You can find our user documentation at docs.cpanel.net.

Check out our new API beta site!

Child pages
  • UAPI Functions - SSL::generate_csr
Skip to end of metadata
Go to start of metadata

Description

This function generates a certificate signing request (CSR).

Note:

This function requires a valid key in the account's ssl directory. You can generate a key with UAPI's SSL::generate_key function.

Important:

In cPanel & WHM version 84 and later, when you disable the Calendars and Contacts, Receive MailWeb DiskWebmail, and Web Server roles, the system disables this function.

Examples 


 cPanel or Webmail Session URL
https://hostname.example.com:2083/cpsess##########/execute/SSL/generate_csr?domains=example.com&pass=12345luggage&countryName=US&stateOrProvinceName=Texas&localityName=Houston&organizationName=Organization&organizationalUnitName=Department&emailAddress=user%40example.com&key_id=example_com_a74f7_9dddf_1446659822_eae1ff43c4ec1991e195877c55755eff&friendly_name=TestCSR


Note:

This example calls the UAPI function via a cPanel session. For more information, read our Guide to UAPI documentation. 

 LiveAPI PHP Class
$cpanel = new CPANEL(); // Connect to cPanel - only do this once.
 
// Generate a certificate signing request for the example.com site.
$SSL_generate_csr = $cpanel->uapi(
    'SSL', 'generate_csr',    array(
           'key_id'                  => 'example_com_a74f7_9dddf_1446659822_eae1ff43c4ec1991e195877c55755eff',
           'pass'                    => '12345luggage',
           'domains'                 => 'example.com',
           'countryName'             => 'US',
           'stateOrProvinceName'     => 'Texas',
           'localityName'            => 'Houston',
           'organizationName'        => 'Organization',
           'organizationalUnitName'  => 'Department',
           'emailAddress'            => 'user@example.com',
           'friendly_name'           => 'TestCert',
 )
);


Note:

For more information, read our Guide to the LiveAPI System.

 LiveAPI Perl Module
my $cpliveapi = Cpanel::LiveAPI->new(); # Connect to cPanel - only do this once.
 
# Generate a certificate signing request for the example.com site.
my $SSL_generate_csr = $cpliveapi->uapi(
    'SSL', 'generate_csr',    {
           'key_id'                  => 'example_com_a74f7_9dddf_1446659822_eae1ff43c4ec1991e195877c55755eff',
           'pass'                    => '12345luggage',
           'domains'                 => 'example.com',
           'countryName'             => 'US',
           'stateOrProvinceName'     => 'Texas',
           'localityName'            => 'Houston',
           'organizationName'        => 'Organization',
           'organizationalUnitName'  => 'Department',
           'emailAddress'            => 'user@example.com',
           'friendly_name'           => 'TestCert',
    }
);


Note:

For more information, read our Guide to the LiveAPI System.

 Command Line
uapi --user=username SSL generate_csr domains=example.com pass=12345luggage countryName=US stateOrProvinceName=Texas localityName=Houston organizationName=Organization organizationalUnitName=Department emailAddress=user%40example.com key_id=example_com_a74f7_9dddf_1446659822_eae1ff43c4ec1991e195877c55755eff friendly_name=TestCSR


Notes:

  • You must URI-encode values.
  • username represents your account-level username.
  • For more information and additional output options, read our Guide to UAPI documentation or run the uapi --help command. 
  • If you run CloudLinux™, you must use the full path of the uapi command:

