Error Codes & Data Definition
Apr 24, 2026
OVERVIEW: This page covers success and error codes both for Mark Certificates API client and server, as well as XML fields data type and data definitions. If you have any questions about any of the information provided in this document, please contact your Account Manager or our Support Team for assistance. For more Mark Certificate API guides, please refer to this page.
Success/Error Codes
| Code | Code Details | Description |
|---|---|---|
| 0 | Success | |
| -1 | Failure | The order/request has failed; please consult the Error Code list, as well as the error message in the XML response for remedial actions. |
| 1 | Warning | Indicates order has been flagged for High Risk/Phishing. The order is valid but will experience a delay in processing until the GlobalSign Vetting Team manually reviews and clears the order’s phishing flag. |
|
Success Code |
Error Code |
Title |
Description |
|
0 |
- |
Success |
Transaction was successful |
|
1 |
-5001 |
Phishing warning CN matched in phishing database |
The Common Name has expressions that match our Phishing/Keyword warning list. This order will be delayed until the vetting team can manually review the requested domain. You should receive an e-mail from the system to confirm this issue and another one when it has been cleared. Please have the domain name and OrderID available for our support team if you need immediate resolution. |
|
-1 |
-101 |
Invalid Parameter |
Invalid parameter entered. Please check that the parameters match the API specification. Please review the specific ErrorMessage returned in the XML response for parameter details and consult the XML Field definitions section of the applicable API document. |
|
-1 |
-102 |
An essential parameter is missing |
Mandatory parameter missing. Please check that the parameters match the API specification. Please review the specific ErrorMessage returned in the XML response for parameter details and consult the XML Field definitions section of the applicable API document. |
|
-1 |
-103 |
A parameter is too long |
Parameter length check error. Please check that the parameters match the API specification. Please review the specific ErrorMessage returned in the XML response for parameter details and consult the XML Field definitions section of the applicable API document. |
|
-1 |
-104 |
The format for a parameter is incorrect |
Parameter format check error. Please check that the parameters match the API specification. Please review the specific ErrorMessage returned in the XML response for parameter details and consult the XML Field definitions section of the applicable API document. |
|
-1 |
-105 |
Invalid Parameter |
Invalid parameter combination. Please check that the parameters match the API specification. |
|
-1 |
-109 |
Missing Parameter |
Some information is missing from your request (e.g. CSR missing Organization name), or there was an issue processing the request from GCC that may be resolved by retrying the request. |
|
-1 |
-3002 |
Domain not found in WHOIS database |
Unable to find approver emails for the domain name specified. Please make sure that your Domain Name is found in WHOIS database. |
|
-1 |
-3012 |
|
We have been unable to validate your domain through a Domain Name Search. If you have recently updated your DNS records, please try again in 24 hours to allow for propagation of the details and the issue to clear. To ensure there is no other issue you should check that your domain is registered via a PING request or alternative check. |
|
-1 |
-3013 |
|
We are currently experiencing issues in connecting to a DNS service to resolve your domain. If you have recently updated your DNS records, please try again in 24 hours to allow for propagation of the details and the issue to clear. To ensure there is no other issue you should check that your domain is registered via a PING request or alternative check. |
|
-1 |
-3019 |
|
We are currently experiencing issues in searching the DNS service to resolve your domain. If you have recently updated your DNS records, please try again in 24 hours to allow for propagation of the details and the issue to clear. To ensure there is no other issue you should check that your domain is registered via a PING request or alternative check. |
|
-1 |
-3022 |
|
We were unable to find the SOA Record of the DNS for {0}. Please make sure that the DNS has an SOA Record. |
|
-1 |
-3025 |
|
We were unable to get the DNS txt record for {0}. Check that you have edited the correct domain, and note that your changes may take several hours to propagate. |
|
-1 |
-3026 |
|
We were unable to find the DNS txt record for {0}. Check that you have edited the correct domain, and note that your changes may take several hours to propagate. |
|
-1 |
-4001 |
Login failure invalid user ID or password |
Login failure. UserName or Password is incorrect. Please make sure that you have specified the correct UserName and Password. |
|
-1 |
-4003 |
Specified OrderID/Voucher Number does not exist. |
