Help Center/ Cloud Certificate & Manager/ API Reference/ API/ Managing SSL Certificates/ Certificate Lifecycle Management/ Querying the Certificate List
Updated on 2025-11-28 GMT+08:00
View PDF

Querying the Certificate List

Function

This API is used to query the certificate list by certificate name or bound domain name.

Debugging

You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions. For details about the required permissions, see Permissions Policies and Supported Actions.

URI

GET /v3/scm/certificates

Table 1 Query Parameters

Parameter

Mandatory

Type

Description

limit

No

Integer

Number of certificate records on each page. The options are as follows:

  • 10: 10 certificate records can be displayed on each page.

  • 20: 20 certificate records can be displayed on each page.

  • 50: 50 certificate records can be displayed on each page.

Minimum: 10

Maximum: 50

Default: 10

offset

No

Integer

Query offset.

Minimum: 0

Maximum: 100

Default: 0

sort_dir

No

String

Sorting order. The returned certificates are listed by parameter sort_key. The options are as follows:

  • ASC: ascending order

  • DESC: descending order

Default: DESC

Minimum: 0

Maximum: 32

sort_key

No

String

Sorting criteria. The options are as follows:

  • certExpiredTime: Certificate expiration time.

  • certStatus: certificate status

  • certUpdateTime: Certificate update time.

Default: certUpdateTime

Minimum: 0

Maximum: 64

status

No

String

Certificate status. The options are as follows:

-ALL: All certificate statuses.

  • PAID: The certificate has been paid and needs to be applied for from the CA.

  • ISSUED: The certificate has been issued.

  • CHECKING: The certificate application is being reviewed.

  • CANCELCHECKING: The certificate application cancellation is being reviewed.

  • UNPASSED: The certificate application fails.

  • EXPIRED: The certificate has expired.

  • REVOKING: The certificate revocation application is being reviewed.

  • REVOKED: The certificate has been revoked.

  • UPLOAD: The certificate is being managed.

  • CHECKING_ORG: The organization verification is to be completed.

  • ISSUING: The certificate is to be issued.

  • SUPPLEMENTCHECKING: Additional domain names to be added for a multi-domain certificate are being reviewed.

Default: ALL

Minimum: 0

Maximum: 64

enterprise_project_id

No

String

Enterprise project ID. If the enterprise project function is not enabled, you do not need to set this parameter. If the enterprise project function is enabled, you can set this parameter when querying a resource. If this parameter is not specified, the system searches for the required resource in all the enterprise projects that you have permissions for. In this case, the value of enterprise_project_id is all. The parameter value must meet one of the following requirements:

  • The value is all.

  • The value is 0.

  • The value matches the ^[0-9a-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12}$ regular expression.

Default: all

Minimum: 0

Maximum: 64

deploy_support

No

Boolean

Whether to filter only certificates that can be deployed.

Default: false

owned_by_self

No

Boolean

Whether the resource belongs to the current tenant. The options are as follows:

  • true: Only resources that belong to the current tenant are queried, excluding shared resources.

  • false: Query the current tenant and the resources shared with the tenant.

Default: true

expired_days_since

No

Integer

The certificate is within the validity period and expires in a maximum of xx days.

Minimum: 0

Maximum: 1095

Default: 0

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token.

It can be obtained by calling the IAM API. The value of X-Subject-Token in the response header is the user token.

Minimum: 32

Maximum: 2097152

Response Parameters

Status code: 200

Table 3 Response body parameters

Parameter

Type

Description

certificates

Array of CertificateDetail objects

For details, see data structure description of the CertificateDetail field.

Array Length: 0 - 1000

total_count

Integer

Number of certificates.

Minimum: 0

Maximum: 10000
Table 4 CertificateDetail

Parameter

Type

Description

id

String

Certificate ID.

Minimum: 16

Maximum: 16

name

String

Certificate name.

Maximum: 63

Minimum: 3

domain

String

Domain name bound to a certificate.

Minimum: 1

Maximum: 255

sans

String

Additional domain name bound to a multi-domain certificate.

Minimum: 1

Maximum: 4096

signature_algorithm

String

Signature algorithm.

Minimum: 0

Maximum: 64

deploy_support

Boolean

Whether deployment is supported.

type

String

Certificate type. The options are:

DV_SSL_CERT, DV_SSL_CERT_BASIC, EV_SSL_CERT,

EV_SSL_CERT_PRO, OV_SSL_CERT, or OV_SSL_CERT_PRO

Minimum: 1

Maximum: 128

brand

String

Certificate authority. The value can be GLOBALSIGN, SYMANTEC, GEOTRUST or CFCA.

