# SSL # Analyze ## Analyze Certificate `client.SSL.Analyze.New(ctx, params) (*AnalyzeNewResponse, error)` **post** `/zones/{zone_id}/ssl/analyze` Returns the set of hostnames, the signature algorithm, and the expiration date of the certificate. ### Parameters - `params AnalyzeNewParams` - `ZoneID param.Field[string]` Path param: Identifier. - `BundleMethod param.Field[BundleMethod]` Body param: A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. - `Certificate param.Field[string]` Body param: The zone's SSL certificate or certificate and the intermediate(s). ### Returns - `type AnalyzeNewResponse interface{…}` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) analyze, err := client.SSL.Analyze.New(context.TODO(), ssl.AnalyzeNewParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", analyze) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": {} } ``` # Certificate Packs ## List Certificate Packs `client.SSL.CertificatePacks.List(ctx, params) (*V4PagePaginationArray[CertificatePackListResponse], error)` **get** `/zones/{zone_id}/ssl/certificate_packs` For a given zone, list all active certificate packs. ### Parameters - `params CertificatePackListParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Deploy param.Field[CertificatePackListParamsDeploy]` Query param: Specify the deployment environment for the certificate packs. - `const CertificatePackListParamsDeployStaging CertificatePackListParamsDeploy = "staging"` - `const CertificatePackListParamsDeployProduction CertificatePackListParamsDeploy = "production"` - `Page param.Field[float64]` Query param: Page number of paginated results. - `PerPage param.Field[float64]` Query param: Number of certificate packs per page. - `Status param.Field[CertificatePackListParamsStatus]` Query param: Include Certificate Packs of all statuses, not just active ones. - `const CertificatePackListParamsStatusAll CertificatePackListParamsStatus = "all"` ### Returns - `type CertificatePackListResponse struct{…}` A certificate pack with all its properties. - `ID string` Identifier. - `Certificates []CertificatePackListResponseCertificate` Array of certificates in this pack. - `ID string` Certificate identifier. - `Hosts []string` Hostnames covered by this certificate. - `Status string` Certificate status. - `BundleMethod string` Certificate bundle method. - `ExpiresOn Time` When the certificate from the authority expires. - `GeoRestrictions CertificatePackListResponseCertificatesGeoRestrictions` Specify the region where your private key can be held locally. - `Label CertificatePackListResponseCertificatesGeoRestrictionsLabel` - `const CertificatePackListResponseCertificatesGeoRestrictionsLabelUs CertificatePackListResponseCertificatesGeoRestrictionsLabel = "us"` - `const CertificatePackListResponseCertificatesGeoRestrictionsLabelEu CertificatePackListResponseCertificatesGeoRestrictionsLabel = "eu"` - `const CertificatePackListResponseCertificatesGeoRestrictionsLabelHighestSecurity CertificatePackListResponseCertificatesGeoRestrictionsLabel = "highest_security"` - `Issuer string` The certificate authority that issued the certificate. - `ModifiedOn Time` When the certificate was last modified. - `Priority float64` The order/priority in which the certificate will be used. - `Signature string` The type of hash used for the certificate. - `UploadedOn Time` When the certificate was uploaded to Cloudflare. - `ZoneID string` Identifier. - `Hosts []Host` Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `Status Status` Status of certificate pack. - `const StatusInitializing Status = "initializing"` - `const StatusPendingValidation Status = "pending_validation"` - `const StatusDeleted Status = "deleted"` - `const StatusPendingIssuance Status = "pending_issuance"` - `const StatusPendingDeployment Status = "pending_deployment"` - `const StatusPendingDeletion Status = "pending_deletion"` - `const StatusPendingExpiration Status = "pending_expiration"` - `const StatusExpired Status = "expired"` - `const StatusActive Status = "active"` - `const StatusInitializingTimedOut Status = "initializing_timed_out"` - `const StatusValidationTimedOut Status = "validation_timed_out"` - `const StatusIssuanceTimedOut Status = "issuance_timed_out"` - `const StatusDeploymentTimedOut Status = "deployment_timed_out"` - `const StatusDeletionTimedOut Status = "deletion_timed_out"` - `const StatusPendingCleanup Status = "pending_cleanup"` - `const StatusStagingDeployment Status = "staging_deployment"` - `const StatusStagingActive Status = "staging_active"` - `const StatusDeactivating Status = "deactivating"` - `const StatusInactive Status = "inactive"` - `const StatusBackupIssued Status = "backup_issued"` - `const StatusHoldingDeployment Status = "holding_deployment"` - `Type CertificatePackListResponseType` Type of certificate pack. - `const CertificatePackListResponseTypeMhCustom CertificatePackListResponseType = "mh_custom"` - `const