The specified OrderID does not exist. Please make sure you supplied a valid OrderID. |
|
-1 |
-4004 |
OrderId has already been used |
The specified OrderID already exists. Please make sure you supplied a valid OrderID. |
|
-1 |
-4005 |
Your request has not been accepted due to a logical limitation. The notes describe the limitations that may be encountered for the request that was submitted. |
Your request has not been accepted because the status of the OrderID specified has already been changed. Please recheck the status of the OrderID specified. |
|
-1 |
-4006 |
Specified ProductCode is invalid. |
Specified ProductCode is not allowed for this API request. Please check that the ProductCode specified matches the API specifications for this request. |
|
-1 |
-4007 |
Specified CSR is invalid. |
Unable to process this request. It could be that the Common Name in your CSR does not match the Common Name in the original order, or the format of the Common Name is incorrect, or the Encryption type of your CSR is not RSA nor ECC, or the length of the Key of the CSR is insufficient. Please make sure that the CSR provided coincides with these conditions. |
|
-1 |
-4008 |
TargetCERT is expired or inaccessible |
Unable to process this request. It could be that the Common Name in the TargetCERT specified does not match the Common Name specified for this request or the TargetCERT is inaccessible on the Common Name by the GlobalSign system. Please review the contents and accessibility of the Common Name in the TargetCERT before proceeding with this request. |
|
-1 |
-4009 |
Specified ApproverEmail is invalid. |
Failed to confirm ApproverEmail. Please make sure that the ApproverEmail specified is within the ApproverEmail list that we provided when GetDVApproverList was used. |
|
-1 |
-4016 |
The certificate has been already reissued |
The certificate you are trying to reissue has already been reissued. You can reissue a certificate only once. Please specify a certificate that is valid for a reissue. |
|
-1 |
-4147 |
|
We were unable to verify the domain {0}. Please ensure: |
|
-1 |
-4148 |
|
We were unable to connect to the authentication URL during Onpage Authentication. Please make sure that the authentication URL is accessible publicly. |
|
-1 |
-4149 |
|
We were unable to find our verification meta tag on {0}. Please make sure that the meta tag we provided is is located in an approved location (See API specification for details). |
|
-1 |
-4150 |
|
We found the verification meta tag on {0}, but it does not match the tag associated with this order. Please make sure that the meta tag we provided is located in an approved location (See API specification for details). |
|
-1 |
-4151 |
|
We found the verification meta tag on {0}, but it does not match the tag associated with this order. Please make sure that the meta tag we provided is located in an approved location (See API specification for details). |
|
-1 |
-4169 |
|
We were unable to get the DNS Txt record for {0}. Please make sure that the DNS Txt we provided is added into your DNS and note that your changes may take several hours to propagate. |
|
-1 |
-4171 |
|
We found the DNS for {0}, but it does not match the one associated with this order. Please make sure that the DNS Txt we provided is added into your DNS and note that your changes may take several hours to propagate. |
|
-1 |
-4201 |
This IP Address is not registered for API access |
Your IP Address [0] is not within the range of IP addresses that is allowed for API use. Please contact GlobalSign support to have this address added for API access. |
|
-1 |
-6001 |
Failed to parse the CSR |
There was an error when trying to parse the supplied CSR. Please recheck the CSR used. |
|
-1 |
-6002 |
Specified certificate is invalid. |
There was an error when trying to parse the TargetCERT specified. Please make sure that the TargetCERT specified is correct. |
|
-1 |
-6007 |
The public key is already used. |
The Public Key of the CSR has been used previously. For security reasons we allow the keys to be used if they have the same CN. Please recheck the CSR and try again. |
|
-1 |
-6017 |
Maximum number of SANs options have been exceeded |
The number of SANEntry has exceeded the maximum allowed number of SANEntry. Please do not exceed the maximum allowed number of SANEntry. See the API specification for further information. |
|
-1 |
-6018 |
Specified SubjectAltName is invalid. |
There are duplicates in the SANs that you specified. Please make sure that each SubjectAltName is unique. |
|
-1 |
-6021 |
CN in CSR and FQDN are not same |
Common Name in CSR and FQDN for check do not match. Please make sure that the CSR has been entered correctly. |
|
-1 |
-6035 |
Validity Period Warning |
Due to recent CA/B Forum changes, reissuance past 27 months has been disabled. Please contact your account manager for more information. |
|
-1 |
-6101 |
Account Balance Error |
Your account does not have enough remaining balance to process this request. Please make sure you have enough remaining balance in your account before proceeding with this request. |
|
-1 |
-6102 |
Specified order cannot be a renewal. |
The renewal of the certificate failed. Please note that when renewing a certificate, the Common Name of the original certificate and this request must be the same. Please also check that the status of the original order is ISSUED and that the order has not been previously renewed. |
|
-1 |
-9025 |
|
Could not renew because you have no renewal authority. Please make sure that the RenewalTargetOrderID specified is associated with this user. |
|
-1 |
-9100 |
|
Unable to process this request. The following rules may have been violated by this ChangeSAN request: |
|
-1 |
-9101 |
Illegal SAN Option |
Unable to process this request because of an incorrect SANEntry. The SANEntry you specified may have violated one or more of the following rules: |
|
-1 |
-9110 |
|
We found no difference in the SANs you specified in this request from SANs of the original order. Please make sure that the SANs are different from your current certificate. |
|
-1 |
-9151 |
|
Unable to use ReissueWithoutCSR on a certificate that does not support AutoCSR. Please make sure that the certificate you are trying to ReIssueWithoutCSR supports AutoCSR. See the API specification for the list of features for each product, including AutoCST. |
|
-1 |
-9152 |
|
The format of the ApproverURL specified is incorrect. Please make sure that the format of the ApproverURL is correct and the same with the one we have provided. |
|
-1 |
-9200 |
|
The type of your user is not allowed to use this API. Please check your permission and retry. |
|
-1 |
-9901 |
|
The Product Group of this user does not allow ordering of the specified ProductCode. Please contact Globalsign Support if you wish to order using this ProductCode. |
|
-1 |
-9902 |
|
You do not have permission to access the OrderID specified. Please make sure that you have the proper permission to the order before continuing with this request. |
|
-1 |
-9911 |
|
There are insufficient funds in the account to complete the order process. Please verify that the account has sufficient funds and try again. |
|
-1 |
-9912 |
|
There are insufficient funds in the account to complete the order process. Please verify that the account has sufficient funds and try again. |
|
-1 |
-9913 |
|
We were unable to find the Coupon specified. Please make sure that it is correctly entered. |
|
-1 |
-9914 |
|
We were unable to find the Campaign specified. Please make sure that it is correctly entered. |
|
-1 |
-9915 |
|
The OrderID you are trying to modify has been cancelled previously. Please make sure that the OrderID is correctly entered. |
|
-1 |
-9916 |
|
We were not able to find the OrderID specified. Please make sure that the OrderID is correctly entered and existing. |
|
-1 |
-9918 |
|
The coupon or campaign you specified has expired. Please make sure that the coupon or campaign is correctly entered. |
|
-1 |
-9919 |
|
The coupon you specified has been previously used. Please make sure that the coupon is correctly entered. |
|
-1 |
-9920 |
|
The coupon or campaign you specified is not yet activated. Please make sure that the coupon or campaign is correctly entered. |
|
-1 |
-9922 |
|
The currency of the specified Coupon or Campaign is not the same with the currency of your user. Please make sure that the coupon or campaign is correctly entered. |
|
-1 |
-9925 |
|
The Common Name of your CSR or the FQDN you have entered does not match the type of BaseOption you provided. Please check your BaseOption matches the Common Name (e.g., Standard, Wildcard, PublicIP). |
|
-1 |
-9934 |
|
The Top Level Domain used belongs to Globalsign's Banned List, therefore, a certificate cannot be issued. Please make sure that Common Name is correctly entered. Contact support for more information. |
|
-1 |
-9936 |
|
The key you used in your CSR is either too short (RSA minimum 2048, ECC minimum 256), or the key failed the Debian weak key check as well as key length. Please generate a new keypair and try again. |
|
-1 |
-9938 |
|
The certificate you are trying to modify has already been modified. Please make sure that the OrderID is correctly entered. |
|
-1 |
-9939 |
|
The state of this account is either invalid, stopped or locked. Please make sure that the account is correctly configured. Contact customer support for assistance. |
|
-1 |
-9940 |
|
The specified NotBefore or NotAfter should not be before the current date/time. Please recheck these parameters before continuing with this request. |
|
-1 |
-9940 |
|
The public key used in the CSR has been previously revoked. Please generate a new CSR and try again. |
|
-1 |
-9941 |
|
We are unable to find the associated partner account from the specified CorporateID. Please make sure that the CorporateID is correctly entered. |
|
-1 |
-9945 |
|
Cannot find the balance information that is associated with the CorporateId you have supplied. Please recheck the CorporateID specified then try again. |
|
-1 |
