## Create Custom Hostname `client.CustomHostnames.New(ctx, params) (*CustomHostnameNewResponse, error)` **post** `/zones/{zone_id}/custom_hostnames` Add a new custom hostname and request that an SSL certificate be issued for it. One of three validation methods—http, txt, email—should be used, with 'http' recommended if the CNAME is already in place (or will be soon). Specifying 'email' will send an email to the WHOIS contacts on file for the base domain plus hostmaster, postmaster, webmaster, admin, administrator. If http is used and the domain is not already pointing to the Managed CNAME host, the PATCH method must be used once it is (to complete validation). Enable bundling of certificates using the custom_cert_bundle field. The bundling process requires the following condition One certificate in the bundle must use an RSA, and the other must use an ECDSA. ### Parameters - `params CustomHostnameNewParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Hostname param.Field[string]` Body param: The custom hostname that will point to your hostname via CNAME. - `CustomMetadata param.Field[map[string, string]]` Body param: Unique key/value metadata for this hostname. These are per-hostname (customer) settings. - `SSL param.Field[CustomHostnameNewParamsSSL]` Body param: SSL properties used when creating the custom hostname. - `BundleMethod BundleMethod` A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. - `const BundleMethodUbiquitous BundleMethod = "ubiquitous"` - `const BundleMethodOptimal BundleMethod = "optimal"` - `const BundleMethodForce BundleMethod = "force"` - `CertificateAuthority CertificateCA` The Certificate Authority that will issue the certificate - `const CertificateCADigicert CertificateCA = "digicert"` - `const CertificateCAGoogle CertificateCA = "google"` - `const CertificateCALetsEncrypt CertificateCA = "lets_encrypt"` - `const CertificateCASSLCom CertificateCA = "ssl_com"` - `CloudflareBranding bool` Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true - `CustomCERTBundle []CustomHostnameNewParamsSSLCustomCERTBundle` Array of custom certificate and key pairs (1 or 2 pairs allowed) - `CustomCertificate string` If a custom uploaded certificate is used. - `CustomKey string` The key for a custom uploaded certificate. - `CustomCertificate string` If a custom uploaded certificate is used. - `CustomCsrID string` The identifier for the Custom CSR that was used. - `CustomKey string` The key for a custom uploaded certificate. - `Method DCVMethod` Domain control validation (DCV) method used for this hostname. - `const DCVMethodHTTP DCVMethod = "http"` - `const DCVMethodTXT DCVMethod = "txt"` - `const DCVMethodEmail DCVMethod = "email"` - `Settings CustomHostnameNewParamsSSLSettings` SSL specific settings. - `Ciphers []string` An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format. - `EarlyHints CustomHostnameNewParamsSSLSettingsEarlyHints` Whether or not Early Hints is enabled. - `const CustomHostnameNewParamsSSLSettingsEarlyHintsOn CustomHostnameNewParamsSSLSettingsEarlyHints = "on"` - `const CustomHostnameNewParamsSSLSettingsEarlyHintsOff CustomHostnameNewParamsSSLSettingsEarlyHints = "off"` - `HTTP2 CustomHostnameNewParamsSSLSettingsHTTP2` Whether or not HTTP2 is enabled. - `const CustomHostnameNewParamsSSLSettingsHTTP2On CustomHostnameNewParamsSSLSettingsHTTP2 = "on"` - `const CustomHostnameNewParamsSSLSettingsHTTP2Off CustomHostnameNewParamsSSLSettingsHTTP2 = "off"` - `MinTLSVersion CustomHostnameNewParamsSSLSettingsMinTLSVersion` The minimum TLS version supported. - `const CustomHostnameNewParamsSSLSettingsMinTLSVersion1_0 CustomHostnameNewParamsSSLSettingsMinTLSVersion = "1.0"` - `const CustomHostnameNewParamsSSLSettingsMinTLSVersion1_1 CustomHostnameNewParamsSSLSettingsMinTLSVersion = "1.1"` - `const CustomHostnameNewParamsSSLSettingsMinTLSVersion1_2 CustomHostnameNewParamsSSLSettingsMinTLSVersion = "1.2"` - `const CustomHostnameNewParamsSSLSettingsMinTLSVersion1_3 CustomHostnameNewParamsSSLSettingsMinTLSVersion = "1.3"` - `TLS1_3 CustomHostnameNewParamsSSLSettingsTLS1_3` Whether or not TLS 1.3 is enabled. - `const CustomHostnameNewParamsSSLSettingsTLS1_3On CustomHostnameNewParamsSSLSettingsTLS1_3 = "on"` - `const CustomHostnameNewParamsSSLSettingsTLS1_3Off CustomHostnameNewParamsSSLSettingsTLS1_3 = "off"` - `Type DomainValidationType` Level of validation to be used for this hostname. Domain validation (dv) must be used. - `const DomainValidationTypeDv DomainValidationType = "dv"` - `Wildcard bool` Indicates whether the certificate covers a wildcard. ### Returns - `type CustomHostnameNewResponse struct{…}` - `ID string` Identifier. - `Hostname string` The custom hostname that will point to your hostname via CNAME. - `CreatedAt Time` This is the time the hostname was created. - `CustomMetadata map[string, string]` Unique key/value metadata for this hostname. These are per-hostname (customer) settings. - `CustomOriginServer string` a valid hostname that’s been added to your DNS zone as an A, AAAA, or CNAME record. - `CustomOriginSNI string` A hostname that will be sent to your custom origin server as SNI for TLS handshake. This can be a valid subdomain of the zone or custom origin server name or the string ':request_host_header:' which will cause the host header in the request to be used as SNI. Not configurable with default/fallback origin server. - `OwnershipVerification CustomHostnameNewResponseOwnershipVerification` This is a record which can be placed to activate a hostname. - `Name string` DNS Name for record. - `Type CustomHostnameNewResponseOwnershipVerificationType` DNS Record type. - `const CustomHostnameNewResponseOwnershipVerificationTypeTXT CustomHostnameNewResponseOwnershipVerificationType = "txt"` - `Value string` Content for the record. - `OwnershipVerificationHTTP CustomHostnameNewResponseOwnershipVerificationHTTP` This presents the token to be served by the given http url to activate a hostname. - `HTTPBody string` Token to be served. - `HTTPURL string` The HTTP URL that will be checked during custom hostname verification and where the customer should host the token. - `SSL CustomHostnameNewResponseSSL` - `ID string` Custom hostname SSL identifier tag. - `BundleMethod BundleMethod` A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. - `const BundleMethodUbiquitous BundleMethod = "ubiquitous"` - `const BundleMethodOptimal BundleMethod = "optimal"` - `const BundleMethodForce BundleMethod = "force"` - `CertificateAuthority CertificateCA` The Certificate Authority that will issue the certificate - `const CertificateCADigicert CertificateCA = "digicert"` - `const CertificateCAGoogle CertificateCA = "google"` - `const CertificateCALetsEncrypt CertificateCA = "lets_encrypt"` - `const CertificateCASSLCom CertificateCA = "ssl_com"` - `CustomCertificate string` If a custom uploaded certificate is used. - `CustomCsrID string` The identifier for the Custom CSR that was used. - `CustomKey string` The key for a custom uploaded certificate. - `DCVDelegationRecords []CustomHostnameNewResponseSsldcvDelegationRecord` DCV Delegation records for domain validation. - `CNAME string` The CNAME record hostname for DCV delegation. - `CNAMETarget string` The CNAME record target value for DCV delegation. - `Emails []string` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `HTTPBody string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `HTTPURL string` The url that will be checked during domain validation. - `Status string` Status of the validation record. - `TXTName string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `TXTValue string` The TXT record that the certificate authority (CA) will check during domain validation. - `ExpiresOn Time` The time the custom certificate expires on. - `Hosts []string` A list of Hostnames on a custom uploaded certificate. - `Issuer string` The issuer on a custom uploaded certificate. - `Method DCVMethod` Domain control validation (DCV) method used for this hostname. - `const DCVMethodHTTP DCVMethod = "http"` - `const DCVMethodTXT DCVMethod = "txt"` - `const DCVMethodEmail DCVMethod = "email"` - `SerialNumber string` The serial number on a custom uploaded certificate. - `Settings CustomHostnameNewResponseSSLSettings` - `Ciphers []string` An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format. - `EarlyHints CustomHostnameNewResponseSSLSettingsEarlyHints` Whether or not Early Hints is enabled. - `const CustomHostnameNewResponseSSLSettingsEarlyHintsOn CustomHostnameNewResponseSSLSettingsEarlyHints = "on"` - `const CustomHostnameNewResponseSSLSettingsEarlyHintsOff CustomHostnameNewResponseSSLSettingsEarlyHints = "off"` - `HTTP2 CustomHostnameNewResponseSSLSettingsHTTP2` Whether or not HTTP2 is enabled. - `const CustomHostnameNewResponseSSLSettingsHTTP2On CustomHostnameNewResponseSSLSettingsHTTP2 = "on"` - `const CustomHostnameNewResponseSSLSettingsHTTP2Off CustomHostnameNewResponseSSLSettingsHTTP2 = "off"` - `MinTLSVersion CustomHostnameNewResponseSSLSettingsMinTLSVersion` The minimum TLS version supported. - `const CustomHostnameNewResponseSSLSettingsMinTLSVersion1_0 CustomHostnameNewResponseSSLSettingsMinTLSVersion = "1.0"` - `const CustomHostnameNewResponseSSLSettingsMinTLSVersion1_1 CustomHostnameNewResponseSSLSettingsMinTLSVersion = "1.1"` - `const CustomHostnameNewResponseSSLSettingsMinTLSVersion1_2 CustomHostnameNewResponseSSLSettingsMinTLSVersion = "1.2"` - `const CustomHostnameNewResponseSSLSettingsMinTLSVersion1_3 CustomHostnameNewResponseSSLSettingsMinTLSVersion = "1.3"` - `TLS1_3 CustomHostnameNewResponseSSLSettingsTLS1_3` Whether or not TLS 1.3 is enabled. - `const CustomHostnameNewResponseSSLSettingsTLS1_3On CustomHostnameNewResponseSSLSettingsTLS1_3 = "on"` - `const CustomHostnameNewResponseSSLSettingsTLS1_3Off CustomHostnameNewResponseSSLSettingsTLS1_3 = "off"` - `Signature string` The signature on a custom uploaded certificate. - `Status CustomHostnameNewResponseSSLStatus` Status of the hostname's SSL certificates. - `const CustomHostnameNewResponseSSLStatusInitializing CustomHostnameNewResponseSSLStatus = "initializing"` - `const CustomHostnameNewResponseSSLStatusPendingValidation CustomHostnameNewResponseSSLStatus = "pending_validation"` - `const CustomHostnameNewResponseSSLStatusDeleted CustomHostnameNewResponseSSLStatus = "deleted"` - `const CustomHostnameNewResponseSSLStatusPendingIssuance CustomHostnameNewResponseSSLStatus = "pending_issuance"` - `const CustomHostnameNewResponseSSLStatusPendingDeployment CustomHostnameNewResponseSSLStatus = "pending_deployment"` - `const CustomHostnameNewResponseSSLStatusPendingDeletion CustomHostnameNewResponseSSLStatus = "pending_deletion"` - `const CustomHostnameNewResponseSSLStatusPendingExpiration CustomHostnameNewResponseSSLStatus = "pending_expiration"` - `const CustomHostnameNewResponseSSLStatusExpired CustomHostnameNewResponseSSLStatus = "expired"` - `const CustomHostnameNewResponseSSLStatusActive CustomHostnameNewResponseSSLStatus = "active"` - `const CustomHostnameNewResponseSSLStatusInitializingTimedOut CustomHostnameNewResponseSSLStatus = "initializing_timed_out"` - `const CustomHostnameNewResponseSSLStatusValidationTimedOut CustomHostnameNewResponseSSLStatus = "validation_timed_out"` - `const CustomHostnameNewResponseSSLStatusIssuanceTimedOut CustomHostnameNewResponseSSLStatus = "issuance_timed_out"` - `const CustomHostnameNewResponseSSLStatusDeploymentTimedOut CustomHostnameNewResponseSSLStatus = "deployment_timed_out"` - `const CustomHostnameNewResponseSSLStatusDeletionTimedOut CustomHostnameNewResponseSSLStatus = "deletion_timed_out"` - `const CustomHostnameNewResponseSSLStatusPendingCleanup CustomHostnameNewResponseSSLStatus = "pending_cleanup"` - `const CustomHostnameNewResponseSSLStatusStagingDeployment CustomHostnameNewResponseSSLStatus = "staging_deployment"` - `const CustomHostnameNewResponseSSLStatusStagingActive CustomHostnameNewResponseSSLStatus = "staging_active"` - `const CustomHostnameNewResponseSSLStatusDeactivating CustomHostnameNewResponseSSLStatus = "deactivating"` - `const CustomHostnameNewResponseSSLStatusInactive CustomHostnameNewResponseSSLStatus = "inactive"` - `const CustomHostnameNewResponseSSLStatusBackupIssued CustomHostnameNewResponseSSLStatus = "backup_issued"` - `const CustomHostnameNewResponseSSLStatusHoldingDeployment CustomHostnameNewResponseSSLStatus = "holding_deployment"` - `Type DomainValidationType` Level of validation to be used for this hostname. Domain validation (dv) must be used. - `const DomainValidationTypeDv DomainValidationType = "dv"` - `UploadedOn Time` The time the custom certificate was uploaded. - `ValidationErrors []CustomHostnameNewResponseSSLValidationError` Domain validation errors that have been received by the certificate authority (CA). - `Message string` A domain validation error. - `ValidationRecords []CustomHostnameNewResponseSSLValidationRecord` - `CNAME string` The CNAME record hostname for DCV delegation. - `CNAMETarget string` The CNAME record target value for DCV delegation. - `Emails []string` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `HTTPBody string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `HTTPURL string` The url that will be checked during domain validation. - `Status