Request

Endpoint: CollectCCC

https://secure.trust-provider.com/products/download/CollectCCC

Use the POST method for this endpoint.

Submit parameters in the x-www-form-urlencoded format.

Request parameters

The following table displays the required, optional, and conditional parameters.

Parameter Requirement Type Max.Length Description

loginName

required

string

64 chars

Your account username.

This value is case sensitive.

loginPassword

required

string

128 chars

Your account password.

This value is case sensitive.

orderNumber

required

integer

The order number previously returned to your account (for example, from the AutoApplySSL call).

collectionCode

optional

string

16 chars

The collection code provided in the collection email.

If specified, omit loginName, loginPassword and orderNumber.

If specified, CollectCCC may be called over HTTP (instead of HTTPS).

queryType

required

integer

Specifies the type of the query.

The possible values are:

  • 0 — Return the status only.

  • 1 — Return the status and the certificate data and intermediates/roots if ready for collection.

  • 2 — Return the status and the certificate only (no intermediates/roots) (crt).

  • 3 — Return status and intermediates/roots only (cabundle).

responseType

optional

integer

Specifies the format of the returned certificate data.

The possible values are:

  • 1 — Netscape Certificate Sequence (queryType must be 1).

  • 2 — PKCS7 (queryType must be 1).

  • 3 — Individually encoded.

  • 4 — CMMF (queryType must be 1).

responseEncoding

optional

integer

Specifies the encoding of the returned certificate data.

The possible values are:

  • 0 — BASE64-encoded.

  • 1 — Binary encoded (queryType must be 1; responseType must be 0 or 2).

  • 2 — Javascript variable declarations (g_ccc contains the BASE64 structure requested by responseType; g_errorCode contains the status code; g_errorMessage contains an error message).

For more information, see Error codes.

callbackFunctionName

optional

string

64 chars

The name of a Javascript function that should be called straight after the variable declarations (when responseEncoding=2).

responseMimeType

optional

string

255 chars

For responseEncoding=2, the default value (if this parameter is omitted) is text/javascript. Otherwise, it is text/plain.

Any MIME type can be used (for example application/x-x509-user-cert).

showValidityPeriod

optional

char

1 char

Specifies the validity period of the certificate.

The possible values are:

  • Y

  • N

If omitted, the value defaults to N.

Sample request

curl --location 'https://secure.trust-provider.com/products/download/CollectCCC' \
--data-urlencode 'loginName=login_name' \
--data-urlencode 'loginPassword=login_password' \
--data-urlencode 'orderNumber=order_number' \
--data-urlencode 'queryType=01' \
--data-urlencode 'responseType=3' \
--data-urlencode 'responseEncoding=0'

Response

The request is successful when the server returns a response with the status code greater than or equal to 0:

  • 2 — Certificates Attached.

  • 1 — Certificates Available.

  • 0 — Being processed by Sectigo.

Any status code less than 0 indicates an error condition.

The list of codes and their descriptions can be found in Error codes.

If the status code < 0, the second line is a textual representation of an error message.

If the status code > 0 and showValidityPeriod=Y, the second line is the certificate validity period in the format DD/MM/YYYY DD/MM/YYYY with a space between the dates.

14/05/2013 13/05/2014

Certificates issued by Sectigo always have a 'not before' time of 00:00:00 GMT and a 'not after' time of 23:59:59 GMT.

If the status code = 2, the response contains the encoded certificate(s):

----- BEGIN CERTIFICATE -----
Encoded Root Certificate
----- END CERTIFICATE -----
----- BEGIN CERTIFICATE -----
Encoded Intermediate Certificate
----- END CERTIFICATE -----
----- BEGIN CERTIFICATE -----
Encoded End Entity Certificate
---- END CERTIFICATE -----

If responseEncoding=2, the output will be Javascript variable declarations plus. The function call to a callback function is optional.

If responseEncoding=1, the certificate(s) are available and no error occurs, the output will consist simply of the requested binary structure.

If responseEncoding=0, the output will be formatted like:

  • If the status code is greater than 0, the output will be displayed as the value of responseMimeType (or text/plain).

  • If the status code is less than or equal to 0, the output will be displayed as text/plain.

Sample success response

1
Certificates Available

Sample error response

{'errorCode': -16, 'errorMessage': "Incorrect login details, account is locked, password has expired or your source IP is blocked."}

Error codes

The following table outlines error responses returned by the CollectCCC API endpoint. Each error response consists of an errorCode and an errorMessage indicating why the request failed.

Error Code Error message Description

-1

Request was not made over https!

The request must use HTTPS protocol.

-2

Unrecognised argument!

The provided argument is not recognized.

-3

The 'xxxx' argument is missing!

The required argument is missing from the request.

-4

The value of the xxxx' argument is invalid!

The argument value does not meet validation requirements.

-14

An unknown error occurred!

An unknown error occurred.

-16

Incorrect login details, account is locked, password has expired or your source IP is blocked.

Authentication has failed due to one of the specified reasons.

Verify your login credentials or check account restrictions.

-17

Request used GET rather than POST!

The request method should be POST.

-20

The certificate request has been rejected!

The requested certificate is in the rejected state.

-21

The certificate has been revoked!

The requested certificate is in the revoked state.

-22

Still awaiting payment!

The payment for the order is still pending.

-91

Permission denied! 'xxxx'

The user doesn’t have the permission to perform the specified action.