# ACM # Total TLS ## Total TLS Settings Details `client.ACM.TotalTLS.Get(ctx, query) (*TotalTLSGetResponse, error)` **get** `/zones/{zone_id}/acm/total_tls` Get Total TLS Settings for a Zone. ### Parameters - `query TotalTLSGetParams` - `ZoneID param.Field[string]` Identifier. ### Returns - `type TotalTLSGetResponse struct{…}` - `CertificateAuthority CertificateAuthority` The Certificate Authority that Total TLS certificates will be issued through. - `const CertificateAuthorityGoogle CertificateAuthority = "google"` - `const CertificateAuthorityLetsEncrypt CertificateAuthority = "lets_encrypt"` - `const CertificateAuthoritySSLCom CertificateAuthority = "ssl_com"` - `Enabled bool` If enabled, Total TLS will order a hostname specific TLS certificate for any proxied A, AAAA, or CNAME record in your zone. - `ValidityPeriod TotalTLSGetResponseValidityPeriod` The validity period in days for the certificates ordered via Total TLS. - `const TotalTLSGetResponseValidityPeriod90 TotalTLSGetResponseValidityPeriod = 90` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/acm" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) totalTLS, err := client.ACM.TotalTLS.Get(context.TODO(), acm.TotalTLSGetParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", totalTLS.ValidityPeriod) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "certificate_authority": "google", "enabled": true, "validity_period": 90 } } ``` ## Enable or Disable Total TLS `client.ACM.TotalTLS.Update(ctx, params) (*TotalTLSUpdateResponse, error)` **post** `/zones/{zone_id}/acm/total_tls` Set Total TLS Settings or disable the feature for a Zone. ### Parameters - `params TotalTLSUpdateParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Enabled param.Field[bool]` Body param: If enabled, Total TLS will order a hostname specific TLS certificate for any proxied A, AAAA, or CNAME record in your zone. - `CertificateAuthority param.Field[CertificateAuthority]` Body param: The Certificate Authority that Total TLS certificates will be issued through. ### Returns - `type TotalTLSUpdateResponse struct{…}` - `CertificateAuthority CertificateAuthority` The Certificate Authority that Total TLS certificates will be issued through. - `const CertificateAuthorityGoogle CertificateAuthority = "google"` - `const CertificateAuthorityLetsEncrypt CertificateAuthority = "lets_encrypt"` - `const CertificateAuthoritySSLCom CertificateAuthority = "ssl_com"` - `Enabled bool` If enabled, Total TLS will order a hostname specific TLS certificate for any proxied A, AAAA, or CNAME record in your zone. - `ValidityPeriod TotalTLSUpdateResponseValidityPeriod` The validity period in days for the certificates ordered via Total TLS. - `const TotalTLSUpdateResponseValidityPeriod90 TotalTLSUpdateResponseValidityPeriod = 90` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/acm" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) totalTLS, err := client.ACM.TotalTLS.Update(context.TODO(), acm.TotalTLSUpdateParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Enabled: cloudflare.F(true), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", totalTLS.ValidityPeriod) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "certificate_authority": "google", "enabled": true, "validity_period": 90 } } ``` ## Enable or Disable Total TLS `client.ACM.TotalTLS.Edit(ctx, params) (*TotalTLSEditResponse, error)` **post** `/zones/{zone_id}/acm/total_tls` Set Total TLS Settings or disable the feature for a Zone. ### Parameters - `params TotalTLSEditParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Enabled param.Field[bool]` Body param: If enabled, Total TLS will order a hostname specific TLS certificate for any proxied A, AAAA, or CNAME record in your zone. - `CertificateAuthority param.Field[CertificateAuthority]` Body param: The Certificate Authority that Total TLS certificates will be issued through. ### Returns - `type TotalTLSEditResponse struct{…}` - `CertificateAuthority CertificateAuthority` The Certificate Authority that Total TLS certificates will be issued through. - `const CertificateAuthorityGoogle CertificateAuthority = "google"` - `const CertificateAuthorityLetsEncrypt CertificateAuthority = "lets_encrypt"` - `const CertificateAuthoritySSLCom CertificateAuthority = "ssl_com"` - `Enabled bool` If enabled, Total TLS will order a hostname specific TLS certificate for any proxied A, AAAA, or CNAME record in your zone. - `ValidityPeriod TotalTLSEditResponseValidityPeriod` The validity period in days for the certificates ordered via Total TLS. - `const TotalTLSEditResponseValidityPeriod90 TotalTLSEditResponseValidityPeriod = 90` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/acm" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) response, err := client.ACM.TotalTLS.Edit(context.TODO(), acm.TotalTLSEditParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Enabled: cloudflare.F(true), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", response.ValidityPeriod) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "certificate_authority": "google", "enabled": true, "validity_period": 90 } } ``` ## Domain Types ### Certificate Authority - `type CertificateAuthority string` The Certificate Authority that Total TLS certificates will be issued through. - `const CertificateAuthorityGoogle CertificateAuthority = "google"` - `const CertificateAuthorityLetsEncrypt CertificateAuthority = "lets_encrypt"` - `const CertificateAuthoritySSLCom CertificateAuthority = "ssl_com"` # Custom Trust Store ## List Custom Origin Trust Store Details `client.ACM.CustomTrustStore.List(ctx, params) (*V4PagePaginationArray[CustomTrustStore], error)` **get** `/zones/{zone_id}/acm/custom_trust_store` Get Custom Origin Trust Store for a Zone. ### Parameters - `params CustomTrustStoreListParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Limit param.Field[int64]` Query param: Limit to the number of records returned. - `Offset param.Field[int64]` Query param: Offset the results - `Page param.Field[float64]` Query param: Page number of paginated results. - `PerPage param.Field[float64]` Query param: Number of records per page. ### Returns - `type CustomTrustStore struct{…}` - `ID string` Identifier. - `Certificate string` The zone's SSL certificate or certificate and the intermediate(s). - `ExpiresOn Time` When the certificate expires. - `Issuer string` The certificate authority that issued the certificate. - `Signature string` The type of hash used for the certificate. - `Status CustomTrustStoreStatus` Status of the zone's custom SSL. - `const CustomTrustStoreStatusInitializing CustomTrustStoreStatus = "initializing"` - `const CustomTrustStoreStatusPendingDeployment CustomTrustStoreStatus = "pending_deployment"` - `const CustomTrustStoreStatusActive CustomTrustStoreStatus = "active"` - `const CustomTrustStoreStatusPendingDeletion CustomTrustStoreStatus = "pending_deletion"` - `const CustomTrustStoreStatusDeleted CustomTrustStoreStatus = "deleted"` - `const CustomTrustStoreStatusExpired CustomTrustStoreStatus = "expired"` - `UpdatedAt Time` When the certificate was last modified. - `UploadedOn Time` When the certificate was uploaded to Cloudflare. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/acm" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.ACM.CustomTrustStore.List(context.TODO(), acm.CustomTrustStoreListParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificate": "-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", "expires_on": "2122-10-29T16:59:47Z", "issuer": "GlobalSign", "signature": "SHA256WithRSA", "status": "active", "updated_at": "2014-01-01T05:20:00Z", "uploaded_on": "2014-01-01T05:20:00Z" } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Upload Custom Origin Trust Store `client.ACM.CustomTrustStore.New(ctx, params) (*CustomTrustStore, error)` **post** `/zones/{zone_id}/acm/custom_trust_store` Add Custom Origin Trust Store for a Zone. ### Parameters - `params CustomTrustStoreNewParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Certificate param.Field[string]` Body param: The zone's SSL certificate or certificate and the intermediate(s). ### Returns - `type CustomTrustStore struct{…}` - `ID string` Identifier. - `Certificate string` The zone's SSL certificate or certificate and the intermediate(s). - `ExpiresOn Time` When the certificate expires. - `Issuer string` The certificate authority that issued the certificate. - `Signature string` The type of hash used for the certificate. - `Status CustomTrustStoreStatus` Status of the zone's custom SSL. - `const CustomTrustStoreStatusInitializing CustomTrustStoreStatus = "initializing"` - `const CustomTrustStoreStatusPendingDeployment CustomTrustStoreStatus = "pending_deployment"` - `const CustomTrustStoreStatusActive CustomTrustStoreStatus = "active"` - `const CustomTrustStoreStatusPendingDeletion CustomTrustStoreStatus = "pending_deletion"` - `const CustomTrustStoreStatusDeleted CustomTrustStoreStatus = "deleted"` - `const CustomTrustStoreStatusExpired CustomTrustStoreStatus = "expired"` - `UpdatedAt Time` When the certificate was last modified. - `UploadedOn Time` When the certificate was uploaded to Cloudflare. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/acm" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) customTrustStore, err := client.ACM.CustomTrustStore.New(context.TODO(), acm.CustomTrustStoreNewParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Certificate: cloudflare.F("-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", customTrustStore.