    /usr/local/cpanel/bin/uapi


 Output (JSON)
{
	"data": {
		"commonName": "example.com",
		"created": "1366386445",
		"domains": [
			"example.com"
		],
		"friendly_name": "example.com",
        "key_algorithm": "rsaEncryption",
		"ecdsa_curve_name": null,
        "ecdsa_public": null,
		"id": "example_com_bbe7e_16e2d_a626d1b34b62cefb13076a25b6831ca5",
		"modulus": "THE MODULUS",
		"text": "-----BEGIN CERTIFICATE REQUEST-----MIIC3TCCAcUCAQAwgZcxFDASBgNVBAMMC2V4YW1wbGUuY29tMRYwFAYDVQQLDA1Eb2N1bWVudGF0aW9uMQswCQYDVQQGEwJVUzEiMCAGCSqGSIb3DQEJARYTbGF1cmVuY2VAY3BhbmVsLm5ldDEUMBIGA1UECgwLY1BhbmVsIEluYy4xDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp092NvpqyT7mg2qDqZW1XetQGeo217o9r7AOONaTrNsMgbL/d31rQzpCD65SPxJ/NSpovMi48tbue3A5W6+r2CN62oFk/d34N2swN1w11NTLzOfTPQgGnBe0CRdqNonx68l8Cwj+auRMGakqxtaESOfx0T87Ngr/1CIqUbTzU0LembWh+1VI5Djy2CRmRWKkSAAu7X/OJN7cfcPh7ReZc9Ha6VmzNxbutBDRcnCJVOAGMsv2Cg4mQZhgyMC8KF1r/ktHneDdGJdypdrmdr0qkqzMwTaYIb6M/93Yp+bswGH4oyqa4GYeTpRu2OOCeydxONOnYRZWfL0SnL2Gnvnd3wIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAFlolzJbcviWcdZUv+PJ7G8cAqFAxa8a3W2a0Y1U0BaMrpDfuOHpQgOtO62rr+i+hkrIReuk7Isyl6GoZkX17KhQ1Vo9aW8a8Ur7+0RGDbxRlK9jJWnvSFn6cMMqRSfADXpptxhqBFZJIZMc3pPX9Jqycuu8bxeIvUKeSMe3Jxcl1ZXEXX47FeRZxvd+WXF94Xu4KZXHdzb5tB6jPhzIaN0/3d92N/KhvCcnw3YC2fEGDkpOlZaoa7O72+aq5K3bM1htFv9deAHqIHefV41iOrxUCIKIhdPIjvAm774lDHLzPpJVrshO/NpA74LEkny5FMwKKx+6Jgx1HSWucn5kWek=-----END CERTIFICATE REQUEST-----\n"
	},
	"errors": null,
	"messages": [
		"Certificate Signing Request generated!"
	],
	"status": 1
}


Note:

Use cPanel's API Shell interface (cPanel >> Home >> Advanced >> API Shell) to directly test cPanel API calls.

Parameters

ParameterTypeDescriptionPossible valuesExample
domainsstring

Required

The domain(s) for which to generate the certificate.

A valid string.

Note:

If there is more than one domain, this parameter must be a comma-separated list.

example.com
countryNamestring

Required

The two-letter country code.

A valid two-letter ISO-3166 country code.US
stateOrProvinceNamestring

Required

The state's or locality's full name.

A valid string.Texas
localityNamestring

Required

The certificate's city name.

A valid string.Houston
organizationNamestring

Required

The certificate's organization.

A valid string.Organization
organizationalUnitNamestring

The certificate's organizational unit or department name.

This parameter defaults to an empty string.

A valid string.Department
emailAddressstring

A valid email address to associate with the certificate.

This parameter defaults to an empty string.

A valid email address.user@example.com
key_idstring

Required

The key's ID.

A valid string.
 Click to view...
example_com_cb497_a394d_1397249671_d1272da8f13a1fd837493a5ad1f0a0f3
friendly_namestring

A friendly name for the new certificate.

This parameter defaults to the domain name for which you generated the certificate.

A valid string.TestCert

Returns

ReturnTypeDescriptionPossible valuesExample
modulusstringThe CSR's key's modulus, in hexadecimal format.
  • A valid string.
  • null — The certificate's key is not an RSA key.

Note:

We added the null value in cPanel & WHM version 92.