CertificatePackListResponseTypeManagedHostname CertificatePackListResponseType = "managed_hostname"` - `const CertificatePackListResponseTypeSNICustom CertificatePackListResponseType = "sni_custom"` - `const CertificatePackListResponseTypeUniversal CertificatePackListResponseType = "universal"` - `const CertificatePackListResponseTypeAdvanced CertificatePackListResponseType = "advanced"` - `const CertificatePackListResponseTypeTotalTLS CertificatePackListResponseType = "total_tls"` - `const CertificatePackListResponseTypeKeyless CertificatePackListResponseType = "keyless"` - `const CertificatePackListResponseTypeLegacyCustom CertificatePackListResponseType = "legacy_custom"` - `CertificateAuthority CertificatePackListResponseCertificateAuthority` Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `const CertificatePackListResponseCertificateAuthorityGoogle CertificatePackListResponseCertificateAuthority = "google"` - `const CertificatePackListResponseCertificateAuthorityLetsEncrypt CertificatePackListResponseCertificateAuthority = "lets_encrypt"` - `const CertificatePackListResponseCertificateAuthoritySSLCom CertificatePackListResponseCertificateAuthority = "ssl_com"` - `CloudflareBranding bool` Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. - `DCVDelegationRecords []CertificatePackListResponseDCVDelegationRecord` DCV Delegation records for domain validation. - `CNAME string` The CNAME record hostname for DCV delegation. - `CNAMETarget string` The CNAME record target value for DCV delegation. - `Emails []string` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `HTTPBody string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `HTTPURL string` The url that will be checked during domain validation. - `Status string` Status of the validation record. - `TXTName string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `TXTValue string` The TXT record that the certificate authority (CA) will check during domain validation. - `PrimaryCertificate string` Identifier of the primary certificate in a pack. - `ValidationErrors []CertificatePackListResponseValidationError` Domain validation errors that have been received by the certificate authority (CA). - `Message string` A domain validation error. - `ValidationMethod CertificatePackListResponseValidationMethod` Validation Method selected for the order. - `const CertificatePackListResponseValidationMethodTXT CertificatePackListResponseValidationMethod = "txt"` - `const CertificatePackListResponseValidationMethodHTTP CertificatePackListResponseValidationMethod = "http"` - `const CertificatePackListResponseValidationMethodEmail CertificatePackListResponseValidationMethod = "email"` - `ValidationRecords []CertificatePackListResponseValidationRecord` Certificates' validation records. - `CNAME string` The CNAME record hostname for DCV delegation. - `CNAMETarget string` The CNAME record target value for DCV delegation. - `Emails []string` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `HTTPBody string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `HTTPURL string` The url that will be checked during domain validation. - `Status string` Status of the validation record. - `TXTName string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `TXTValue string` The TXT record that the certificate authority (CA) will check during domain validation. - `ValidityDays CertificatePackListResponseValidityDays` Validity Days selected for the order. - `const CertificatePackListResponseValidityDays14 CertificatePackListResponseValidityDays = 14` - `const CertificatePackListResponseValidityDays30 CertificatePackListResponseValidityDays = 30` - `const CertificatePackListResponseValidityDays90 CertificatePackListResponseValidityDays = 90` - `const CertificatePackListResponseValidityDays365 CertificatePackListResponseValidityDays = 365` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) page, err := client.SSL.CertificatePacks.List(context.TODO(), ssl.CertificatePackListParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificates": [ { "id": "7e7b8deba8538af625850b7b2530034c", "hosts": [ "example.com", "*.example.com" ], "status": "active", "bundle_method": "ubiquitous", "expires_on": "2024-01-01T00:00:00Z", "geo_restrictions": { "label": "us" }, "issuer": "Let's Encrypt", "modified_on": "2014-01-01T05:20:00Z", "priority": 0, "signature": "ECDSAWithSHA256", "uploaded_on": "2014-01-01T05:20:00Z", "zone_id": "023e105f4ecef8ad9ca31a8372d0c353" } ], "hosts": [ "example.com", "*.example.com", "www.example.com" ], "status": "initializing", "type": "universal", "certificate_authority": "lets_encrypt", "cloudflare_branding": false, "dcv_delegation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "primary_certificate": "7e7b8deba8538af625850b7b2530034c", "validation_errors": [ { "message": "SERVFAIL looking up CAA for app.example.com" } ], "validation_method": "txt", "validation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "validity_days": 