Web Service (API)

The CheckTLS Application Programming Interface (API) makes select CheckTLS.com tests and tools available as web services.

What is a Web Service?

According to W3C:
A web service is a software system designed to support interoperable machine-to-machine interaction over a network.

Web services are only available to Corporate Subscribers and require CUSTOMERCODE and CUSTOMERPASS parameters on every use. Protect these credentials in the programming you use to call our web services! If you embed them in a web page, anyone can right click and view source to steal your corporate password.

CheckTLS web services are available for testing and proof-of-concept without a subscription. Without a subscription, any CUSTOMERCODE and CUSTOMERPASS will work but testing is limited to the single address "test@checkts.com".

Why Use a Web Service?

You can run our tests on your data directly from your computer systems without any human interaction, without a browser and without a keyboard or screen. You can use our feature functionality into your own email systems, data processing, data analytics, mobile apps, etc. You can put your own skin on CheckTLS and embed it in your intranet, web pages, mashups, blogs, etc. In other words, you can use CheckTLS as if you had our computer code in your systems.

Our services are simple enough that we have not formalized them with SOAP, WSDL, or UDDI, nor do we offer an orthogonal REST-ful interface. CheckTLS web services are simple POSTs to URLs that return results in XML.

Here is a very simple example of what can be done with our web service: Proof Of Concept.

How Do You Use a Web Service?

A CheckTLS web service provides XML data to a data requestor (you) as a result of an HTTP POST. The URL of the POST determines what test is being requested, and the FIELDS in the POST provide the input(s) to the test.

You can trial CheckTLS web services for free. While you need a Corporate Subscription to use our web services in production, you can target the domain "checktls.com" with any CUSTOMERCODE and CUSTOMERPASS (examples below).

Instructions for how to program your computer systems to communicate with a web service is beyond the scope of this documentation. The examples below demonstrate how to turn a URL for our most popular //email/testTo: into a web service and extract certain fields.

URL
https://www.CheckTLS.com/TestReceiver ?CUSTOMERCODE=me@mydomain.com &CUSTOMERPASS=IllNeverTell &EMAIL=test@CheckTLS.com &LEVEL=XML_DETAIL
 
Output
<CheckTLS test="TestReceiver"> <eMailAddress>checktls.com</eMailAddress> <ConfidenceFactor>100</ConfidenceFactor> <OutputFormat>XML_Detail</OutputFormat> <MXConfidenceFactor>90</MXConfidenceFactor> <Answer>100</Answer> <Connect>100</Connect> <HELO>100</HELO> <TLS>100</TLS> <Cert>100</Cert> <Secure>100</Secure> <From>100</From> <MXCount>1</MXCount> <MXAddrCount>1</MXAddrCount> <MX exchange="mail6.checktls.com[159.89.187.50:25]" name="mail6.checktls.com" address="159.89.187.50" port="25" preference="20"> <Answer>0.000684</Answer> <Connect>0.119217</Connect> <HELO>0.119677</HELO> <TLS>0.12012</TLS> <Cert>0.328317</Cert> <Secure>0.330249</Secure> <From>0.3502</From> <MXStep name="From">6</MXStep> <SSL> <SSLVersion>TLSv1_3</SSLVersion> <Cipher>TLS_AES_256_GCM_SHA384</Cipher> <SSLDeprecated>0</SSLDeprecated> </SSL> </MX> </CheckTLS>
 

The examples below all produce this same output:

Output
Target = test@CheckTLS.com Score = 100 MX count = 1 MX = mail4.checktls.com[10.18.112.126] MX SSL Version = TLSv1.2
 

Program source code:

PowerShell
$Uri = 'https://www.checktls.com/TestReceiver' $Body = @{ CUSTOMERCODE='me@mydomain.com' CUSTOMERPASS='IllNeverTell' EMAIL='test@checktls.com' LEVEL='XML_CERTDETAIL' } Try { [xml]$response = Invoke-RestMethod -Uri $Uri -Method Post -Body $Body -ContentType 'application/x-www-form-urlencoded' -ErrorAction Stop } Catch { Write-Warning "ERROR: Could not fetch CheckTLS result, error: $_" } 'Score = ' + $response.CheckTLS.ConfidenceFactor 'MX count = ' + @($response.CheckTLS.MX).Count Foreach( $mx in $response.CheckTLS.MX ) { 'MX = ' + $mx.exchange 'MX SSL Version = ' + $mx.SSL.SSLVersion } 'MX1.Cert1.Subject.commonName = ' + @(@($response.CheckTLS.MX)[0].SSL.Certs.Cert)[0].Subject.commonName function WriteXmlToScreen ([xml]$xml) { $StringWriter = New-Object System.IO.StringWriter; $XmlWriter = New-Object System.Xml.XmlTextWriter $StringWriter; $XMLWriter.Formatting = "indented"; $xml.WriteTo($XmlWriter); $XmlWriter.Flush(); $StringWriter.Flush(); Write-Output $StringWriter.ToString(); } #WriteXmlToScreen $response
 
Perl
#!/usr/bin/perl -w use strict; use LWP::UserAgent; use HTTP::Request::Common; use XML::XPath; my $ua = LWP::UserAgent->new; my $request = POST( 'https://www.checktls.com/TestReceiver', [ CUSTOMERCODE => 'me@mydomain.com', CUSTOMERPASS => 'IllNeverTell', EMAIL => 'test@CheckTLS.com', LEVEL => 'XML_DETAIL', ] ); my $response = $ua->request($request); unless( $response->is_success) { print $response->status_line; } my $XML = $response->content(); my $xp = XML::XPath->new(xml => $XML); print 'Target = ' . $xp->find('/CheckTLS/eMailAddress') . "\n"; print 'Score = ' . $xp->find('/CheckTLS/ConfidenceFactor') . "\n"; my $nodeset = $xp->findnodes('/CheckTLS/MX'); print 'MX Count = ' . $nodeset->get_nodelist() . "\n"; foreach my $mx ($nodeset->get_nodelist()) { print 'MX = ' . $mx->find('@exchange') . "\n"; print 'MX SSL Version = ' . $mx->find('SSL/SSLVersion') . "\n"; } print 'MX1.Cert1.Subject.commonName = ' . $xp->find('/CheckTLS/MX[1]/SSL/Certs/Cert[1]/Subject/commonName') . "\n";
 
C#
using System; using System.IO; using System.Net; using System.Text; using System.Web; using System.Xml; namespace CheckTLS { class WebService { static void Main() { HttpWebRequest request = (HttpWebRequest)WebRequest.Create( "https://www.checktls.com/TestReceiver" + "?CUSTOMERCODE=" + WebUtility.UrlEncode("me@mydomain.com") + "&CUSTOMERPASS=" + WebUtility.UrlEncode("IllNeverTell") + "&EMAIL=" + WebUtility.UrlEncode("test@CheckTLS.com") + "&LEVEL=" + "XML_DETAIL" ); HttpWebResponse response = (HttpWebResponse)request.GetResponse(); if (response.StatusCode != HttpStatusCode.OK) Console.WriteLine("CheckTLS on test@CheckTLS.com" + Environment.NewLine + response.StatusCode + ": " + response.StatusDescription); StreamReader streamreader = new StreamReader(response.GetResponseStream()); String responseString = streamreader.ReadToEnd(); response.Close(); streamreader.Close(); XmlDocument xmlDoc = new XmlDocument(); xmlDoc.LoadXml(responseString); XmlNode xmlNode; xmlNode = xmlDoc.SelectSingleNode("/CheckTLS/eMailAddress"); Console.WriteLine("Target = " + xmlNode.InnerText); xmlNode = xmlDoc.SelectSingleNode("//ConfidenceFactor"); Console.WriteLine("Score = " + xmlNode.InnerText); } } }
 
Java
import javax.xml.parsers.*; import javax.xml.xpath.*; import org.w3c.dom.*; import java.io.*; import java.net.*; import java.util.*; public class webservice { public static void main(String[] args) throws Exception { URL url = new URL("https://www.CheckTLS.com/TestReceiver"); Map<String,Object> params = new LinkedHashMap<>(); params.put("CUSTOMERCODE","me@mydomain.com"); params.put("CUSTOMERPASS","IllNeverTell"); params.put("EMAIL","test@CheckTLS.com"); params.put("LEVEL","XML_DETAIL"); StringBuilder postData = new StringBuilder(); for (Map.Entry<String,Object> param : params.entrySet()) { if (postData.length() != 0) postData.append('&'); postData.append(URLEncoder.encode(param.getKey(),"UTF-8")); postData.append('='); postData.append(URLEncoder.encode(String.valueOf(param.getValue()),"UTF-8")); } byte[] postDataBytes = postData.toString().getBytes("UTF-8"); HttpURLConnection connection = (HttpURLConnection)url.openConnection(); connection.setRequestMethod("POST"); connection.setRequestProperty("Content-Type","application/x-www-form-urlencoded"); connection.setRequestProperty("Content-Length",String.valueOf(postDataBytes.length)); connection.setDoOutput(true); connection.getOutputStream().write(postDataBytes);; InputStream ins = connection.getInputStream(); DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance(); DocumentBuilder dBuilder; dBuilder = dbFactory.newDocumentBuilder(); Document doc = dBuilder.parse(ins); XPathFactory xpFactory = XPathFactory.newInstance(); XPath xp = xpFactory.newXPath(); System.out.println("Target = " + xp.evaluate("/CheckTLS/eMailAddress", doc, XPathConstants.STRING)); System.out.println("Score = " + xp.evaluate("/CheckTLS/ConfidenceFactor", doc, XPathConstants.STRING)); NodeList nList = (NodeList)xp.evaluate("/CheckTLS/MX", doc, XPathConstants.NODESET); System.out.println("MX count = " + nList.getLength()); for (int n=0; n<nList.getLength(); n++) { Element eMX = (Element) nList.item(n); System.out.println("MX = " + eMX.getAttribute("exchange")); Element eSSL = (Element) eMX.getElementsByTagName("SSL").item(0); System.out.println("MX SSL Version = " + eSSL.getElementsByTagName("SSLVersion").item(0).getTextContent()); } System.exit( 0 ); } }