 Click to view...
a74f7636fa6ac93ee6836a83a995b55deb5019ea36d7ba3dafb00e38d693acdb0c81b2ff777d6b433a420fae523f127f352a68bcc8b8f2d6ee7b70395bafabd8237ada8164fdddf8376b30375c35d4d4cbcce7d33d08069c17b409176a3689f1ebc97c0b08fe6ae44c19a92ac6d68448e7f1d13f3b360affd4222a51b4f35342de99b5a1fb5548e438f2d824664562a448002eed7fce24dedc7dc3e1ed179973d1dae959b33716eeb410d172708954e00632cbf60a0e26419860c8c0bc285d6bfe4b479de0dd189772a5dae676bd2a92acccc1369821be8cffddd8a7e6ecc061f8a32a9ae0661e4e946ed8e3827b277138d3a76116567cbd129cbd869ef9dddf
createdstringWhen the CSR was created.A valid date in Unix time format.
1366386445
domainsArray of stringsThe domains that the CSR covers.An array of valid domain or domains.
example.com
commonNamestringThe name that issued the CSR.Usually, a valid domain.
example.com
friendly_namestringThe CSR's friendly name.A valid string.
TestCSR
idstringThe CSR's ID.A valid string.
 Click to view...
example_com_a74f7_9dddf_1446659822_eae1ff43c4ec1991e195877c55755eff
textstringThe CSR's text.A valid CSR.
 Click to view...
-----BEGIN CERTIFICATE REQUEST-----
MIIC3TCCAcUCAQAwgZcxFDASBgNVBAMMC2V4YW1wbGUuY29tMRYwFAYDVQQLDA1E
b2N1bWVudGF0aW9uMQswCQYDVQQGEwJVUzEiMCAGCSqGSIb3DQEJARYTbGF1cmVu
Y2VAY3BhbmVsLm5ldDEUMBIGA1UECgwLY1BhbmVsIEluYy4xDjAMBgNVBAgMBVRl
eGFzMRAwDgYDVQQHDAdIb3VzdG9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp092NvpqyT7mg2qDqZW1XetQGeo217o9r7AOONaTrNsMgbL/d31rQzpC
D65SPxJ/NSpovMi48tbue3A5W6+r2CN62oFk/d34N2swN1w11NTLzOfTPQgGnBe0
CRdqNonx68l8Cwj+auRMGakqxtaESOfx0T87Ngr/1CIqUbTzU0LembWh+1VI5Djy
2CRmRWKkSAAu7X/OJN7cfcPh7ReZc9Ha6VmzNxbutBDRcnCJVOAGMsv2Cg4mQZhg
yMC8KF1r/ktHneDdGJdypdrmdr0qkqzMwTaYIb6M/93Yp+bswGH4oyqa4GYeTpRu
2OOCeydxONOnYRZWfL0SnL2Gnvnd3wIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEB
AFlolzJbcviWcdZUv+PJ7G8cAqFAxa8a3W2a0Y1U0BaMrpDfuOHpQgOtO62rr+i+
hkrIReuk7Isyl6GoZkX17KhQ1Vo9aW8a8Ur7+0RGDbxRlK9jJWnvSFn6cMMqRSfA
DXpptxhqBFZJIZMc3pPX9Jqycuu8bxeIvUKeSMe3Jxcl1ZXEXX47FeRZxvd+WXF9
4Xu4KZXHdzb5tB6jPhzIaN0/3d92N/KhvCcnw3YC2fEGDkpOlZaoa7O72+aq5K3b
M1htFv9deAHqIHefV41iOrxUCIKIhdPIjvAm774lDHLzPpJVrshO/NpA74LEkny5
FMwKKx+6Jgx1HSWucn5kWek=
-----END CERTIFICATE REQUEST-----
key_algorithmstring

The CSR's key's algorithm.

Note:

We added this return in cPanel & WHM version 92.

  • rsaEncryption — RSA.
  • id-ecPublicKey — ECDSA.
rsaEncryption
ecdsa_curve_namestring

The ECDSA curve that the CSR's key uses.

Note:

We added this return in cPanel & WHM version 92.

  • prime256v1
  • secp384r1
  • null — The certificate's key is not an ECDSA key.
prime256v1
ecdsa_publicstring

The CSR's key's ECDSA compressed public point, in hexadecimal format.

Note:

We added this return in cPanel & WHM version 92.

  • A valid string.
  • null — The certificate's key is not an ECDSA key.

02a2cb73408a5833ffbe6eedac9227b9985c54a94990cc4a13ea2a57f3bdecada1