string` Status of the validation record. - `TXTName string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `TXTValue string` The TXT record that the certificate authority (CA) will check during domain validation. - `Wildcard bool` Indicates whether the certificate covers a wildcard. - `Status CustomHostnameNewResponseStatus` Status of the hostname's activation. - `const CustomHostnameNewResponseStatusActive CustomHostnameNewResponseStatus = "active"` - `const CustomHostnameNewResponseStatusPending CustomHostnameNewResponseStatus = "pending"` - `const CustomHostnameNewResponseStatusActiveRedeploying CustomHostnameNewResponseStatus = "active_redeploying"` - `const CustomHostnameNewResponseStatusMoved CustomHostnameNewResponseStatus = "moved"` - `const CustomHostnameNewResponseStatusPendingDeletion CustomHostnameNewResponseStatus = "pending_deletion"` - `const CustomHostnameNewResponseStatusDeleted CustomHostnameNewResponseStatus = "deleted"` - `const CustomHostnameNewResponseStatusPendingBlocked CustomHostnameNewResponseStatus = "pending_blocked"` - `const CustomHostnameNewResponseStatusPendingMigration CustomHostnameNewResponseStatus = "pending_migration"` - `const CustomHostnameNewResponseStatusPendingProvisioned CustomHostnameNewResponseStatus = "pending_provisioned"` - `const CustomHostnameNewResponseStatusTestPending CustomHostnameNewResponseStatus = "test_pending"` - `const CustomHostnameNewResponseStatusTestActive CustomHostnameNewResponseStatus = "test_active"` - `const CustomHostnameNewResponseStatusTestActiveApex CustomHostnameNewResponseStatus = "test_active_apex"` - `const CustomHostnameNewResponseStatusTestBlocked CustomHostnameNewResponseStatus = "test_blocked"` - `const CustomHostnameNewResponseStatusTestFailed CustomHostnameNewResponseStatus = "test_failed"` - `const CustomHostnameNewResponseStatusProvisioned CustomHostnameNewResponseStatus = "provisioned"` - `const CustomHostnameNewResponseStatusBlocked CustomHostnameNewResponseStatus = "blocked"` - `VerificationErrors []string` These are errors that were encountered while trying to activate a hostname. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/custom_hostnames" "github.com/cloudflare/cloudflare-go/option" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) customHostname, err := client.CustomHostnames.New(context.TODO(), custom_hostnames.CustomHostnameNewParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), Hostname: cloudflare.F("app.example.com"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", customHostname.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "hostname": "app.example.com", "created_at": "2020-02-06T18:11:23.531995Z", "custom_metadata": { "foo": "string" }, "custom_origin_server": "origin2.example.com", "custom_origin_sni": "sni.example.com", "ownership_verification": { "name": "_cf-custom-hostname.app.example.com", "type": "txt", "value": "5cc07c04-ea62-4a5a-95f0-419334a875a4" }, "ownership_verification_http": { "http_body": "5cc07c04-ea62-4a5a-95f0-419334a875a4", "http_url": "http://custom.test.com/.well-known/cf-custom-hostname-challenge/0d89c70d-ad9f-4843-b99f-6cc0252067e9" }, "ssl": { "id": "0d89c70d-ad9f-4843-b99f-6cc0252067e9", "bundle_method": "ubiquitous", "certificate_authority": "google", "custom_certificate": "-----BEGIN CERTIFICATE-----\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\n-----END CERTIFICATE-----\n", "custom_csr_id": "7b163417-1d2b-4c84-a38a-2fb7a0cd7752", "custom_key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n", "dcv_delegation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "expires_on": "2021-02-06T18:11:23.531995Z", "hosts": [ "app.example.com", "*.app.example.com" ], "issuer": "DigiCertInc", "method": "http", "serial_number": "6743787633689793699141714808227354901", "settings": { "ciphers": [ "ECDHE-RSA-AES128-GCM-SHA256", "AES128-SHA" ], "early_hints": "on", "http2": "on", "min_tls_version": "1.2", "tls_1_3": "on" }, "signature": "SHA256WithRSA", "status": "pending_validation", "type": "dv", "uploaded_on": "2020-02-06T18:11:23.531995Z", "validation_errors": [ { "message": "SERVFAIL looking up CAA for app.example.com" } ], "validation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "wildcard": false }, "status": "pending", "verification_errors": [ "None of the A or AAAA records are owned by this account and the pre-generated ownership verification token was not found." ] } } ```