You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A few endpoints to start with. All endpoints must follow CRUD methodology and return intelligible HTTP error codes.
POST /api/v1/scan?target=example.net
perform a full scan of target https://example.net
GET /api/v1/results?target=example.net
retrieve a JSON document from the database with the results for example.net. If nothing is found, return a 404.
GET /api/v1/certificate?target=example.net&raw=false
returns a JSON of the interpreted certificate of example.net (or a 404). If &raw=true is set, return the raw base64 as plain text (no json).
GET /api/v1/search?sha1=abcdef&show=child&limit=100&offset=300
This would be a more complex search API that would be extended in the future. In the example above, we're listing the children of a root or intermediate cert that has sha1 abcdef, only returning 100 results, and skipping the first 300, for pagination. That type of query would be used by the platform security team to list the certificates impacted by revoking a given intermediate cert, for example via OneCRL. (cc @mozmark).
Provide an API that can be queried and provide direct results to the caller.
The text was updated successfully, but these errors were encountered: