Skip to content

Update a certificate

PATCH
/api/organizations/{organizationId}/certificates/{id}

Updates a certificate. Supplying new certificateData and privateKeyData on an auto_managed certificate implicitly switches it to custom; the content is parsed and verified and returns 422 on invalid or expired data. Hostname mappings referencing the certificate are updated to reflect the change.

Authorizations

ApiToken

Long-lived API token created via POST /api/api-tokens (returned once in plaintext).

Type
API Key (header: X-API-TOKEN)
or
JWT

JWT access token obtained via POST /api/auth/login. Send as: Authorization: Bearer .

Type
HTTP (bearer)

Parameters

Path Parameters

organizationId*

Organization identifier

Type
string
Required
id*

certificate identifier

Type
string
Required

Request Body

application/merge-patch+json
JSON
{
  
"type": "auto_managed",
  
"certificateData": "-----BEGIN CERTIFICATE----- MIIC...snip...IDAQAB -----END CERTIFICATE-----",
  
"privateKeyData": "-----BEGIN PRIVATE KEY----- MIIE...snip...QIDAQ -----END PRIVATE KEY-----",
  
"chainData": "-----BEGIN CERTIFICATE----- MIID...snip...b3RQ -----END CERTIFICATE-----"
}

Responses

certificate resource updated

JSON
{
  
"@context": "string",
  
"@id": "string",
  
"@type": "string",
  
"id": "9f8b7c6d-5e4f-4a3b-8c2d-1e0f9a8b7c6d",
  
"domainName": "example.com",
  
"type": "auto_managed",
  
"status": "active",
  
"certificateData": "-----BEGIN CERTIFICATE----- MIIC...snip...IDAQAB -----END CERTIFICATE-----",
  
"privateKeyData": "-----BEGIN PRIVATE KEY----- MIIE...snip...QIDAQ -----END PRIVATE KEY-----",
  
"chainData": "-----BEGIN CERTIFICATE----- MIID...snip...b3RQ -----END CERTIFICATE-----",
  
"expiresAt": "2026-09-30T12:00:00+00:00",
  
"issuer": "Let's Encrypt",
  
"fingerprint": "sha256:3b:0a:1f:...:9c:2d",
  
"sans": [
  
  
{
  
  
  
"@context": "string",
  
  
  
"@id": "string",
  
  
  
"@type": "string",
  
  
  
"id": "9d1e8a4c-6b2f-4d3e-8a1b-2c3d4e5f6a7b",
  
  
  
"name": "www.example.com",
  
  
  
"dnsStatus": "valid",
  
  
  
"sslStatus": "covered"
  
  
}
  
],
  
"lastAttempt": {
  
  
"@context": "string",
  
  
"@id": "string",
  
  
"@type": "string",
  
  
"id": "9f1c2d3e-4b5a-6789-abcd-ef0123456789",
  
  
"type": "acme_renew",
  
  
"status": "succeeded",
  
  
"startedAt": "2026-07-01T09:15:00+00:00",
  
  
"finishedAt": "2026-07-01T09:16:42+00:00"
  
},
  
"createdAt": "2026-07-01T09:15:00+00:00",
  
"updatedAt": "2026-07-01T09:20:00+00:00",
  
"organizationId": 42,
  
"attemptCount": 3
}

Playground

Authorization
Variables
Key
Value
Body

Samples

Powered by VitePress OpenAPI