API Reference

Client Certificates

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

List Client Certificates

client.ClientCertificates.List(ctx, params) (*V4PagePaginationArray[ClientCertificate], error)

GET/zones/{zone_id}/client_certificates

List all of your Zone's API Shield mTLS Client Certificates by Status and/or using Pagination

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

SSL and Certificates WriteSSL and Certificates Read

ParametersExpand Collapse

params ClientCertificateListParams

ZoneID param.Field[string]

Path param: Identifier.

maxLength32

Limit param.Field[int64]optional

Query param: Limit to the number of records returned.

Offset param.Field[int64]optional

Query param: Offset the results

Page param.Field[float64]optional

Query param: Page number of paginated results.

minimum1

PerPage param.Field[float64]optional

Query param: Number of records per page.

maximum50

minimum5

Status param.Field[ClientCertificateListParamsStatus]optional

Query param: Client Certitifcate Status to filter results by.

const ClientCertificateListParamsStatusAll ClientCertificateListParamsStatus = "all"

const ClientCertificateListParamsStatusActive ClientCertificateListParamsStatus = "active"

const ClientCertificateListParamsStatusPendingReactivation ClientCertificateListParamsStatus = "pending_reactivation"

const ClientCertificateListParamsStatusPendingRevocation ClientCertificateListParamsStatus = "pending_revocation"

const ClientCertificateListParamsStatusRevoked ClientCertificateListParamsStatus = "revoked"

ReturnsExpand Collapse

type ClientCertificate struct{…}

ID stringoptional

Identifier.

maxLength32

Certificate stringoptional

The Client Certificate PEM

CertificateAuthority ClientCertificateCertificateAuthorityoptional

Certificate Authority used to issue the Client Certificate

ID stringoptional

Name stringoptional

CommonName stringoptional

Common Name of the Client Certificate

Country stringoptional

Country, provided by the CSR

Csr stringoptional

The Certificate Signing Request (CSR). Must be newline-encoded.

ExpiresOn stringoptional

Date that the Client Certificate expires

FingerprintSha256 stringoptional

Unique identifier of the Client Certificate

IssuedOn stringoptional

Date that the Client Certificate was issued by the Certificate Authority

Location stringoptional

Location, provided by the CSR

Organization stringoptional

Organization, provided by the CSR

OrganizationalUnit stringoptional

Organizational Unit, provided by the CSR

SerialNumber stringoptional

The serial number on the created Client Certificate.

Signature stringoptional

The type of hash used for the Client Certificate..

Ski stringoptional

Subject Key Identifier

State stringoptional

State, provided by the CSR

Status Statusoptional

Client Certificates may be active or revoked, and the pending_reactivation or pending_revocation represent in-progress asynchronous transitions

One of the following:

const StatusActive Status = "active"

const StatusPendingReactivation Status = "pending_reactivation"

const StatusPendingRevocation Status = "pending_revocation"

const StatusRevoked Status = "revoked"

ValidityDays int64optional

The number of days the Client Certificate will be valid after the issued_on date

List Client Certificates

Go

HTTP

TypeScript

Python

Go

Terraform

package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/client_certificates"
  "github.com/cloudflare/cloudflare-go/option"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  page, err := client.ClientCertificates.List(context.TODO(), client_certificates.ClientCertificateListParams{
    ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", page)
}

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    {
      "id": "023e105f4ecef8ad9ca31a8372d0c353",
      "certificate": "-----BEGIN CERTIFICATE-----\nMIIDmDCCAoC...dhDDE\n-----END CERTIFICATE-----",
      "certificate_authority": {
        "id": "568b6b74-7b0c-4755-8840-4e3b8c24adeb",
        "name": "Cloudflare Managed CA for account"
      },
      "common_name": "Cloudflare",
      "country": "US",
      "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIICY....\n-----END CERTIFICATE REQUEST-----",
      "expires_on": "2033-02-20T23:18:00Z",
      "fingerprint_sha256": "256c24690243359fb8cf139a125bd05ebf1d968b71e4caf330718e9f5c8a89ea",
      "issued_on": "2023-02-23T23:18:00Z",
      "location": "Somewhere",
      "organization": "Organization",
      "organizational_unit": "Organizational Unit",
      "serial_number": "3bb94ff144ac567b9f75ad664b6c55f8d5e48182",
      "signature": "SHA256WithRSA",
      "ski": "8e375af1389a069a0f921f8cc8e1eb12d784b949",
      "state": "CA",
      "status": "active",
      "validity_days": 3650
    }
  ],
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000,
    "total_pages": 100
  }
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    {
      "id": "023e105f4ecef8ad9ca31a8372d0c353",
      "certificate": "-----BEGIN CERTIFICATE-----\nMIIDmDCCAoC...dhDDE\n-----END CERTIFICATE-----",
      "certificate_authority": {
        "id": "568b6b74-7b0c-4755-8840-4e3b8c24adeb",
        "name": "Cloudflare Managed CA for account"
      },
      "common_name": "Cloudflare",
      "country": "US",
      "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIICY....\n-----END CERTIFICATE REQUEST-----",
      "expires_on": "2033-02-20T23:18:00Z",
      "fingerprint_sha256": "256c24690243359fb8cf139a125bd05ebf1d968b71e4caf330718e9f5c8a89ea",
      "issued_on": "2023-02-23T23:18:00Z",
      "location": "Somewhere",
      "organization": "Organization",
      "organizational_unit": "Organizational Unit",
      "serial_number": "3bb94ff144ac567b9f75ad664b6c55f8d5e48182",
      "signature": "SHA256WithRSA",
      "ski": "8e375af1389a069a0f921f8cc8e1eb12d784b949",
      "state": "CA",
      "status": "active",
      "validity_days": 3650
    }
  ],
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000,
    "total_pages": 100
  }
}