Service: zimbraAdmin
Namespace: "urn:zimbraAdmin"
GetCert SOAP Command

Get Certificate
Currently, GetCertRequest/Response only handle 2 types "staged" and "all". May need to support other options in the future

Authorization token required true
Admin Authorization token required true

GetCertRequest

    <GetCertRequest server="{server-id}" type="..." [option="..."] /> ## GetCertRequest

The following table describes elements and attributes you can define within a <GetCertRequest> element:

XPath Required / Optional Description
@server Required (only 1) Type:String
The server's ID whose cert is to be got
@type Required (only 1) Type:String
Certificate type
staged - view the staged crt
other options (all, mta, ldap, mailboxd, proxy) are used to view the deployed crt
@option Optional (0 or 1) Type:String
Required only when type is "staged".
Could be "self" (self-signed cert) or "comm" (commerical cert)

GetCertResponse

    <GetCertResponse> ## GetCertResponse
        (<cert server="{server-name}" type="{type}"> ## CertInfo
            <subject>{subject} (String)</subject>
            <issuer>{issuer} (String)</issuer>
            <notBefore>{notBefore} (String)</notBefore>
            <notAfter>{notAfter} (String)</notAfter>
            <SubjectAltName>{SubjectAltName} (String)</SubjectAltName>
          </cert>)*
    </GetCertResponse>

The following table describes elements and attributes you can define within a <GetCertResponse> element:

XPath Required / Optional Description
/cert Optional (0 or more) Certificate information
/cert@server Required (only 1) Type:String
Server name
/cert@type Required (only 1) Type:String
type - 1 of mta|ldap|mailboxd|proxy|staged
/cert/subject Optional (0 or 1) Type:{subject} (String)
C, ST, L, O, OU, CN of current cert
/cert/issuer Optional (0 or 1) Type:{issuer} (String)
C, ST, L, O, OU, CN of issuer cert
/cert/notBefore Optional (0 or 1) Type:{notBefore} (String)
Certificate validation start time
/cert/notAfter Optional (0 or 1) Type:{notAfter} (String)
Certificate validation end time
/cert/SubjectAltName Optional (0 or 1) Type:{SubjectAltName} (String)
Current cert's subject alternative name (as x509v3 Extension)