Logo
Logo

PRODUCTS

TOOLS

PricingDocsResources

Instantly ValidateAny Website’s SSLwith OurLive SSL Certificate Lookup API

Quickly verify any website’s SSL certificate, expiration, and authenticity in real time using SSL Lookup API.

Contact Sales
Get Started
More Details
1[
2  {
3    "domainName": "whoisfreaks.com",
4    "queryTime": "2024-10-04 07:17:04",
5    "sslCertificates": [
6      {
7        "chainOrder": "end-user",
8        "authenticationType": "domain",
9        "validityStartDate": "2024-09-7 23:03:18 UTC",
10        "validityEndDate": "2024-12-6 23:03:17 UTC",
11        "serialNumber": "04:8e:90:ab:b3:ec:32:10:1e:de:83:4a:e8:9c:3c:e7:1e:a7",
12        "signatureAlgorithm": "ECDSA-SHA2384",
13        "subject": {
14          "commonName": "whoisfreaks.com"
15        },
16        "issuer": {
17          "commonName": "E6",
18          "organization": "Let's Encrypt",
19          "country": "US"
20        },
21        "publicKey": {
22          "keySize": "256 bit",
23          "keyAlgorithm": "ECDSA"
24        },
25        "extensions": {
26          "authorityKeyIdentifier": "93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2",
27          "subjectKeyIdentifier": "95:B1:F8:43:43:1B:A9:D9:A0:73:E6:F7:BF:FB:34:D8:DE:69:CC:39",
28          "keyUsages": [
29            "Digital Signature"
30          ],
31          "extendedKeyUsages": [
32            "TLS Web Server Authentication",
33            "TLS Web Client Authentication"
34          ],
35          "authorityInfoAccess": {
36            "issuers": [
37              "http://e6.i.lencr.org/"
38            ],
39            "ocsp": [
40              "http://e6.o.lencr.org"
41            ]
42          },
43          "subjectAlternativeNames": {
44            "dnsNames": [
45              "www.whoisfreaks.com",
46              "whoisfreaks.com"
47            ]
48          },
49          "certificatePolicies": [
50            {
51              "policyId": "2.23.140.1.2.1"
52            }
53          ]
54        }
55      },
56      {
57        "chainOrder": "intermediate",
58        "authenticationType": "organization",
59        "validityStartDate": "2024-03-13 00:00:00 UTC",
60        "validityEndDate": "2027-03-12 23:59:59 UTC",
61        "serialNumber": "b0:57:3e:91:73:97:27:70:db:b4:87:cb:3a:45:2b:38",
62        "signatureAlgorithm": "SHA256-RSA",
63        "subject": {
64          "commonName": "E6",
65          "organization": "Let's Encrypt",
66          "country": "US"
67        },
68        "issuer": {
69          "commonName": "ISRG Root X1",
70          "organization": "Internet Security Research Group",
71          "country": "US"
72        },
73        "publicKey": {
74          "keySize": "384 bit",
75          "keyAlgorithm": "ECDSA"
76        },
77        "extensions": {
78          "authorityKeyIdentifier": "79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E",
79          "subjectKeyIdentifier": "93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2",
80          "keyUsages": [
81            "CRL Sign",
82            "Digital Signature",
83            "Certificate Sign"
84          ],
85          "extendedKeyUsages": [
86            "TLS Web Server Authentication",
87            "TLS Web Client Authentication"
88          ],
89          "authorityInfoAccess": {
90            "issuers": [
91              "http://x1.i.lencr.org/"
92            ]
93          },
94          "certificatePolicies": [
95            {
96              "policyId": "2.23.140.1.2.1"
97            }
98          ]
99        }
100      },
101      {
102        "chainOrder": "root",
103        "authenticationType": "self-signed-ca",
104        "validityStartDate": "2015-06-4 11:04:38 UTC",
105        "validityEndDate": "2035-06-4 11:04:38 UTC",
106        "serialNumber": "82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00",
107        "signatureAlgorithm": "SHA256-RSA",
108        "subject": {
109          "commonName": "ISRG Root X1",
110          "organization": "Internet Security Research Group",
111          "country": "US"
112        },
113        "issuer": {
114          "commonName": "ISRG Root X1",
115          "organization": "Internet Security Research Group",
116          "country": "US"
117        },
118        "publicKey": {
119          "keySize": "4096 bit",
120          "keyAlgorithm": "RSA"
121        },
122        "extensions": {
123          "subjectKeyIdentifier": "79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E",
124          "keyUsages": [
125            "CRL Sign",
126            "Certificate Sign"
127          ]
128        }
129      }
130    ]
131  }
132]
pricing backgroundEclipse Top RightEclipse Top LeftEclipse WHOIS Stats
1528+
TLDs
690M+
Active Domains
877M+
Domains Tracked
3554M+
WHOIS Records
4931M+
Host Names
13B+
DNS Records

Product

SSL CertificateAPI
Ensure your website’s authenticity and security by checking SSL certificate details, expiration, and encryption status with our Live Lookup API.
SSL Certificate Lookup API

SSL certificate lookup API allows you to fetch live streaming Secure Sockets Layer (SSL) certificate along with its complete SSL cert chain to provide up-to-date and consistent data.

Explore More
Documentation
monitoring

Features

What ourSSL Lookup APIProvide

Access comprehensive SSL certificate data with our API – validate, monitor, and ensure website security in real time.

Request a Quote
Contact Sales
Feature icon

Comprehensive Chain

Validates complete chain to ensure authenticity and strengthen website security.

Feature icon

Comprehensive data

Thoroughly parse SSL data and get server details like common name and certificate issuer.

Feature icon

SSL Expiry Monitoring

Monitor SSL certificate expiration dates effortlessly to ensure continuous website security.

Feature icon

Supported Formats

Easily retrieve SSL lookup data in JSON or XML, offering flexibility and seamless integration.

Use Cases

SSL Certificate Action

See how SSL Lookup API can be used for brand protection and typosquatting defense.

Feature icon

Trust Badge

This API allows you to know which domains are trustworthy and which are not in the chain for faster risk-based decisions.

Feature icon

Certificate Chain Monitoring

Monitor expiring SSL certificates and detect changes to prevent domain takeover before outages and security incidents occur.

Feature icon

3rd Party & Typosquatting Attacks

Check SSL certificate validation to identify self-signed certificates and prevent MITM or typosquatting attacks.

Feature icon

Real Time Data

Access well-parsed, real-time SSL certificate data in JSON or XML for seamless integration with third party applications.

Feature icon

Data Enrichment

SSL certificate chain lookup helps uncover inconsistencies that may indicate exploitable security vulnerabilities.

Feature icon

Compliance & Auditing

Monitor and validate SSL certificates to ensure compliance and generate audit-ready reports using SSL Lookup API.

Request demo background

Stay secure and informed by monitoring SSL certificates with real-time data. Track expirations, detect certificate changes, and support faster incident response.

Request Demo
pricing background

Documentation

APIs

Credit Usage
Live LookupHistorical LookupReverse LookupIP LookupASN LookupBulk Domain Lookup
Live LookupHistorical LookupReverse LookupBulk Domain Lookup
Availability LookupBulk Domain LookupDomain Discovery APIBulk Domain Discovery API
SSL Lookup APISubdomains Lookup API
Geolocation LookupBulk Geolocation Lookup
Security LookupBulk Security Lookup

Databases

With WhoisWith Cleaned WhoisWithout Whois (CSV)Without Whois (JSON)DNS
Expiring With WhoisExpiring Without WhoisExpiring With Cleaned WhoisDropped With WhoisDropped Without Whois (CSV)Dropped Without Whois (JSON)
Whois DatabaseDNS DatabaseSubdomain Database
IP to Country SnapshotsIP to Country Snapshot StatusIP to City SnapshotsIP to City Snapshot Status

Libraries

cURL
cURL
API
JavaScript
JavaScript
API
C#
C#
API
Swift
Swift
API
C++
C++
API
Java
Java
API
Ruby
Ruby
API
PHP
PHP
API
Node.js
Node.js
API

Third Party

Make
Make
MISP
MISP
MS Security Copilot
MS Security Copilot

SSL Live Lookup

The Live SSL Lookup API retrieves the real‑time SSL certificate of a domain and, when the chain parameter is set to true, also returns the complete certificate chain. Additionally, you can obtain the raw OpenSSL response by setting the sslRaw parameter to true.

Authorization

You can make authorized requests to our API by passing API key as a query parameter. To get your API key, login to our billing dashboard and get your API key! If your API key has been compromised, you can change it by clicking on reset button in billing dashboard.

Query Parameters

Required
  • apiKey
    Get your API key from our billing dashboard.
  • domainName
    The domainName for requested ssl data.
Optional
  • chain
    For getting the chain of all domain ssl certificates sorted from end-user to root. Default value is "false"
  • sslRaw
    For getting the raw openssl response of the domain. Default value is "false"
  • format
    Two formats are available JSON, XML. If you don't specify the 'format' parameter, the default format will be JSON.

Request

shellnodejsjavapythonphprubyjscsharpgocswiftjquery
SHELL
Loading request...

Response

Loading response...

Status Codes

Success Codes
  • 200Request is processed successfully.
Failure Codes
  • 400Please pass domain param correct value e.g. whoisfreaks.com, https://whoisfreaks.com, http://whoisfreaks.com
  • 401Provided API key is invalid.
  • 401Provided API key is inactive.
  • 401Please buy a subscription plan or add api credits, then use this api key.
  • 401Your subscription is deactivated. Please buy new plan or add api credits for using whoisfreaks APIs.
  • 401Your subscription is deactivated due to much time payment failure. Please buy a new plan or add api credits for using whoisfreaks APIs.
  • 401Your account is deactivated.
  • 401You are blocked due to suspicious activity.
  • 404No Ssl Certificate exists for this Domain
  • 412You have exceeded the limit of api plan requests and your subscription is canceled.
  • 413You have exceeded the limit of api credits requests [allowed_request_no]. Please upgrade your plan.
  • 413You have exceeded the limit of Surcharge Requests [allowed_surcharge_request_no]. Please upgrade your plan.
  • 429Please slow down. Your maximum request limit per minute is reached.
  • 500Internal Server error occurred.
  • 503Service is unavailable. Please try after some time.
  • 504Request is timed-out.
FAQs
Enhance your apps with industry leading web scraping and crawling.
What is the SSL certificate?
What is meant by SSL Certificate Chain?
Which TLDs are supported by your system?
Do you have notification service when API credits are near to an end?
Do you charge credit on 4xx error status codes in response?
What is the number of free API credits available for new users, and are these credits rate-limited?
What is meant by Live Lookup endpoint and how much data latency does it offer?
Do you have rate limiting on number of requests being made on your paid plans?
Do you provide any headers in API response regarding rate limiting?

Ready to get started?

Join now and claim 500 credits for free!

Elevate your cybersecurity strategy with our all-in-one domain and IP intelligence platform empowering analysts, researchers, and brand owners with real-time WHOIS, DNS, IP, and subdomain insights.

Sign Up For Free