| domain | The domain you are requesting resources for. Wildcard domain is permitted. |
|---|---|
| secret | Secret to domain. Must match existing secret or can be anything if domain is new |
| type | What to retrieve. Either crt, key, pkcs12 or ocsp |
| addmaindomain | Optional. When requesting certificate for a subdomain subdomain.example.com, also include the parent domain example.com |
Returned data is in PEM format for crt and key, and binary for PKCS12 and OCSP
It is possible to ommit secret if instead using HTTP authentication. The user must have access to the domain in domain admin