-9946 |
|
Your user does not have access to the CorporateID specified. Please make sure that the CorporateID is correctly inputted. |
|
-1 |
-9947 |
|
The ProductCode of the OrderID specified is not supported for URLVerificationForIssue. Please make sure that the OrderID is correctly inputted. |
|
-1 |
-9948 |
|
AutoCSR method has been discontinued for Partner users. Please make sure that you are not using a Partner account. |
|
-1 |
-9949 |
|
The NotAfter specified is after the calculated BaseLine Validity Limit. Please take note that validity should not exceed 397 days. |
|
-1 |
-9952 |
|
The Top Level Domain you specified is not supported. Please make sure that Common Name is correctly entered. |
|
-1 |
-9953 |
|
Cannot complete this request because the region or country of your Domain is not permitted. Please make sure that Common Name is correctly entered. |
|
-1 |
-9961 |
|
The ECC CSR key type you used is not allowed. Please enter an ECC CSR using either P-256 or P-384 curves. |
|
-1 |
-9962 |
|
Key Compression is not allowed. Please make sure that CSR is correctly entered. |
|
-1 |
-9969 |
|
Due to industry requirements, you can no longer reissue certificates with internal server names. Please delete internal server name SANs and try again. |
|
-1 |
-9971 |
|
Due to industry requirements, you can no longer issue certificates with internal server names in Common Name. Please update the Common Name. |
|
-1 |
-9991 |
Product code if OrderID is not OV or EV |
This API method supports only Organization SSL and EV SSL orders. Please make sure that you have specified the correct OrderID and calling correct method for the OrderID. |
|
-1 |
-9992 |
OrderID is created with old module that does not support this feature. |
This OrderID was created before this new API feature was built, so you are not able to use the API to manage SANs for this order. Our vetting agent will review your domain and contact you if necessary. |
|
-1 |
-9997 |
when VettingType is not EMAIL - must be null |
The ApproverEmail must not be specified for the VettingType. |
|
-1 |
-9998 |
Value of TagLocation is not correct for VettingType. (HTTP) |
The TagLocation is empty or cannot be used by the VettingType. |
|
-1 |
-9999 |
Value of TagLocation is not correct for VettingType. (DNS) |
The TagLocation is empty or cannot be used by the VettingType. |
|
-1 |
-10000 |
Value of TagLocation is not correct for VettingType. (EMAIL) |
The TagLocation is empty or cannot be used by the VettingType. |
|
-1 |
-10001 |
When VettingType is EMAIL - must belong to the list of possible email addresses given by RA |
The ApprovalEmail is empty or cannot be used to verify SAN. Please refer to the API documentation for details on email addresses that can be used to verify SAN. |
|
-1 |
-10002 |
SAN is not in OrderID (User mistook OrderID or SAN) |
The SAN does not exist in the OrderID. Please make sure that you have specified the correct OrderID and SAN. |
|
-1 |
-10003 |
HTTP/DNS verification is tried after DVC is expired. |
The DVC for this order has expired. To continue verifying domains you must obtain a new DVC or, if you do not want to continue with this order, you may cancel it. Please use this new DVC for all future verification attempts, including currently pending verification. |
|
-1 |
-10028 |
Cannot revoke certificate |
Revocation of TLS certificates is now performed by GlobalSign validation agents. Please see this page for more info: https://support.globalsign.com/ssl/ssl-certificates-life-cycle/revocation-certificate |
|
-1 |
-101 |
VettingType must be EMAIL, DNS or HTTP EMAIL_CONSTRUCTED and EMAIL_WHOIS should not be specified by user. |
Invalid parameter entered. Please check that the parameters match the API specification. Please review the specific ErrorMessage returned in the XML response for parameter details and consult the XML Field definitions section of the applicable API document. |
|
Success Code |
Error Code |
Title |
Description |
|
-1 |
-1 |
Internal system error |
The system has experienced an internal error. Cross-reference the appropriate API request action with the API Spec. Please try to do what you were doing again, and if the problem persists, please report this error code to GlobalSign Support. |
|
-1 |
-201 |
Internal system error - Failed database operation |
System Error. (Database error - database operation). Please retry and if the issue persists contact support with detailed information concerning the issue. |
|
-1 |
-301 |
Internal system error - Failed database operation |
System Error. (Database error - database operation). Please retry and if the issue persists contact support with detailed information concerning the issue. |
XML Fields Definitions
Data Type
|
DataType |
Description |
|---|---|
|
String |
Fixed-length character string |
|
Boolean |
Logical Boolean (true/false) |
|
Int |
Signed four-byte integer |
|
DateTime |
YYYY-MM-DDTHH:MM:SS.000Z |
Data Definitions
Table below lists all the definitions of the structure use in the API Specifications.