14 } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Get Certificate Pack `client.SSL.CertificatePacks.Get(ctx, certificatePackID, query) (*CertificatePackGetResponse, error)` **get** `/zones/{zone_id}/ssl/certificate_packs/{certificate_pack_id}` For a given zone, get a certificate pack. ### Parameters - `certificatePackID string` Identifier. - `query CertificatePackGetParams` - `ZoneID param.Field[string]` Identifier. ### Returns - `type CertificatePackGetResponse struct{…}` A certificate pack with all its properties. - `ID string` Identifier. - `Certificates []CertificatePackGetResponseCertificate` Array of certificates in this pack. - `ID string` Certificate identifier. - `Hosts []string` Hostnames covered by this certificate. - `Status string` Certificate status. - `BundleMethod string` Certificate bundle method. - `ExpiresOn Time` When the certificate from the authority expires. - `GeoRestrictions CertificatePackGetResponseCertificatesGeoRestrictions` Specify the region where your private key can be held locally. - `Label CertificatePackGetResponseCertificatesGeoRestrictionsLabel` - `const CertificatePackGetResponseCertificatesGeoRestrictionsLabelUs CertificatePackGetResponseCertificatesGeoRestrictionsLabel = "us"` - `const CertificatePackGetResponseCertificatesGeoRestrictionsLabelEu CertificatePackGetResponseCertificatesGeoRestrictionsLabel = "eu"` - `const CertificatePackGetResponseCertificatesGeoRestrictionsLabelHighestSecurity CertificatePackGetResponseCertificatesGeoRestrictionsLabel = "highest_security"` - `Issuer string` The certificate authority that issued the certificate. - `ModifiedOn Time` When the certificate was last modified. - `Priority float64` The order/priority in which the certificate will be used. - `Signature string` The type of hash used for the certificate. - `UploadedOn Time` When the certificate was uploaded to Cloudflare. - `ZoneID string` Identifier. - `Hosts []Host` Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `Status Status` Status of certificate pack. - `const StatusInitializing Status = "initializing"` - `const StatusPendingValidation Status = "pending_validation"` - `const StatusDeleted Status = "deleted"` - `const StatusPendingIssuance Status = "pending_issuance"` - `const StatusPendingDeployment Status = "pending_deployment"` - `const StatusPendingDeletion Status = "pending_deletion"` - `const StatusPendingExpiration Status = "pending_expiration"` - `const StatusExpired Status = "expired"` - `const StatusActive Status = "active"` - `const StatusInitializingTimedOut Status = "initializing_timed_out"` - `const StatusValidationTimedOut Status = "validation_timed_out"` - `const StatusIssuanceTimedOut Status = "issuance_timed_out"` - `const StatusDeploymentTimedOut Status = "deployment_timed_out"` - `const StatusDeletionTimedOut Status = "deletion_timed_out"` - `const StatusPendingCleanup Status = "pending_cleanup"` - `const StatusStagingDeployment Status = "staging_deployment"` - `const StatusStagingActive Status = "staging_active"` - `const StatusDeactivating Status = "deactivating"` - `const StatusInactive Status = "inactive"` - `const StatusBackupIssued Status = "backup_issued"` - `const StatusHoldingDeployment Status = "holding_deployment"` - `Type CertificatePackGetResponseType` Type of certificate pack. - `const CertificatePackGetResponseTypeMhCustom CertificatePackGetResponseType = "mh_custom"` - `const CertificatePackGetResponseTypeManagedHostname CertificatePackGetResponseType = "managed_hostname"` - `const CertificatePackGetResponseTypeSNICustom CertificatePackGetResponseType = "sni_custom"` - `const CertificatePackGetResponseTypeUniversal CertificatePackGetResponseType = "universal"` - `const CertificatePackGetResponseTypeAdvanced CertificatePackGetResponseType = "advanced"` - `const CertificatePackGetResponseTypeTotalTLS CertificatePackGetResponseType = "total_tls"` - `const CertificatePackGetResponseTypeKeyless CertificatePackGetResponseType = "keyless"` - `const CertificatePackGetResponseTypeLegacyCustom CertificatePackGetResponseType = "legacy_custom"` - `CertificateAuthority CertificatePackGetResponseCertificateAuthority` Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `const CertificatePackGetResponseCertificateAuthorityGoogle CertificatePackGetResponseCertificateAuthority = "google"` - `const CertificatePackGetResponseCertificateAuthorityLetsEncrypt CertificatePackGetResponseCertificateAuthority = "lets_encrypt"` - `const CertificatePackGetResponseCertificateAuthoritySSLCom CertificatePackGetResponseCertificateAuthority = "ssl_com"` - `CloudflareBranding bool` Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. - `DCVDelegationRecords []CertificatePackGetResponseDCVDelegationRecord` DCV Delegation records for domain validation. - `CNAME string` The CNAME record hostname for DCV delegation. - `CNAMETarget string` The CNAME record target value for DCV delegation. - `Emails []string` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `HTTPBody string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `HTTPURL string` The url that will be checked during domain validation. - `Status string` Status of the validation record. - `TXTName string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `TXTValue string` The TXT record that the certificate authority (CA) will check during domain validation. - `PrimaryCertificate string` Identifier of the primary certificate in a pack. - `ValidationErrors []CertificatePackGetResponseValidationError` Domain validation errors that have been received by the certificate authority (CA). - `Message string` A domain validation error. - `ValidationMethod CertificatePackGetResponseValidationMethod` Validation Method selected for the order. - `const CertificatePackGetResponseValidationMethodTXT CertificatePackGetResponseValidationMethod = "txt"` - `const CertificatePackGetResponseValidationMethodHTTP CertificatePackGetResponseValidationMethod = "http"` - `const CertificatePackGetResponseValidationMethodEmail CertificatePackGetResponseValidationMethod = "email"` - `ValidationRecords []CertificatePackGetResponseValidationRecord` Certificates' validation records. - `CNAME string` The CNAME record hostname for DCV delegation. - `CNAMETarget string` The CNAME record target value for DCV delegation. - `Emails []string` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `HTTPBody string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `HTTPURL string` The url that will be checked during domain validation. - `Status string` Status of the validation record. - `TXTName string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `TXTValue string` The TXT record that the certificate authority (CA) will check during domain validation. - `ValidityDays CertificatePackGetResponseValidityDays` Validity Days selected for the order. - `const CertificatePackGetResponseValidityDays14 CertificatePackGetResponseValidityDays = 14` - `const CertificatePackGetResponseValidityDays30 CertificatePackGetResponseValidityDays = 30` - `const CertificatePackGetResponseValidityDays90 CertificatePackGetResponseValidityDays = 90` - `const CertificatePackGetResponseValidityDays365 CertificatePackGetResponseValidityDays = 365` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) certificatePack, err := client.SSL.CertificatePacks.Get( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", ssl.CertificatePackGetParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", certificatePack.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificates": [ { "id": "7e7b8deba8538af625850b7b2530034c", "hosts": [ "example.com", "*.example.com" ], "status": "active", "bundle_method": "ubiquitous", "expires_on": "2024-01-01T00:00:00Z", "geo_restrictions": { "label": "us" }, "issuer": "Let's Encrypt", "modified_on": "2014-01-01T05:20:00Z", "priority": 0, "signature": "ECDSAWithSHA256", "uploaded_on": "2014-01-01T05:20:00Z", "zone_id": "023e105f4ecef8ad9ca31a8372d0c353" } ], "hosts": [ "example.com", "*.example.com", "www.example.com" ], "status": "initializing", "type": "universal", "certificate_authority": "lets_encrypt", "cloudflare_branding": false, "dcv_delegation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "primary_certificate": "7e7b8deba8538af625850b7b2530034c", "validation_errors": [ { "message": "SERVFAIL looking up CAA for app.example.com" } ], "validation_method": "txt", "validation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "validity_days": 14 } } ``` ## Order Advanced Certificate Manager Certificate Pack `client.SSL.CertificatePacks.New(ctx, params) (*CertificatePackNewResponse, error)` **post** `/zones/{zone_id}/ssl/certificate_packs/order` For a given zone, order an advanced certificate pack. ### Parameters - `params CertificatePackNewParams` - `ZoneID param.Field[string]` Path param: Identifier. - `CertificateAuthority param.Field[CertificatePackNewParamsCertificateAuthority]` Body param: Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `const CertificatePackNewParamsCertificateAuthorityGoogle CertificatePackNewParamsCertificateAuthority = "google"` - `const CertificatePackNewParamsCertificateAuthorityLetsEncrypt CertificatePackNewParamsCertificateAuthority = "lets_encrypt"` - `const CertificatePackNewParamsCertificateAuthoritySSLCom CertificatePackNewParamsCertificateAuthority = "ssl_com"` - `Hosts param.Field[[]Host]` Body param: Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `Type param.Field[CertificatePackNewParamsType]` Body param: Type of certificate pack. - `const CertificatePackNewParamsTypeAdvanced CertificatePackNewParamsType = "advanced"` - `ValidationMethod param.Field[CertificatePackNewParamsValidationMethod]` Body param: Validation Method selected for the order. - `const CertificatePackNewParamsValidationMethodTXT CertificatePackNewParamsValidationMethod = "txt"` - `const CertificatePackNewParamsValidationMethodHTTP CertificatePackNewParamsValidationMethod = "http"` - `const CertificatePackNewParamsValidationMethodEmail CertificatePackNewParamsValidationMethod = "email"` - `ValidityDays param.Field[CertificatePackNewParamsValidityDays]` Body param: Validity Days selected for the order. - `const CertificatePackNewParamsValidityDays14 CertificatePackNewParamsValidityDays = 14` - `const CertificatePackNewParamsValidityDays30 CertificatePackNewParamsValidityDays = 30` - `const CertificatePackNewParamsValidityDays90 CertificatePackNewParamsValidityDays = 90` - `const CertificatePackNewParamsValidityDays365 CertificatePackNewParamsValidityDays = 365` - `CloudflareBranding param.Field[bool]` Body param: Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. ### Returns - `type CertificatePackNewResponse struct{…}` A certificate pack with all its properties. - `ID string` Identifier. - `Certificates []CertificatePackNewResponseCertificate` Array of certificates in this pack. - `ID string` Certificate identifier. - `Hosts []string` Hostnames covered by this certificate. - `Status string` Certificate status. - `BundleMethod string` Certificate bundle method. - `ExpiresOn Time` When the certificate from the authority expires. - `GeoRestrictions CertificatePackNewResponseCertificatesGeoRestrictions` Specify the region where your private key can be held locally. - `Label CertificatePackNewResponseCertificatesGeoRestrictionsLabel` - `const CertificatePackNewResponseCertificatesGeoRestrictionsLabelUs CertificatePackNewResponseCertificatesGeoRestrictionsLabel = "us"` - `const CertificatePackNewResponseCertificatesGeoRestrictionsLabelEu CertificatePackNewResponseCertificatesGeoRestrictionsLabel = "eu"` - `const CertificatePackNewResponseCertificatesGeoRestrictionsLabelHighestSecurity CertificatePackNewResponseCertificatesGeoRestrictionsLabel = "highest_security"` - `Issuer string` The certificate authority that issued the certificate. - `ModifiedOn Time` When the certificate was last modified. - `Priority float64` The order/priority in which the certificate will be used. - `Signature string` The type of hash used for the certificate. - `UploadedOn Time` When the certificate was uploaded to Cloudflare. - `ZoneID string` Identifier. - `Hosts []Host` Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `Status Status` Status of certificate pack. - `const StatusInitializing Status = "initializing"` - `const StatusPendingValidation Status = "pending_validation"` - `const StatusDeleted Status = "deleted"` - `const StatusPendingIssuance Status = "pending_issuance"` - `const StatusPendingDeployment Status = "pending_deployment"` - `const StatusPendingDeletion Status = "pending_deletion"` - `const StatusPendingExpiration Status = "pending_expiration"` - `const StatusExpired Status = "expired"` - `const StatusActive Status = "active"` - `const StatusInitializingTimedOut Status = "initializing_timed_out"` - `const StatusValidationTimedOut Status = "validation_timed_out"` - `const StatusIssuanceTimedOut Status = "issuance_timed_out"` - `const StatusDeploymentTimedOut Status = "deployment_timed_out"` - `const StatusDeletionTimedOut Status = "deletion_timed_out"` - `const StatusPendingCleanup Status = "pending_cleanup"` - `const StatusStagingDeployment Status = "staging_deployment"` - `const StatusStagingActive Status = "staging_active"` - `const StatusDeactivating Status = "deactivating"` - `const StatusInactive Status = "inactive"` - `const StatusBackupIssued Status = "backup_issued"` - `const StatusHoldingDeployment Status = "holding_deployment"` - `Type CertificatePackNewResponseType` Type of certificate pack. - `const CertificatePackNewResponseTypeMhCustom CertificatePackNewResponseType = "mh_custom"` - `const CertificatePackNewResponseTypeManagedHostname CertificatePackNewResponseType = "managed_hostname"` - `const CertificatePackNewResponseTypeSNICustom CertificatePackNewResponseType = "sni_custom"` - `const CertificatePackNewResponseTypeUniversal CertificatePackNewResponseType = "universal"` - `const CertificatePackNewResponseTypeAdvanced CertificatePackNewResponseType = "advanced"` - `const CertificatePackNewResponseTypeTotalTLS CertificatePackNewResponseType = "total_tls"` - `const CertificatePackNewResponseTypeKeyless CertificatePackNewResponseType = "keyless"` - `const CertificatePackNewResponseTypeLegacyCustom CertificatePackNewResponseType = "legacy_custom"` - `CertificateAuthority CertificatePackNewResponseCertificateAuthority` Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `const CertificatePackNewResponseCertificateAuthorityGoogle CertificatePackNewResponseCertificateAuthority = "google"` - `const CertificatePackNewResponseCertificateAuthorityLetsEncrypt CertificatePackNewResponseCertificateAuthority = "lets_encrypt"` - `const CertificatePackNewResponseCertificateAuthoritySSLCom CertificatePackNewResponseCertificateAuthority = "ssl_com"` - `CloudflareBranding bool` Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. - `DCVDelegationRecords []CertificatePackNewResponseDCVDelegationRecord` DCV Delegation records for domain validation. - `CNAME string` The CNAME record hostname for DCV delegation. - `CNAMETarget string` The CNAME record target value for DCV delegation. - `Emails []string` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `HTTPBody string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `HTTPURL string` The url that will be checked during domain validation. - `Status string` Status of the validation record. - `TXTName string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `TXTValue string` The TXT record that the certificate authority (CA) will check during domain validation. - `PrimaryCertificate string` Identifier of the primary certificate in a pack. - `ValidationErrors []CertificatePackNewResponseValidationError` Domain validation errors that have been received by the certificate authority (CA). - `Message string` A domain validation error. - `ValidationMethod CertificatePackNewResponseValidationMethod` Validation Method selected for the order. - `const CertificatePackNewResponseValidationMethodTXT CertificatePackNewResponseValidationMethod = "txt"` - `const CertificatePackNewResponseValidationMethodHTTP CertificatePackNewResponseValidationMethod = "http"` - `const CertificatePackNewResponseValidationMethodEmail CertificatePackNewResponseValidationMethod = "email"` - `ValidationRecords []CertificatePackNewResponseValidationRecord` Certificates' validation records. - `CNAME string` The CNAME record hostname for DCV delegation. - `CNAMETarget string` The CNAME record target value for DCV delegation. - `Emails []string` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `HTTPBody string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `HTTPURL string` The url that will be checked during domain validation. - `Status string` Status of the validation record. - `TXTName string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `TXTValue string` The TXT record that the certificate authority (CA) will check during domain validation. - `ValidityDays CertificatePackNewResponseValidityDays` Validity Days selected for the order. - `const CertificatePackNewResponseValidityDays14 CertificatePackNewResponseValidityDays = 14` - `const CertificatePackNewResponseValidityDays30 CertificatePackNewResponseValidityDays = 30` - `const CertificatePackNewResponseValidityDays90 CertificatePackNewResponseValidityDays = 90` - `const CertificatePackNewResponseValidityDays365 CertificatePackNewResponseValidityDays = 365` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) certificatePack, err := client.SSL.CertificatePacks.New(context.TODO(), ssl.CertificatePackNewParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), CertificateAuthority: cloudflare.F(ssl.CertificatePackNewParamsCertificateAuthorityLetsEncrypt), Hosts: cloudflare.F([]ssl.HostParam{"example.com", "*.example.com", "www.example.com"}), Type: cloudflare.F(ssl.CertificatePackNewParamsTypeAdvanced), ValidationMethod: cloudflare.F(ssl.CertificatePackNewParamsValidationMethodTXT), ValidityDays: cloudflare.F(ssl.CertificatePackNewParamsValidityDays14), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", certificatePack.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificates": [ { "id": "7e7b8deba8538af625850b7b2530034c", "hosts": [ "example.com", "*.example.com" ], "status": "active", "bundle_method": "ubiquitous", "expires_on": "2024-01-01T00:00:00Z", "geo_restrictions": { "label": "us" }, "issuer": "Let's Encrypt", "modified_on": "2014-01-01T05:20:00Z", "priority": 0, "signature": "ECDSAWithSHA256", "uploaded_on": "2014-01-01T05:20:00Z", "zone_id": "023e105f4ecef8ad9ca31a8372d0c353" } ], "hosts": [ "example.com", "*.example.com", "www.example.com" ], "status": "initializing", "type": "universal", "certificate_authority": "lets_encrypt", "cloudflare_branding": false, "dcv_delegation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "primary_certificate": "7e7b8deba8538af625850b7b2530034c", "validation_errors": [ { "message": "SERVFAIL looking up CAA for app.example.com" } ], "validation_method": "txt", "validation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "validity_days": 14 } } ``` ## Restart Validation or Update Advanced Certificate Manager Certificate Pack `client.SSL.CertificatePacks.Edit(ctx, certificatePackID, params) (*CertificatePackEditResponse, error)` **patch** `/zones/{zone_id}/ssl/certificate_packs/{certificate_pack_id}` For a given zone, restart validation or add cloudflare branding for an advanced certificate pack. The former is only a validation operation for a Certificate Pack in a validation_timed_out status. ### Parameters - `certificatePackID string` Identifier. - `params CertificatePackEditParams` - `ZoneID param.Field[string]` Path param: Identifier. - `CloudflareBranding param.Field[bool]` Body param: Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. ### Returns - `type CertificatePackEditResponse struct{…}` A certificate pack with all its properties. - `ID string` Identifier. - `Certificates []CertificatePackEditResponseCertificate` Array of certificates in this pack. - `ID string` Certificate identifier. - `Hosts []string` Hostnames covered by this certificate. - `Status string` Certificate status. - `BundleMethod string` Certificate bundle method. - `ExpiresOn Time` When the certificate from the authority expires. - `GeoRestrictions CertificatePackEditResponseCertificatesGeoRestrictions` Specify the region where your private key can be held locally. - `Label CertificatePackEditResponseCertificatesGeoRestrictionsLabel` - `const CertificatePackEditResponseCertificatesGeoRestrictionsLabelUs CertificatePackEditResponseCertificatesGeoRestrictionsLabel = "us"` - `const CertificatePackEditResponseCertificatesGeoRestrictionsLabelEu CertificatePackEditResponseCertificatesGeoRestrictionsLabel = "eu"` - `const CertificatePackEditResponseCertificatesGeoRestrictionsLabelHighestSecurity CertificatePackEditResponseCertificatesGeoRestrictionsLabel = "highest_security"` - `Issuer string` The certificate authority that issued the certificate. - `ModifiedOn Time` When the certificate was last modified. - `Priority float64` The order/priority in which the certificate will be used. - `Signature string` The type of hash used for the certificate. - `UploadedOn Time` When the certificate was uploaded to Cloudflare. - `ZoneID string` Identifier. - `Hosts []Host` Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `Status Status` Status of certificate pack. - `const StatusInitializing Status = "initializing"` - `const StatusPendingValidation Status = "pending_validation"` - `const StatusDeleted Status = "deleted"` - `const StatusPendingIssuance Status = "pending_issuance"` - `const StatusPendingDeployment Status = "pending_deployment"` - `const StatusPendingDeletion Status = "pending_deletion"` - `const StatusPendingExpiration Status = "pending_expiration"` - `const StatusExpired Status = "expired"` - `const StatusActive Status = "active"` - `const StatusInitializingTimedOut Status = "initializing_timed_out"` - `const StatusValidationTimedOut Status = "validation_timed_out"` - `const StatusIssuanceTimedOut Status = "issuance_timed_out"` - `const StatusDeploymentTimedOut Status = "deployment_timed_out"` - `const StatusDeletionTimedOut Status = "deletion_timed_out"` - `const StatusPendingCleanup Status = "pending_cleanup"` - `const StatusStagingDeployment Status = "staging_deployment"` - `const StatusStagingActive Status = "staging_active"` - `const StatusDeactivating Status = "deactivating"` - `const StatusInactive Status = "inactive"` - `const StatusBackupIssued Status = "backup_issued"` - `const StatusHoldingDeployment Status = "holding_deployment"` - `Type CertificatePackEditResponseType` Type of certificate pack. - `const CertificatePackEditResponseTypeMhCustom CertificatePackEditResponseType = "mh_custom"` - `const CertificatePackEditResponseTypeManagedHostname CertificatePackEditResponseType = "managed_hostname"` - `const CertificatePackEditResponseTypeSNICustom CertificatePackEditResponseType = "sni_custom"` - `const CertificatePackEditResponseTypeUniversal CertificatePackEditResponseType = "universal"` - `const CertificatePackEditResponseTypeAdvanced CertificatePackEditResponseType = "advanced"` - `const CertificatePackEditResponseTypeTotalTLS CertificatePackEditResponseType = "total_tls"` - `const CertificatePackEditResponseTypeKeyless CertificatePackEditResponseType = "keyless"` - `const CertificatePackEditResponseTypeLegacyCustom CertificatePackEditResponseType = "legacy_custom"` - `CertificateAuthority CertificatePackEditResponseCertificateAuthority` Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `const CertificatePackEditResponseCertificateAuthorityGoogle CertificatePackEditResponseCertificateAuthority = "google"` - `const CertificatePackEditResponseCertificateAuthorityLetsEncrypt CertificatePackEditResponseCertificateAuthority = "lets_encrypt"` - `const CertificatePackEditResponseCertificateAuthoritySSLCom CertificatePackEditResponseCertificateAuthority = "ssl_com"` - `CloudflareBranding bool` Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. - `DCVDelegationRecords []CertificatePackEditResponseDCVDelegationRecord` DCV Delegation records for domain validation. - `CNAME string` The CNAME record hostname for DCV delegation. - `CNAMETarget string` The CNAME record target value for DCV delegation. - `Emails []string` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `HTTPBody string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `HTTPURL string` The url that will be checked during domain validation. - `Status string` Status of the validation record. - `TXTName string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `TXTValue string` The TXT record that the certificate authority (CA) will