrHfIkZKEMahOglCh15OMYsbA+vrS8do8JBilgb2AAABg40aDsEAAAQDAEcwRQIhAIXlo4U/tO48FBOZ+HDGPDTIqO6OQq9o5JRWQ1qiZ6XRAiAeg1bETWNZjPkKNoSaTpusGr72Q1WzM5CpmPch6yOhuQB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw/m1HAAABg40aDvAAAAQDAEcwRQIhANW/qmnuZqzhCvsaRIDGpqo9MN+HVf6vnUWVjgR6cmzDAiADE7M0/ZfyWnF5DmD08sxSs7Ygz4pO5WJ74Xp81r38QDANBgkqhkiG9w0BAQsFAAOCAQEAO6U+zUW+8mDyZlXA0W0gkrSIX8Hv+1FgY+FYsk4/rTu+nj6bEEEPm7PfMVcmkaNfGEBZaupuNy/Qwnv/Om7rhrOCz1BXok2gB539mRqdDWQRViKxb48srVY/HzLr1YE6l38gdJ2rdUgP7UmoxbwWyZ3sivi0o407wKUFAEHK/QQLt6zKIyWqwk3MiPjRqtaei0tLqmUCUOucBkCW83jHGmLnR4TjkIkdZlSPwSome/h8//6N8sJw2DtHVXfMxOgDa+dP5uMSGPugCnziJ5Uz7KT0PbaKp2hfVA0GK0+VQUT/Wlmciq9LnUF1cFVNdskptscjUGWr9tf8Fk7KPX05zw==\n-----END CERTIFICATE-----\n"
}
]
}
HTTP Error Codes
Below mentioned possible type of error and desc.
Credits Usage API
You need credits in order to use Whoisfreaks API. Live SSL Certificate Lookup service will charge 1 credit per successfull query for a domain without chaining. With chaining enabled, 1 credit will be charge for every 2 certificates in the response. You can fetch credits usage and remaining credits information through an API with a time lag of 8 minutes.

Input parameters: required
apiKey Get your API key from our billing dashboard.
Input parameters: optional
format Two formats are available JSON, XML. If you don't pass 'format' parameter, default format is JSON.
Response
You can get API key from our billing dashboard.
{
"apiKey": "API_KEY",
"apiCredits": {
"totalCredits": 1020079,
"servedRequest": 1533
},
"apiSubscription": {
"subscriptionStatus": "deactivated",
"requestLimit": 0,
"servedRequests": 18,
"surchargeRequestLimit": 0,
"servedSurchargeRequests": 0
}
}
FAQs
What is the SSL certificate?
SSL (Secure Sockets Layer) is a cryptographic protocol that ensures data transferred between the web browser and the web server remains private. It also prevents cybercriminals from reading and modifying any transaction done between them such as the transmission of sensitive information like credit card while doing online shopping.
What is meant by SSL Certificate Chain?
The SSL chain is a list of certificates used to authenticate an end-user. The path, begins with the certificate of that end-user and each cert in the chain is signed by the entity identified by the next cert in the chain. The chain ends with a root CA cert. The signatures of all certs in the chain must be verified until the root CA certificate is reached.
Which TLDs are supported by your system?
All available TLDs are supported by SSL certificate lookup API.
Do you have notification service when API credits are near to an end?
Yes, we will inform you via an email. We send notification email on 80%,90%,100% usage. You can get credits/ subscription usage information from our billing portal or through API.
What happened if API credits have been utilized and my system is using whois API?
We provide surcharge requests on all active API credits subscriptions. You can fetch credits and surcharge requests information through our API. Each subscription plan has different surcharge requests limit.
Do you charge credit on 4xx error status codes in response?
No, We do not charge credits on 4xx status codes in response. All Whois APIs follow same rule for 4xx status codes in response.