|
XML Structure |
Description |
Type/Length |
|
<CertificateStatus> |
The current status of a certificate. 1 INITIAL 2 Waiting for phishing check 3 Cancelled - Not Issued 4 Issue completed 6 Waiting for revocation 7 Revoked |
Int |
|
<CommonName> |
The common name in certificate. |
String/255 |
|
<CSRData> <CommonName> <Organization> <OrganizationUnit> <Locality> <State> <Country> <EmailAddress> </CSRData> |
Basic information on a certificate’s CSR. |
|
|
<CSRSkipOrderFlag> |
|
Boolean |
|
<City> |
Part of the Address structure. |
String/200 |
|
<ContactInfo> <FirstName> <LastName> <Phone> <Email> </ContactInfo> |
Primary Contact Information of for a certificate request. |
|
|
<Country> |
Part of the Organization Address structure. The Country of the Organization. Must be a valid ISO country code. |
String/2 |
|
<Coupon> |
Coupons can be used for payment. |
String/50 |
|
<CreditAgency> |
The Organizations name. 1 DUNS No. 2 TDB code |
String/50 |
|
<Currency> |
The Currency of the transaction. |
String/10 |
|
<CSR> |
Certificate Signing Request. This is the Base64 encoded X.509 digital certificate signing request typically generated by the end user on their target web server. This is a critical element for all SSL orders. |
String/4000 |
|
<DNSOrderFlag> |
|
Boolean |
|
<DNSNames> |
Contains one or more DNSName values to be put into the certificate SubjectAltName extension. Each can be up to 64 characters. Values are comma delimited. Each DNSName may only contain alphanumeric values, plus dash and under bar – No periods. |
String/300 |
|
<DomainName> |
The domain name for an Order. For an SSL Order this can be a fully qualified Domain (e.g., www.globasign.com) or possibly a wildcard domain (e.g., *.globalsign.com. |
String/255 |
|
<EndDate> |
Expired date of certificate. |
DateTime |
|
<Email> |
From the ContactInfo structure. The Email Address of the contact. |
String/255 |
|
<Error> <ErrorCode> (<ErrorField>)? <ErrorMessage> </Error> |
A structure that contains an ErrorCode and an ErrorMessage. Error is part of the Errors structure. |
|
|
<ErrorCode> |
A unique code identifying the error. |
Int |
|
<ErrorField> |
When there is a specific field that has caused the error, the XML tag for that field is placed in this structure. Where the tag is not unique in the entire message, one or more tags precede this so this field can be uniquely identified. For example, if the <Phone> field was invalid in the <AdminContact> structure, the return code would have <AdminContact><Phone>. |
String/1000 |
|
<ErrorMessage> |
A message describing an error in more detail. ErrorMessage is a part of the Error Structure. |
String/1000 |
|
<Errors> (<Error> <ErrorCode> (<ErrorField>)? <ErrorMessage> </Error>)+ </Errors> |
A list of the errors returned from a request. An Errors structure can have multiple Error elements. Errors is a part of the OrderResponseHeader structure. If present, this structure contains one or more errors. |
|
|
<ErrorCode> |
|
Int |
|
<ErrorField> |
|
String/1000 |
|
<ErrorMessage> |
|
String/1000 |
|
(<ExpressOption>)? |
To add Express Options set to true. If not false. |
Boolean |
|
<Fax> |
From the OrganizationAddress structure. The Fax number for the organization. |
String/30 |
|
<FirstName> |
From one of the Contact structures. The First Name of the contact. |
String/100 |
|
<FQDN> |
Fully Qualified Domain Name. |
String/255 |
|
<FromDate> |
The starting date used in various queries. |
DateTime |
|
<Fulfillment> <CACertificates> (<CACertificate> <CACertType> <CACert> </CACertificate>)+ </CACertificates>? (<ServerCertificate> <x509Cert> <PKCS7Cert> <ServerCertificate>)? </Fulfillment> |
Contains the CA certificate(s) and/or the ServerCertificate (in x509 and/or PKCS7 formats). |
|
|
<Function> |
Requestor job function. |
String/255 |
|
<GSSupportOption> |
To add GS Support set to true. If not false. |
Boolean |
|
<IncorporatingAgencyRegistrationNumber> |
|
String/100 |
|
<InsuranceOption> |
To add Insurance Options set to true. If not false. |
Boolean |
|
<IsValidDomainName> |
Returns true if the domain name is valid for a certificate orders. |
Boolean |
|
<JurisdictionInfo> < JurisdictionCountry> (<StateOrProvince>)? (<Locality>)? <IncorporatingAgencyRegistrationNumber> </JurisdictionInfo> |
Jurisdiction of Incorporation Details. |
|
|
