API Reference

📝 Complete API Documentation Available
For the full HTTP API reference with all endpoints, authentication, and error codes, see:

→ Complete HTTP API Reference

Quick Reference

Base URL

https://cjj365.cc

Authentication

All API requests require authentication via session cookie:

# 1. Login
curl -X POST https://cjj365.cc/auth/general \
  -H "Content-Type: application/json" \
  -d '{"email":"user@example.com","password":"password"}' \
  -c cookies.txt

# 2. Use session cookie for subsequent requests
curl -X GET https://cjj365.cc/apiv1/users/1/certificates \
  -b cookies.txt

Core Resources

Certificates

• GET /apiv1/users/:user_id/certificates - List certificates
• POST /apiv1/users/:user_id/certificates - Issue new certificate
• GET /apiv1/users/:user_id/certificates/:cert_id - Get certificate details
• POST /apiv1/users/:user_id/certificates/:cert_id/renew - Renew certificate
• GET /apiv1/users/:user_id/certificates/:cert_id/export - Export certificate bundle
• DELETE /apiv1/users/:user_id/certificates/:cert_id - Delete certificate

Devices

• GET /apiv1/users/:user_id/devices - List devices
• POST /apiv1/users/:user_id/devices - Register device
• GET /apiv1/users/:user_id/devices/:device_id - Get device details
• POST /apiv1/users/:user_id/certificates/:cert_id/assign - Assign cert to device
• DELETE /apiv1/users/:user_id/devices/:device_id - Delete device

ACME Accounts

• GET /apiv1/users/:user_id/acme-accounts - List ACME accounts
• POST /apiv1/users/:user_id/acme-accounts - Register ACME account
• GET /apiv1/users/:user_id/acme-accounts/:acct_id - Get account details

API Keys

• GET /apiv1/users/:user_id/apikeys - List API keys
• GET /apiv1/users/:user_id/apikeys/:apikey_id - Get key metadata
• POST /apiv1/users/:user_id/apikeys - Create new API key (returns one-time token)
• DELETE /apiv1/users/:user_id/apikeys/:apikey_id - Delete an API key

Response Format

Success Response

{
  "data": {
    "id": 1001,
    "domain": "example.com",
    "status": "active"
  }
}

Error Response

{
  "error": {
    "code": 4001,
    "what": "Certificate not found"
  }
}

Common Error Codes

Code	Meaning
4001	Resource not found
4003	Forbidden (insufficient permissions)
4009	Conflict (duplicate resource)
5000	Internal server error
5001	Database error
5002	External service error (CA, DNS)

Rate Limits

• Authentication: 10 requests/minute per IP
• Certificate Issuance: 5 requests/hour per user
• General API: 100 requests/minute per user

Pagination

List endpoints support cursor-based pagination:

GET /apiv1/users/1/certificates?limit=20&cursor=eyJpZCI6MTAwMH0=

Response includes next cursor:

{
  "data": [...],
  "pagination": {
    "cursor": "eyJpZCI6MTAyMH0=",
    "has_more": true
  }
}

Webhooks (Future)

Coming soon: Webhook notifications for certificate events

Planned events:

• certificate.issued
• certificate.renewed
• certificate.expiring
• certificate.deployed

SDK and Tools

Official Clients

• Python: pip install cert-ctrl-client (coming soon)
• Go: go get github.com/jianglibo/cert-ctrl-go (coming soon)
• Node.js: npm install cert-ctrl-client (coming soon)

Community Tools

• CLI Tool: certtool (included in main repository)
• Terraform Provider: terraform-provider-certctrl (community)

Examples

Issue a Certificate

curl -X POST https://cjj365.cc/apiv1/users/1/certificates \
  -H "Content-Type: application/json" \
  -b cookies.txt \
  -d '{
    "domain": "example.com",
    "sans": ["www.example.com", "api.example.com"],
    "acme_account_id": 1,
    "dns_provider_id": 1,
    "key_type": "ecdsa",
    "auto_renew": true
  }'

Register a Device

curl -X POST https://cjj365.cc/apiv1/users/1/devices \
  -H "Content-Type: application/json" \
  -b cookies.txt \
  -d '{
    "name": "web-server-01",
    "description": "Production web server",
    "device_type": "nginx"
  }'

Export Certificate for Agentless Deployment

curl -X GET https://cjj365.cc/apiv1/users/1/certificates/1001/export \
  -b cookies.txt \
  > cert_bundle.json

# Extract certificate and key
jq -r '.data.cert' cert_bundle.json > cert.pem
jq -r '.data.privkey' cert_bundle.json | base64 -d > key.pem

OpenAPI Specification

📄 OpenAPI 3.0 spec coming soon

A machine-readable OpenAPI specification will be available at: https://cjj365.cc/openapi.json

Related Documentation

• Introduction - Overview and getting started
• Installation - Deploy the server
• Private Key Policy - Security models

Support

• 📖 Full API Documentation
• 🐛 Report API Issues
• 💬 API Questions