 

What Tests are Available as Web Services?

Behind the scenes, every CheckTLS webpage is available as POST to a URL. However some are not appropriate as web services (e.g. Login), and some do not yet have the option to return results as XML. Those web pages that are available as web services are documented below. We are adding XML output to more and more of our webpages, so if a test is not listed below, check back later or Contact Us to request we add it.

//email/testTo: (Receiver)

URL
https://www.CheckTLS.com/TestReceiver
required
content
CUSTOMERCODE
your CheckTLS Customer Code
CUSTOMERPASS
your CheckTLS Customer Password
parameter
web page prompt
EMAIL
eMail Address
LEVEL
Output Format (must be one of XML_*)
QUICK
Quick Test
IGNORENOCONNECT
Ignore No Connects
PROGRESS
Show Test in Real Time
SMTPDetail
SMTP Detail XML
HOST
MX Host
PORT
MX Port
IPV4
IPv4
IPV6
IPv6
MXCOUNT
MX Count
STOPAFTER
Stop After
DIRECTTLS
Direct TLS
COMPELTLS
Compel TLS
RELAXWC
Relax "*" match
CHECKCRL
Check CRL
CHECKOCSP
Check OCSP
SSLVERSION
SSL Version
CIPHERLIST
SSL Cipher List
XSLURL
XSL URL
XSL
XSL to Run
SMTPAUTH
SMTP AUTH Type
AUTHUSER
AUTH User
AUTHPASS
AUTH Pass
TIMEOUT
SMTP TimeOut
CACERTS
CA Certs
CLIENTCERT
Client Cert
CLIENTKEY
Client Key
RCPTTO
Include RCPT TO
SENDEMAIL
Send Email

//email/testMandatoryTo: (ReceiverAssureTLS)

URL
https://www.CheckTLS.com/TestReceiver
required
content
CUSTOMERCODE
your CheckTLS Customer Code
CUSTOMERPASS
your CheckTLS Customer Password
KEYWORDS
ASSURETLS
parameter
web page prompt

These are the same as with //email/testTo: above.

//email/testFrom: (Sender)

//email/testMandatoryFrom: (SenderAssureTLS)

As both Sender tests are executed in response to an email you send, there is no web service necessary. To automate a Sender test, just have your system automatically generate the Sender test email.

//email/uploadSavedTest (BatchUpload)

The BatchUpload web service can perform four operations:

  • update stored BatchTests
  • run stored BatchTests
  • update and run stored BatchTests (at once)
  • run an ad-hoc BatchTest (one-time, not saved)

See Batch Testing and this program's documentation for specifics.

URL
https://www.CheckTLS.com/BatchUpLoad
required
content
CUSTOMERCODE
your CheckTLS Customer Code
CUSTOMERPASS
your CheckTLS Customer Password
parameter
web page prompt
BATCHID
Batch Id
RUNNOW
Y/N
XML
XML
These parameters are only available if Batch Id is "new":
DESCRIPTION
Description
DAYOFMONTH
Day of Month
DAYOFWEEK
Day of Week
HOUROFDAY
Hour of Day
MINUTEOFHOUR
Minute of Hour

//email/monitor

The Monitor web service can perform three operations:

  • show how to use Monitor
  • show the output of a Monitor call
  • show the URL "code" to make a Monitor call

See About Monitoring and this program's documentation for specifics.

URL
https://www.CheckTLS.com/Monitor
required
content
CUSTOMERCODE
your CheckTLS Customer Code
CUSTOMERPASS
your CheckTLS Customer Password
parameter
web page prompt
BATCHID
Batch Id
MODE
Monitor Mode
These parameters are only available if Monitor Mode is "check":
AGE
Check Age
TOTAL
Minimum Total
FORMAT
"FORMAT" Format
RESULTS
Show Results