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificate": "-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", "expires_on": "2122-10-29T16:59:47Z", "issuer": "GlobalSign", "signature": "SHA256WithRSA", "status": "active", "updated_at": "2014-01-01T05:20:00Z", "uploaded_on": "2014-01-01T05:20:00Z" } } ``` ## Custom Origin Trust Store Details `client.ACM.CustomTrustStore.Get(ctx, customOriginTrustStoreID, query) (*CustomTrustStore, error)` **get** `/zones/{zone_id}/acm/custom_trust_store/{custom_origin_trust_store_id}` Retrieves details about a specific certificate in the custom origin trust store, including expiration and subject information. ### Parameters - `customOriginTrustStoreID string` Identifier. - `query CustomTrustStoreGetParams` - `ZoneID param.Field[string]` Identifier. ### Returns - `type CustomTrustStore struct{…}` - `ID string` Identifier. - `Certificate string` The zone's SSL certificate or certificate and the intermediate(s). - `ExpiresOn Time` When the certificate expires. - `Issuer string` The certificate authority that issued the certificate. - `Signature string` The type of hash used for the certificate. - `Status CustomTrustStoreStatus` Status of the zone's custom SSL. - `const CustomTrustStoreStatusInitializing CustomTrustStoreStatus = "initializing"` - `const CustomTrustStoreStatusPendingDeployment CustomTrustStoreStatus = "pending_deployment"` - `const CustomTrustStoreStatusActive CustomTrustStoreStatus = "active"` - `const CustomTrustStoreStatusPendingDeletion CustomTrustStoreStatus = "pending_deletion"` - `const CustomTrustStoreStatusDeleted CustomTrustStoreStatus = "deleted"` - `const CustomTrustStoreStatusExpired CustomTrustStoreStatus = "expired"` - `UpdatedAt Time` When the certificate was last modified. - `UploadedOn Time` When the certificate was uploaded to Cloudflare. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/acm" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) customTrustStore, err := client.ACM.CustomTrustStore.Get( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", acm.CustomTrustStoreGetParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", customTrustStore.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificate": "-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", "expires_on": "2122-10-29T16:59:47Z", "issuer": "GlobalSign", "signature": "SHA256WithRSA", "status": "active", "updated_at": "2014-01-01T05:20:00Z", "uploaded_on": "2014-01-01T05:20:00Z" } } ``` ## Delete Custom Origin Trust Store `client.ACM.CustomTrustStore.Delete(ctx, customOriginTrustStoreID, body) (*CustomTrustStoreDeleteResponse, error)` **delete** `/zones/{zone_id}/acm/custom_trust_store/{custom_origin_trust_store_id}` Removes a CA certificate from the custom origin trust store. Origins using certificates signed by this CA will no longer be trusted. ### Parameters - `customOriginTrustStoreID string` Identifier. - `body CustomTrustStoreDeleteParams` - `ZoneID param.Field[string]` Identifier. ### Returns - `type CustomTrustStoreDeleteResponse struct{…}` - `ID string` Identifier. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/acm" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) customTrustStore, err := client.ACM.CustomTrustStore.Delete( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", acm.CustomTrustStoreDeleteParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", customTrustStore.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353" } } ``` ## Domain Types ### Custom Trust Store - `type CustomTrustStore struct{…}` - `ID string` Identifier. - `Certificate string` The zone's SSL certificate or certificate and the intermediate(s). - `ExpiresOn Time` When the certificate expires. - `Issuer string` The certificate authority that issued the certificate. - `Signature string` The type of hash used for the certificate. - `Status CustomTrustStoreStatus` Status of the zone's custom SSL. - `const CustomTrustStoreStatusInitializing CustomTrustStoreStatus = "initializing"` - `const CustomTrustStoreStatusPendingDeployment CustomTrustStoreStatus = "pending_deployment"` - `const CustomTrustStoreStatusActive CustomTrustStoreStatus = "active"` - `const CustomTrustStoreStatusPendingDeletion CustomTrustStoreStatus = "pending_deletion"` - `const CustomTrustStoreStatusDeleted CustomTrustStoreStatus = "deleted"` - `const CustomTrustStoreStatusExpired CustomTrustStoreStatus = "expired"` - `UpdatedAt Time` When the certificate was last modified. - `UploadedOn Time` When the certificate was uploaded to Cloudflare.