SSL Certificate API
The SSL Certificate API supports enrolling new certificate requests, renewing existing certificates and collecting certificates. See the SSL Certificate API documentation for details.
SMIME Enroll API
Allows the Administrator to get Activity Log Report, Client Certificates Report, SSL Certificates Report, Discovery Scan Log Report, Discovery Scan Detail Report and the Latest Discovery Scan Log Report.
Note: The Reporting API is only available for use by MRAOs.
Email support for the API is available at firstname.lastname@example.org, Monday through Friday, 4 AM - 8 PM Eastern Time. See the Certificate Service support page for a detailed listing of all support options. You may need to also copy your request to email@example.com; see 'Known Issues' below.
Frequently Asked Questions
Q: In section 2.3 of http://www.incommon.org/cert/repository/InCommon_CM_SSL_Web_Service_API.pdf
it says that I need the "orgId" in order to use the enrollment SOAP call.
How do I find the the orgId for out institution? The instructions in the
above document say "Can be obtained from Admin UI - Organization
properties "SSL Cert" tab", but this was not much help: I could not see
the organization id anywhere in our certificate manager.
A: Go to Settings - Orgs, click Departments
Select the department to provision through, click edit,
go to SSL tab, enable the web API check box and assign a secret key,
The ID will appear next to the secret key text box.
The SSL and Client APIs share a common set of status codes. If you stumble onto an undocumented status code or error condition, please file a bug with Comodo. It would benefit other API users if you also documented your experiences here on this wiki page.
TODO: Add a link to the Bug tracking system.
Basic information about the possible error codes is provided in the Comodo API documentation but some of the error codes can have multiple causes. Additional anecdotal details may be provided here as a community reference.
- -14 = An unknown error occurred! Check that the customerLoginUri parameter of your authData object is set to 'InCommon'.
- -32 = The two phrase should be the same! Check your revocation phrase ('phrase' parameter). It appears that it cannot be left as empty string.
- -37 - (Undocumented). This has been confirmed to be a bug by Comodo support. See 'Known Issues', below.
- As of 4/18 firstname.lastname@example.org does not yet issue a support ticket when emailed. email@example.com have been helpful in answering questions in the meantime.
- Parts of the API documentation are out of date.
- The API documentation lists a SSLCollectResponse.getStatusCode() function. This function was removed in the latest release. Use the SSLCollectResponse.statusCode integer attribute instead.
InCommon maintains an email list, firstname.lastname@example.org, as a place for community members to share experiences, discuss possible system enhancements, and see how other campuses handle various issues and tasks. We encourage you to join this list. To do so, send an email to email@example.com with the following in the subject line: sub inc-cert FirstName LastName.