SSL Certificate Chain API | WhoisXML API

SSL Certificate Chain API

Obtain a domain name’s Secure Sockets Layer (SSL) certificate and trace its complete SSL certificate chain to reveal potential inconsistencies and misconfigurations that may translate to exploitable vulnerabilities. A single SSL Certificate Chain API query provides details that can ease your security enrichment efforts, allowing you to know which domains are trustworthy and which are not.

Get started

100 free API credits. No credit card required.

Each SSL certificate chain API lookup lets users retrieve:

  • Audit Date

    When the SSL certificate and SSL certificate chain result was queried.

  • Domain Name

    The domain name the SSL certificates and the SSL certificate chain belong to.

  • IP Address

    The IP address resolution of the domain name.

  • Port Number

    The port number associated with the SSL connection.

  • SSL Certificate Chain Details

    All the available SSL certificates in the SSL certificate chain of the domain and their types—end-user, intermediate, or root.

  • SSL Certificate Data

    Includes each SSL certificate’s chain hierarchy, validation type, validity dates (from and to), serial number, signature algorithm, subject, issuer details, .pem file information, extension, and public key (Check out the complete output format for more details.).

Our SSL certificate chain API delivers complete and relevant data.

  • Up-to-date

    We provide access to the latest SSL certificate issued for every domain.

  • Consistent

    We parse the SSL certificate chain data thoroughly to give users information in a format that is easy to read and integrate.

  • Handy

    You can retrieve the results of SSL certificate chain API calls in JavaScript Object Notation (JSON) or Extensible Markup Language (XML) format.

Practical Usage

Monitor your SSL certificates and SSL certificate chain for signs of unauthorized changes that may signal a domain or subdomain takeover.

Know which domains can and can’t be trusted by diving deeper into their SSL certificate and SSL certificate chain details.

Check the SSL certificate validation type to detect self-signed certificates often used in man-in-the-middle (MitM) and typosquatting attacks.

Increase visibility into organizations’ attack surfaces to check for SSL certificates that are about to expire or already expired.

Keep up with SSL certificate and SSL certificate chain modifications as domains change hands often.

SSL Certificate Chain API | WhoisXML API

Get 100 free API credits. No credit card required.

Get started

Premium API Services

Our APIs are available in an enhanced version that offers better performance with a dedicated load balancer and a premium endpoint to enable faster throttling for large-scale API deployments.

Learn more

Enterprise API Packages

API access through WhoisXMLAPI can be purchased as an annual subscription. The access pricing is based on the number of queries, which is measured monthly with per-minute rate limits. The pricing structure gives predictability to business planning and solution architecture.

Learn more