Looking for paid SSL certificates with OV/EV/Wildcard options? Visit My-SSL.com →

REST API Documentation

Automate SSL certificate management with the My-SSL Free API.

Authentication

All API requests require a Bearer token in the Authorization header. Find your API key in your Profile.

Authorization: Bearer YOUR_API_KEY

Base URL

https://free.my-ssl.com/api/v1
GET /api/v1/profile Get profile

Returns the authenticated user's profile and quota.

Response:

{"id":1,"email":"you@example.com","name":"Alice","ssl_limit":10,"ssl_used":3,"api_key":"..."}
GET /api/v1/certificates List certificates

Returns all domains and their certificate status for the authenticated user.

Response:

[{"id":5,"domain":"example.com","status":"active","cert_type":"single","validation_method":"http-01","expires_at":"2025-07-18","issued_at":"2025-04-19"}]
POST /api/v1/certificates Request certificate

Start a new certificate order. Returns challenge information to complete domain ownership verification.

validation_method: "http-01" (default) or "dns-01" (requires Cloudflare credentials in your profile). For wildcard certs (*.example.com) dns-01 is required.

Request body (JSON):

{"domain":"example.com","validation_method":"http-01"}

Response:

{"domain_id":5,"status":"pending","challenge_type":"http-01","challenge_token":"abc123","challenge_value":"abc123.keyauth","challenge_url":"http://example.com/.well-known/acme-challenge/abc123"}
GET /api/v1/certificates/{id} Get certificate

Returns details for a specific domain ID.

Response:

{"id":5,"domain":"example.com","status":"active","expires_at":"2025-07-18","cert_id":12}
POST /api/v1/certificates/{id}/verify Trigger verification

Notify Let's Encrypt that the challenge is ready and enqueue finalization. Call this after placing the challenge file or DNS record.

Response:

{"success":true,"status":"verifying","message":"Verification enqueued. Poll GET /certificates/{id} for status updates."}
POST /api/v1/certificates/{id}/reset Reset certificate

Wipes the current ACME order and starts a fresh one. Returns new challenge data. Use when a certificate is stuck in "failed" status.

Response:

{"success":true,"domain_id":5,"challenge_token":"xyz789","challenge_value":"xyz789.keyauth"}
GET /api/v1/certificates/{id}/download Download certificate

Download certificate files. Use the type query parameter to select which file to download.

type: "fullchain" (default), "certificate", "private_key", "ca_bundle". Returns the file as a download. Only available when status is "active".

Response:

(binary file download)
DELETE /api/v1/certificates/{id} Delete certificate

Permanently removes the domain and all associated certificate data.

Response:

{"success":true}

Certificate Status Values

StatusMeaning
pendingOrder created. Challenge file or DNS record must be placed, then call /verify.
verifyingVerification submitted. Let's Encrypt is validating; poll every 5–10 s.
activeCertificate issued and ready to download.
failedValidation failed. Use /reset to start a new order.
expiredCertificate has passed its expiry date. Renew via /reset.
revokedCertificate was revoked by an administrator.

Rate Limits

Certificate requests are rate-limited per account. Exceeding limits returns HTTP 429. Current defaults: 5 per hour, 20 per day. Let's Encrypt also enforces their own rate limits.

Create a free account to get your API key, or sign in if you already have one.
← Home Dashboard