Certificates

Certificates allow you to secure your projects with SSL/TLS encryption. Depfloy uses Let's Encrypt to automatically provision and manage SSL certificates for your domains. On this page, we will dive into the different certificate endpoints you can use to manage SSL certificates programmatically.

Certificate operations

SSL certificates are automatically provisioned when you enable SSL for a project. The certificate endpoints allow you to manually trigger certificate creation or removal.

POST/api/v1/certificates

Create a certificate

This endpoint allows you to request a new SSL certificate for a project. The certificate is automatically provisioned using Let's Encrypt and configured in Nginx.

Required attributes

  • Name
    project_id
    Type
    integer
    Description

    The ID of the project to create the certificate for.

  • Name
    domain_id
    Type
    integer
    Description

    The ID of the primary domain to request the certificate for. You can fetch the domains from the /api/v1/domains endpoint.

Request

POST
/api/v1/certificates
curl https://app.depfloy.com/api/v1/certificates \
  -H "Authorization: Bearer {API_KEY}" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
    "project_id": 16532,
    "domain_id": 136526
  }'

Response

{
  "status": "success",
  "message": "SSL certificate requested successfully",
  "data": {
    "ssl_response": {
      "ok": true,
      "system_output": [
        "[ssl] : Requesting a certificate for example.com",
        "[ssl] : Successfully received certificate.",
        "[ssl] : Certificate is saved at: /etc/letsencrypt/live/example.com/fullchain.pem",
        "[ssl] : Key is saved at: /etc/letsencrypt/live/example.com/privkey.pem",
        "[ssl] : This certificate expires on 2025-04-15.",
        "[ssl] : Deploying certificate",
        "[ssl] : Successfully deployed certificate for example.com",
        "[ssl] : Congratulations! You have successfully enabled HTTPS on https://example.com"
      ]
    },
    "nginx_response": {
      "ok": true,
      "system_output": [
        "[nginx] : nginx: the configuration file /etc/nginx/nginx.conf syntax is ok",
        "[nginx] : nginx: configuration file /etc/nginx/nginx.conf test is successful"
        ]
      },
    }
  }
}
GET/api/v1/projects/:projectId/certificates

List certificates

This endpoint allows you to list all SSL certificates for a project by its ID.

Request

GET
/api/v1/projects/16532/certificates
curl https://app.depfloy.com/api/v1/projects/16532/certificates \
  -H "Authorization: Bearer {API_KEY}" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json"

Response

  [
    {
      "id": 136526,
      "project_id": 16532,
      "domain_id": 136526,
      "cert_name": "example.com",
      "cert_path": "/etc/letsencrypt/live/example.com/fullchain.pem",
      "cert_key_path": "/etc/letsencrypt/live/example.com/privkey.pem",
      "status": 1,
      "expires_at": "2025-04-15"
    },
    // ... more certificates
  ]
GET/api/v1/projects/:projectId/certificates/:certificateId

Retrieve a certificate

This endpoint allows you to retrieve an SSL certificate for a project by its ID.

Request

GET
/api/v1/projects/16532/certificates/136526
curl https://app.depfloy.com/api/v1/projects/16532/certificates/136526 \
  -H "Authorization: Bearer {API_KEY}" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json"

Response

{
  "id": 136526,
  "project_id": 16532,
  "domain_id": 136526,
  "cert_name": "example.com",
  "cert_path": "/etc/letsencrypt/live/example.com/fullchain.pem",
  "cert_key_path": "/etc/letsencrypt/live/example.com/privkey.pem",
  "status": 1,
  "expires_at": "2025-04-15"
}
POST/api/v1/projects/:projectId/certificates/:certificateId/renew

Renew a certificate

This endpoint allows you to renew an SSL certificate for a project by its ID.

Request

POST
/api/v1/projects/16532/certificates/136526/renew
curl https://app.depfloy.com/api/v1/projects/16532/certificates/136526/renew \
  -H "Authorization: Bearer {API_KEY}" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json"

Response

{
  "status": "success",
  "message": "SSL certificate renewed successfully",
  "data": {
    "nginx_response": {
      "ok": true,
      "system_output": [
        "[nginx] : nginx: the configuration file /etc/nginx/nginx.conf syntax is ok",
        "[nginx] : nginx: configuration file /etc/nginx/nginx.conf test is successful"
      ]
    }
  }
}
DELETE/api/v1/certificates/:projectId

Delete a certificate

This endpoint allows you to delete an SSL certificate from a project. This will remove the certificate and revert the project to HTTP.

Request

DELETE
/api/v1/certificates/14532
curl -X DELETE https://app.depfloy.com/api/v1/certificates/14532 \
  -H "Authorization: Bearer {API_KEY}" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json"

Response

{
  "status": "success",
  "message": "SSL certificate deleted successfully",
  "data": {
    "nginx_response": {
      "ok": true,
      "system_output": [
        "[nginx] : nginx: the configuration file /etc/nginx/nginx.conf syntax is ok",
        "[nginx] : nginx: configuration file /etc/nginx/nginx.conf test is successful"
      ]
    }
  }
}

Was this page helpful?