<KeyLength> |
|
String/4 |
|
<LastName> |
From one of the Contact structures. The Last Name of the contact. |
String/100 |
|
<Licenses> |
This is the Number of Licenses. |
Int 1-99 Only |
|
<Locality> |
The Locality field from the CSR or Certificate. |
String/255 |
|
<ModificationEvent> |
One event in the set of ModificationEvents. |
|
|
<ModificationEventName> |
The name of the event. |
String/50 |
|
<ModificationEvents> (<ModificationEvent> <ModificationEventName> <ModificationEventTimestamp> </ModificationEvent>)+ </ModificationEvents> |
The set of events for the order that caused the status to be changed within the specified time period. This is contained in OrderDetail. Used only in GetModifiedOrders. |
|
|
<ModificationEventTimestamp> |
The time of the event. |
DateTime |
|
<ModifyOrderOperation> |
Specifies the operation to be performed on the order or certificate: APPROVE CANCEL REVOKE |
String/20 |
|
<Months> |
The number of months that a certificate will be valid for. |
Int/4 |
|
<NotAfter> |
|
DateTime |
|
<NotBefore> |
|
DateTime |
|
<OrderDate> |
The date the order was created. |
DateTime |
|
<OrderDetail> <OrderInfo> (<OrderOption>)? (<CertificateInfo>)? (Fulfillment>? (<ModificationEvents>)? </OrderDetail> |
OrderDetail is returned in many Order Query operations. The specific content is dependent on the values in the request. ModificationEvents is only returned in GetModifiedOrders. |
|
|
<OrderKind> |
Type of order: new: a new request renewal: renewal of current certificate transfer: a commercial upgrade of a current valid certificate. |
String/10 |
|
<OrderID> |
This is the OrderID assigned by GlobalSign to the order and provided to the person requesting the certificate. |
String/50 |
|
<OrderInfo> <OrderID> <ProductCode> (<BaseOption>)? <OrderKind> <Licenses> (<ExpressOption>)? (<ValidityPeriodCustomizeOption>)? (<InsuranceOption>)? (<GSSupportOption>)? (<RenewalExtentionOption>)? <DomainName> <OrderDate> (<OrderCompleteDate>)? (<OrderCanceledDate>)? (<OrderDeactivatedDate>)? <OrderStatus> <Price> <Currency> <ValidityPeriod> <Months> (<NotBefore>)? (<NotAfter>)? </ValidityPeriod> (<SpecialInstructions>)? </OrderInfo> |
This structure contains basic information that applies to most orders and is profiled within each order response structure. |
|
|
<OrderOption> <ApproverNotifiedDate>? <ApproverConfirmDate>? <ApproverEmailAddress>? <OrganizationInfo> <OrganizationName> (<CreditAgency>)? (<OrganizationCode>)? <OrganizationAddress> <AddressLine1> (<AddressLine2>)? (<AddressLine3>)? <City> <Region> <PostalCode> <Country> <Phone> (<Fax>)? </OrganizationAddress> </OrganizationInfo> (<ContactInfo> <FirstName> <LastName> <Phone> <Email> </ContactInfo>)? </OrderOption> |
This structure is in many order request messages and contains basic order information common to all types of orders. |
|
|
<OrderParameter> <ProductCode> (<BaseOption>)? <OrderKind> <Licenses> (<ExpressOption>)? (<ValidityPeriodCustomizeOption>)? (<InsuranceOption>)? (<GSSupportOption>)? (<RenewalExtentionOption>)? <ValidityPeriod> <Months> (<NotBefore>)? (<NotAfter>)? </ValidityPeriod> <CSR> (<RenewalTargetOrderID)? (<TargetCERT>)? (<DNSNames>)? (<SpecialInstructions>)? (<Coupon>)? (<Campaign>)? </OrderParameter> |
This structure is part of the order validation and order processes. It includes all details relating to the order and the CSR for parsing. |
|
|
<OrderParameterWithoutCSR> <ProductCode> (<BaseOption>)? <OrderKind> <Licenses> (<ExpressOption>)? (<ValidityPeriodCustomizeOption>)? (<InsuranceOption>)? (<GSSupportOption>)? (<RenewalExtentionOption>)? <ValidityPeriod> <Months> (<NotBefore>)? (<NotAfter>)? </ValidityPeriod> <PIN> <KeyLength> (<RenewalTargetOrderID)? (<TargetCERT>)? (<DNSNames>)? (<SpecialInstructions>)? (<Coupon>)? (<Campaign>)? </OrderParameterWithoutCSR> |
This structure is part of the order validation and order processes. It includes all details relating to the order without a CSR. |
|
|
<OrderQueryOption> (<OrderStatus>?) (<ReturnOrderOption>?) (<ReturnCertificateInfo>?) (<ReturnFulfillment>?) (<ReturnCACerts>?) </OrderQueryOption> |
Specifies what is returned in the response message. All values default to false if not supplied so the corresponding data structure will not appear in the response. |
|
|
<OrderRequestHeader> <AuthToken> <UserName> <Password> </AuthToken> </OrderRequestHeader> |
