Certificate monitoring via API with KeyChest

Some of you already use our KeyChest and its free cloud web service. If you’d rather have something you can call from a command line, you can check its new RESTful API.

We have now added a simple RESTful API for integration into scripts. You can do a new client registration via the API so the deployment can be fully automated.

While running LE clients hooked to cron / scheduler is a good enough solution for many of our servers, it makes sense to add a separate monitoring process so we don’t depend on just one piece of software.

Examples using curl

Step 1: get an API key

curl https://keychest.net/api/v1.0/access/claim/me@myemail.com

If you are familiar with jq, you can retrieve the new API key with the following command:

curl -s https://keychest.net/api/v1.0/access/claim/me@myemail.com | jq -r '.api_key'

There is also a POST version of the registration, where you can generate the API key yourself.

Step 2: register for monitoring

curl -s -X POST -H "Content-Type: application/json" -d '{"api_key":"api-key-from-step-1", "domain":"fish.enigmabridge.com" }' https://keychest.net/api/v1.0/servers/add

Step 3: check expiration

curl -s https://keychest.net/api/v1.0/servers/expiration/fish.enigmabridge.com?api_key=<api-key-from-step-1>

The results of the expiration check look like this:

    "domain": "fish.enigmabridge.com",
    "results": [
            "ip": "2001:41c9:1:41d::131",
            "certificate_found": false,
            "certificate_sha256": null,
            "renewal_due": null,
            "expired": null,
            "renewal_utc": null,
            "last_scan_utc": 1509094412
            "ip": "",
            "certificate_found": true,
            "certificate_sha256": "1aa7cda60ba61810321bedc4793fadc80f7ca6a3e328d484b0d5eb8a9ef230de",
            "renewal_due": true,
            "expired": false,
            "renewal_utc": 1510216500,
            "last_scan_utc": 1509099907
    "status": "success"

There is more detailed documentation available in your KeyChest account (you have to log on), as well as here:


Any comments, request, pls fire away.


most excellent step forward!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.