Minimum: 1

Maximum: 255

expire_time

String

Certificate expiration time.

Minimum: 1

Maximum: 32

domain_type

String

Zone type. The options are:

  • SINGLE_DOMAIN: Single domain names

  • WILDCARD: Wildcard domain names

  • MULTI_DOMAIN: Multiple domain names

Minimum: 1

Maximum: 128

validity_period

Integer

Certificate validity period, in months. [CCM provides a solution for purchasing certificates with a multi-year validity period. This multi-year certificate takes effect by adding multiple SSL certificates with a validity period of one year. For example, a certificate with three years' validity period contains three SSL certificates with one-year validity period and the same specifications. The system automatically applies for a second certificate based on the information about the first certificate 30 days before the first certificate expires.] (tag:hws)

Minimum: 12

Maximum: 12

status

String

Certificate status. The options are as follows:

  • PAID: The certificate has been paid and needs to be applied for from the CA.

  • ISSUED: The certificate has been issued.

  • CHECKING: The certificate application is being reviewed.

  • CANCELCHECKING: The certificate application cancellation is being reviewed.

  • UNPASSED: The certificate application fails.

  • EXPIRED: The certificate has expired.

  • REVOKING: The certificate revocation application is being reviewed.

  • CANCLEREVOKING: The cancellation on certificate revocation is being reviewed.

  • REVOKED: The certificate has been revoked.

  • UPLOAD: The certificate is being managed.

  • SUPPLEMENTCHECKING: Additional domain names to be added for a multi-domain certificate are being reviewed.

  • CANCELSUPPLEMENTING: The cancellation on additional domain names to be added is being reviewed.

Minimum: 0

Maximum: 64

domain_count

Integer

Number of domain names can be bound to a certificate.

Minimum: 1

Maximum: 100

wildcard_count

Integer

Number of wildcard domain names can be bound to a certificate.

Minimum: 0

Maximum: 100

description

String

Certificate description

Minimum: 0

Maximum: 255

domain_id

String

Account ID.

Minimum: 0

Maximum: 100

enterprise_project_id

String

Enterprise project ID. The default value is 0.

For users who have enabled the enterprise project function, this value indicates that resources are in the default enterprise project.

For users who have not enabled the enterprise project function, this value indicates that resources are not in the default enterprise project.

Minimum: 0

Maximum: 36

Status code: 401

Table 5 Response body parameters

Parameter

Type

Description

error_code

String

Error code returned for an error request.

Minimum: 3

Maximum: 36

error_msg

String

Error information returned for an error request.

Minimum: 0

Maximum: 1024

Status code: 403

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Error code returned for an error request.

Minimum: 3

Maximum: 36

error_msg

String

Error information returned for an error request.

Minimum: 0

Maximum: 1024

Status code: 500

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

Error code returned for an error request.

Minimum: 3

Maximum: 36

error_msg

String

Error information returned for an error request.

Minimum: 0

Maximum: 1024

Example Requests

None

Example Responses

Status code: 200

Normal return.

{
  "certificates" : [ {
    "id" : "scs1554192131150",
    "name" : "test",
    "domain" : "www.zx.com",
    "sans" : "a.zx.com;b.zx.com",
    "type" : "OV_SSL_CERT",
    "deploy_support" : true,
    "signature_algorithm" : "SHA256WITHRSA",
    "brand" : "GEOTRUST",
    "expire_time" : "2021-05-27 16:46:25.0",
    "domain_type" : "MULTI_DOMAIN",
    "validity_period" : 12,
    "status" : "ISSUED",
    "domain_count" : 2,
    "wildcard_count" : 0,
    "description" : null
  } ],
  "total_count" : 1
}

Status code: 401

Authentication failed.

{
  "error_code" : "SCM.XXX",
  "error_msg" : "XXX"
}

Status code: 403

Access denied.

{
  "error_code" : "SCM.XXX",
  "error_msg" : "XXX"
}

Status code: 500

Failed to complete the request because of an internal server error.

{
  "error_code" : "SCM.XXX",
  "error_msg" : "XXX"
}

Status Codes

Status Code

Description

200

Normal return.

401

Authentication failed.

403

Access denied.

404

Access page not found.

500

Failed to complete the request because of an internal server error.

Error Codes

See Error Codes.