The OrderRequestHeader is used in all of the order operations. |
|
|
<OrderResponseHeader> <SuccessCode> (<Errors> (<Error> <ErrorCode> (<ErrorField>)? <ErrorMessage> </Error>)+ </Errors>)* <Timestamp> </OrderResponseHeader> |
This is the header returned in all Order operations. |
|
|
<OrderStatus>
|
The current status of an Order: 1 INITIAL 2 Waiting for phishing check 3 Cancelled - Not Issued 4 Issue completed 5 Cancelled - Issued 6 Waiting for revocation 7 Revoked |
Int |
|
<OrderSubInfo> |
|
|
|
<Organization> |
The Organization field from the certificate. |
String/255 |
|
<OrganizationCode> |
Can be used to indicate company numbers lookup e.g. For DUNS enter 1 in this field. |
String/50 |
|
<OrganizationInfo> <OrganizationName> (<CreditAgency>)? (<OrganizationCode>)? <OrganizationAddress> <AddressLine1> (<AddressLine2>)? (<AddressLine3>)? <City> <Region> <PostalCode> <Country> <Phone> <Fax>? </OrganizationAddress> </OrganizationInfo> |
Organization Info sent with Certificate request. |
|
|
(<CreditAgency>)? (<OrganizationCode>)? (<BusinessAssumedName>)? <BusinessCategoryCode> <OrganizationAddress> (<AddressLine1>)? (<AddressLine2>)? (<AddressLine3>)? <City> <Region> <PostalCode> <Country> <Phone> (<Fax>)? </OrganizationAddress> </OrganizationInfoEV> |
Organization Info sent with Certificate request. |
|
|
<OrganizationName> |
The name of the Organization applying for a certificate. |
String/255 |
|
<OrganizationUnit> |
The OrganizationalUnit name from the CSR. |
String/255 |
|
<OVCSRInfo> <OrganizationName> (<OrganizationUnit>)? <Locality> <StateOrProvince> <Country> </OVCSRInfo> |
Info to be used in the creation of the Certificate. |
|
|
(<ParsedCSR> <DomainName> <Country> <Email> <Locality> <Organization> <OrganizationUnit> <State> <IsValidDomainName> </ParsedCSR>)? |
Details from the CSR. |
|
|
<Password> |
Required for user authentication over the API. |
String/30 |
|
<Phone> |
From one of the Contact or OrganizationAddress structures. |
String/30 |
|
<P12DeleteDate> |
|
DateTime |
|
<P12DeleteStatus> |
|
Int |
|
<PKCS12File> |
A bese64-encoded PKCS#12 |
String/4000 |
|
<PKCS7Cert> |
A Base64-encoded PKCS#7 |
String/20000 |
|
<PostalCode> |
From the Address structure. The Postal Code (e.g., Zip Code in the U.S.) for the Address. |
String/20 |
|
<ProductCode> |
A code for the product that a particular request relates to. Note that a partner must have a valid contract for a product code for it to be valid in a request. Also, a product code must be valid for the context of the request. |
String/20 |
|
<QueryRequestHeader> <AuthToken> <UserName> <Password> </AuthToken> </QueryRequestHeader> |
The header on all Query Request operations. |
|
|
<QueryResponseHeader> |
|
|
|
<Region> |
Region, state/prov
From the Address structure. This is the region of the address such as state or province. If this is a U.S. state it must have a valid 2 character abbreviation. |
String/255 |
|
<RenewalExtentionOption>> |
To add bonus to validity period set to true. If not false. |
Boolean |
|
<ReOrderParameter> |
|
|
|
<ReOrderParameterWithoutCSR> |
|
|
|
<RenewalTargetOrderID> |
Original OrderID for renewal orders. |
String/50 |
|
<RequestorInfo> <FirstName> <LastName> (<Function>)? <OrganizationName> (<OrganizationUnit>)? <Phone> <Email> </RequestorInfo> |
A Certificate Requester is a natural person who is Applicant, employed by Applicant, or an authorized agent who has express authority to represent Applicant or a third party (such as an ISP or hosting company) that completes and submits a Certificate Request on behalf of Applicant. |
|
|
<ResendEmailType> |
Current values are:
ApproverEmail – resend the approver email for any QuickSSL order. |
String/20 |
|
<ReturnCACerts> |
If set to true in the request message, the CACerts structure is populated in the Fulfillment structure of the response message. |
Boolean |
|
<ReturnCertificateInfo> |
If set to true in the request message, the CertificateInfo structure appears in the response message. |
Boolean |
|
<ReturnCount> |
The number of items returned in the message. |
Int |
|
<ReturnFulfillment> |
If set to true in the request message, the Fulfillment structure appears in the response message. |
Boolean |
|
<ReturnOrderOption> |
In the response, product information will be in details if set to true. |
Boolean |
|
<SearchOrderDetail> |
|
|
|
<SecondContactInfo> |
Secondary contact for this order. |
|
|
<SerialNumber> |
The serial number of a certificate specified as a hex string. |
String/64 |
|
<ServerCertificate> |
|
|
|
<SpecialInstructions> |
Special Instructions for the order. |
String/4000 |
|
<StartDate> |
Start date of certificate. |
DateTime |
|
<State> |
The value of the State in the ParseCSRResponse. |
String/255 |
|
<StateOrProvince> |
|
String/255 |
|
<SubjectName> |
The SubjectName in certificate. |
String/255 |
|
<SuccessCode> |
Code in the Order and Query Response Headers which indicates the success or failure of the request: A zero SuccessCode indicates a success with no warnings. A positive SuccessCode indicates a success with warnings. A negative SuccessCode indicates a failure. Note that if the Success in non-zero an accompanying Errors structure will be present. |
Int |
|
<TargetCERT> |
The base64-encoded certificate you are transferring from. |
String/4000 |
|
<TargetOrderID> |
|
String/50 |
|
<Timestamp> |
A date timestamp used in a variety of contexts. Note that the XML format is: YYYY-MM-DDTHH:MM:SS.000Z (for example, 2001-01-01T24:00:00:000Z is for Jan 1, 2001 at midnight). |
DateTime |
|
<TrustedOrderFlag> |
|
Boolean |
|
<UserName> |
Required for user authentication. |
String/30 |
|
<ValidityPeriod> <Months> (<NotBefore>)? (<NotAfter>)? </ValidityPeriod> |
The number of months that a certificate or site seal will be valid for. Please set it to 12. |
|
|
<ValidityPeriodCustomizeOption> |
To customize the validity period set to true. If not false. |
Boolean |
|
<VerificationUrl> |
An allowable URL which the metatag for URLVerification can occur on. |
String/300 |
|
<VerificationFQDN> |
An allowable FQDN which the DNS txt record for DNS Verification can occur on. |
String/300 |
|
<MarkInfo> <SvgLogoBase64> <MarkLicenseExpiryDate> YYYY-MM-DD <TrademarkIdentifier> <TrademarkCountryOrRegionName> <TrademarkOfficeName> <StatuteCitation> <StatuteLocalityName> <StatuteStateOrProvinceName> <StatuteCountryName> <PriorUseMarkSourceURL> <DnAttributes> <CommonNameSAN> <Organization> <Locality> <StateOrProvince> <Country> </DnAttributes> </MarkInfo> |
This structure is a part of Mark Certificates request For understanding the values that needs to be provided to these tags please read the explanations below: Also Example Sample requests are provided in Section 4.1.1 onwards.
<SvgLogoBase64> - For all mark types Please provide the base64 file of the SVG you want to use in your certificate.
<MarkLicenseExpiryDate> - For VMC and MMC only YYYY-MM-DD Please input the date of the license expiry of your Trademark.
<TrademarkIdentifier> - For VMC and MMC only Please enter the trademark license identifier/unique license number.
<TrademarkCountryOrRegionName> - For VMC and MMC only Enter the Two Digit Country code.
<TrademarkOfficeName> - For VMC and MMC only Select the trademark office where your trademark logo is registered.
<StatuteCitation> - For GMC only If you have some reference link that you can provide for the reference that can help us identify the legal status of the logo being used i.e. some legal statue reference or article. If not sure, leave it blank.
<StatuteLocalityName> - For GMC only Enter the locality name
<StatuteStateOrProvinceName> - For GMC only Enter the state or province name
<StatuteCountryName> - For GMC only
Enter the country name
<PriorUseMarkSourceURL> - For CMC only.
If you are sure of the archive URL of the logo display from past 12 months then please enter it here.
<CommonNameSAN> - For alL Mark Type Please enter your domain name like example.com
<Organization> Enter the organization name.
<Locality> Enter the locality name
<Country> Enter the country name
|
|
|
<Request> <QueryRequestHeader> <AuthToken> <UserName> 30 String <Password> 30 String </AuthToken> </QueryRequestHeader> <SvgLogoBase64> String </Request >
|
This structure is the part of the validate logo request. You can use this to check any problem or issues with your provided SVG File. Under <SvgLogoBase64> Please provide the SVG file in Base64 format only. |
|
|
<X509Cert> |
A base64-encoded certificate. |
String/4000 |
SSL Configuration Test
Check your certificate installation for SSL issues and vulnerabilities.