API Reference

Keyless Certificates

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Edit Keyless SSL Configuration

client.KeylessCertificates.Edit(ctx, keylessCertificateID, params) (*KeylessCertificate, error)

PATCH/zones/{zone_id}/keyless_certificates/{keyless_certificate_id}

This will update attributes of a Keyless SSL. Consists of one or more of the following: host,name,port.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

SSL and Certificates Write

ParametersExpand Collapse

keylessCertificateID string

Identifier.

maxLength32

params KeylessCertificateEditParams

ZoneID param.Field[string]

Path param: Identifier.

maxLength32

DeprecatedEnabled param.Field[bool]optional

Body param: Whether or not the Keyless SSL is on or off.

Host param.Field[string]optional

Body param: The keyless SSL name.

formathostname

maxLength253

Name param.Field[string]optional

Body param: The keyless SSL name.

maxLength180

Port param.Field[float64]optional

Body param: The keyless SSL port used to communicate between Cloudflare and the client's Keyless SSL server.

maxLength65535

Tunnel param.Field[Tunnel]optional

Body param: Configuration for using Keyless SSL through a Cloudflare Tunnel

ReturnsExpand Collapse

type KeylessCertificate struct{…}

ID string

Keyless certificate identifier tag.

maxLength32

CreatedOn Time

When the Keyless SSL was created.

formatdate-time

Enabled bool

Whether or not the Keyless SSL is on or off.

Host string

The keyless SSL name.

formathostname

maxLength253

ModifiedOn Time

When the Keyless SSL was last modified.

formatdate-time

Name string

The keyless SSL name.

maxLength180

Permissions []string

Available permissions for the Keyless SSL for the current user requesting the item.

Port float64

The keyless SSL port used to communicate between Cloudflare and the client's Keyless SSL server.

maxLength65535

Status KeylessCertificateStatus

Status of the Keyless SSL.

One of the following:

const KeylessCertificateStatusActive KeylessCertificateStatus = "active"

const KeylessCertificateStatusDeleted KeylessCertificateStatus = "deleted"

Tunnel Tunneloptional

Configuration for using Keyless SSL through a Cloudflare Tunnel

PrivateIP string

Private IP of the Key Server Host

VnetID string

Cloudflare Tunnel Virtual Network ID

Edit Keyless SSL Configuration

Go

HTTP

TypeScript

Python

Go

Terraform

package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/keyless_certificates"
  "github.com/cloudflare/cloudflare-go/option"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  keylessCertificate, err := client.KeylessCertificates.Edit(
    context.TODO(),
    "023e105f4ecef8ad9ca31a8372d0c353",
    keyless_certificates.KeylessCertificateEditParams{
      ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
    },
  )
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", keylessCertificate.ID)
}

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "4d2844d2ce78891c34d0b6c0535a291e",
    "created_on": "2014-01-01T05:20:00Z",
    "enabled": false,
    "host": "example.com",
    "modified_on": "2014-01-01T05:20:00Z",
    "name": "example.com Keyless SSL",
    "permissions": [
      "#ssl:read",
      "#ssl:edit"
    ],
    "port": 24008,
    "status": "active",
    "tunnel": {
      "private_ip": "10.0.0.1",
      "vnet_id": "7365377a-85a4-4390-9480-531ef7dc7a3c"
    }
  }
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "4d2844d2ce78891c34d0b6c0535a291e",
    "created_on": "2014-01-01T05:20:00Z",
    "enabled": false,
    "host": "example.com",
    "modified_on": "2014-01-01T05:20:00Z",
    "name": "example.com Keyless SSL",
    "permissions": [
      "#ssl:read",
      "#ssl:edit"
    ],
    "port": 24008,
    "status": "active",
    "tunnel": {
      "private_ip": "10.0.0.1",
      "vnet_id": "7365377a-85a4-4390-9480-531ef7dc7a3c"
    }
  }
}