Comprehensive Chain

It provides complete SSL certificate chains for thorough validation, ensuring certificates in the chain are valid, enhancing overall security. It helps maintain a secure connection by verifying the authenticity of each certificate in the chain.

SSL Expiry Monitoring

Monitor SSL certificate expiration dates effortlessly to ensure continuous website security. It enables you to track a domain's certificate expiration date, ensuring prompt renewal and avoiding potential downtime or security risks.


We parse SSL data thoroughly to give details in JSON/ XML format. This API provides details about the server including, common name and certificate issuer.

Supported formats

We support SSL lookup data retrieval in JSON and XML formats, offering flexibility and compatibility with various applications. This allows you to efficiently analyze and manage SSL certificate information across your systems.

Common Use Cases

Certificate Chain Monitoring View the SSL certificates in your organization that are about to expire or already expired. Monitor unauthorized changes in SSL cert chain as they may point domain takeover.
Trust Badge This API allows you to know which domains are trustworthy and which are not in the chain. In this way, you can check that any domain listed has a valid SSL certificate from a trusted root certificate authority.
3rd party and typosquatting attacks To avoid being impersonated, it is important to check the SSL certificate validation type. This will help you identify self-signed certificates often used in man-in-the-middle and typosquatting attacks.
Data Enrichment SSL certificate chain Lookup data can ease you security enrichment efforts which could help you to reveal potential inconsistencies that may translate to exploitable vulnerabilities in SSL cert chain.
SSL Documentation


You can make authorized requests to our API by passing API key as a query parameter. To get your API key, login to our billing dashboard and get your API key! If your API key has been compromised, you can change it by clicking on reset button in billing dashboard.


Query Parameters

  • Required
    apiKeyGet your API key from our billing dashboard.
    domainNameThe domainName for requested ssl data.
  • Optional
    chainFor getting the chain of all domain ssl certificates sorted from end-user to root. Default value is "false"
    sslRawFor getting the raw openssl response of the domain. Default value is "false"
    formatTwo formats are available JSON, XML. If you don't specify the 'format' parameter, the default format will be JSON.

200 OK
400 Invalid domain name parameters.
401 Provided API key is invalid.
401 Provided API key is inactive.
401 Please buy a subscription plan or add api credits.
401 Your subscription is deactivated.
401 Repeated payment failures.
401 Your account is deactivated.
403 Unavailable domain extension.
404 No Ssl Certificate.
412 Exceeded the limit of api plan requests.
413 Exceeded the limit of api credits requests.
413 Exceeded the limit of surcharge requests.
429 Maximum request limit reached.
500 Internal Server error.
503 Service is unavailable.
504 Request is timed-out.

Shell Node.js Java Python PHP Ruby JS C# Go C Swift
200 400 401 404 412 413 429 500 503 504

Credit Usage API

You need credits in order to use DNS API. DNS Lookup service will charge 1 credit per successfull query for a domain. Historical DNS service will charge 2 credits per page. Reverse DNS service will charge 5 credits per page. Surcharge requests are only allowed to credits subscribers. You can fetch credits usage and remaining credits information through an API.



What is the SSL certificate?

SSL (Secure Sockets Layer) is a cryptographic protocol that ensures data transferred between the web browser and the web server remains private. It also prevents cybercriminals from reading and modifying any transaction done between them such as the transmission of sensitive information like credit card while doing online shopping.

What is meant by SSL Certificate Chain?

The SSL chain is a list of certificates used to authenticate an end-user. The path, begins with the certificate of that end-user and each cert in the chain is signed by the entity identified by the next cert in the chain. The chain ends with a root CA cert. The signatures of all certs in the chain must be verified until the root CA certificate is reached.

Which TLDs are supported by your system?

All available TLDs are supported by SSL certificate lookup API.

Do you have notification service when API credits are near to an end?

Yes, we will inform you via an email. We send notification email on 80%,90%,100% usage. You can get credits/ subscription usage information from our billing portal or through API.

What happened if API credits have been utilized and my system is using whois API?

We provide surcharge requests on all active API credits subscriptions. You can fetch credits and surcharge requests information through our API. Each subscription plan has different surcharge requests limit.

Do you charge credit on 4xx error status codes in response?

No, We do not charge credits on 4xx status codes in response. All Whois APIs follow same rule for 4xx status codes in response.

What is the number of free API credits available for new users, and are these credits rate-limited?

We will provide 500 API credits to new users and yes, those credits have a rate-limiting of 10 requests per minute for Live APIs, 5 requests per minute for Bulk Domain Lookup, and 1 request per minute for Reverse/Historical Endpoints.

What is meant by Live Lookup endpoint and how much data latency does it offer?

Our Live Lookup API offers real-time access to various endpoints, including domain whois, SSL and DNS data. By directly connecting to authoritative sources, this API ensures that you receive the most current and up-to-date information, eliminating data latency.

Do you have rate limiting on number of requests being made on your paid plans?

Yes, we have rate limiting on requests being made on all of our paid plans. The requests limit is shown in the following table.

The Table is divided into three types of plans:

1) API Credits

Credits Live-rpm Bulk-rpm Historical/Reverse-rpm
5000 20 8 3
15000 35 12 5
50000 80 20 10
150000 120 25 15
450000 150 35 20
1000000 200 50 25
3000000 300 70 35

2) API Subscription

Credits Live-rpm Bulk-rpm Historical/Reverse-rpm
5000 20 8 3
15000 35 12 5
50000 80 20 10
150000 120 25 15
450000 150 35 20
1000000 200 50 25
3000000 300 70 35
  • Live-rpm: API requests per minute limit for live Whois lookup API, domain availability API, SSL certificate lookup API, and DNS lookup API endpoints.
  • Bulk-rpm: API requests per minute limit for bulk domain Whois lookup API endpoint.
  • Historical/Reverse-rpm: API requests per minute limit for historical, and reverse Whois API endpoints.

In case, the request per minute exceeds, it'll throw an error with HTTP error code of 429.

Do you provide any headers in API response regarding rate limiting?

Yes, there are following three header parameters in the response:

  • X-RateLimit-Allowed-Requests: Tells the max allowed API requests per minute on a specific plan.
  • X-RateLimit-Remaining-Requests: Tells the remaining API requests per minute for that plan.
  • X-RateLimit-Remaining-Time: Tells after how much time the API requests per minute will be reset.