check during domain validation. - `PrimaryCertificate string` Identifier of the primary certificate in a pack. - `ValidationErrors []CertificatePackEditResponseValidationError` Domain validation errors that have been received by the certificate authority (CA). - `Message string` A domain validation error. - `ValidationMethod CertificatePackEditResponseValidationMethod` Validation Method selected for the order. - `const CertificatePackEditResponseValidationMethodTXT CertificatePackEditResponseValidationMethod = "txt"` - `const CertificatePackEditResponseValidationMethodHTTP CertificatePackEditResponseValidationMethod = "http"` - `const CertificatePackEditResponseValidationMethodEmail CertificatePackEditResponseValidationMethod = "email"` - `ValidationRecords []CertificatePackEditResponseValidationRecord` Certificates' validation records. - `CNAME string` The CNAME record hostname for DCV delegation. - `CNAMETarget string` The CNAME record target value for DCV delegation. - `Emails []string` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `HTTPBody string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `HTTPURL string` The url that will be checked during domain validation. - `Status string` Status of the validation record. - `TXTName string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `TXTValue string` The TXT record that the certificate authority (CA) will check during domain validation. - `ValidityDays CertificatePackEditResponseValidityDays` Validity Days selected for the order. - `const CertificatePackEditResponseValidityDays14 CertificatePackEditResponseValidityDays = 14` - `const CertificatePackEditResponseValidityDays30 CertificatePackEditResponseValidityDays = 30` - `const CertificatePackEditResponseValidityDays90 CertificatePackEditResponseValidityDays = 90` - `const CertificatePackEditResponseValidityDays365 CertificatePackEditResponseValidityDays = 365` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) response, err := client.SSL.CertificatePacks.Edit( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", ssl.CertificatePackEditParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", response.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificates": [ { "id": "7e7b8deba8538af625850b7b2530034c", "hosts": [ "example.com", "*.example.com" ], "status": "active", "bundle_method": "ubiquitous", "expires_on": "2024-01-01T00:00:00Z", "geo_restrictions": { "label": "us" }, "issuer": "Let's Encrypt", "modified_on": "2014-01-01T05:20:00Z", "priority": 0, "signature": "ECDSAWithSHA256", "uploaded_on": "2014-01-01T05:20:00Z", "zone_id": "023e105f4ecef8ad9ca31a8372d0c353" } ], "hosts": [ "example.com", "*.example.com", "www.example.com" ], "status": "initializing", "type": "universal", "certificate_authority": "lets_encrypt", "cloudflare_branding": false, "dcv_delegation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "primary_certificate": "7e7b8deba8538af625850b7b2530034c", "validation_errors": [ { "message": "SERVFAIL looking up CAA for app.example.com" } ], "validation_method": "txt", "validation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "validity_days": 14 } } ``` ## Delete Advanced Certificate Manager Certificate Pack `client.SSL.CertificatePacks.Delete(ctx, certificatePackID, body) (*CertificatePackDeleteResponse, error)` **delete** `/zones/{zone_id}/ssl/certificate_packs/{certificate_pack_id}` For a given zone, delete an advanced certificate pack. ### Parameters - `certificatePackID string` Identifier. - `body CertificatePackDeleteParams` - `ZoneID param.Field[string]` Identifier. ### Returns - `type CertificatePackDeleteResponse struct{…}` - `ID string` Identifier. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) certificatePack, err := client.SSL.CertificatePacks.Delete( context.TODO(), "023e105f4ecef8ad9ca31a8372d0c353", ssl.CertificatePackDeleteParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", certificatePack.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353" } } ``` ## Domain Types ### Host - `type Host string` ### Request Validity - `type RequestValidity float64` The number of days for which the certificate should be valid. - `const RequestValidity7 RequestValidity = 7` - `const RequestValidity30 RequestValidity = 30` - `const RequestValidity90 RequestValidity = 90` - `const RequestValidity365 RequestValidity = 365` - `const RequestValidity730 RequestValidity = 730` - `const RequestValidity1095 RequestValidity = 1095` - `const RequestValidity5475 RequestValidity = 5475` ### Status - `type Status string` Status of certificate pack. - `const StatusInitializing Status = "initializing"` - `const StatusPendingValidation Status = "pending_validation"` - `const StatusDeleted Status = "deleted"` - `const StatusPendingIssuance Status = "pending_issuance"` - `const StatusPendingDeployment Status = "pending_deployment"` - `const StatusPendingDeletion Status = "pending_deletion"` - `const StatusPendingExpiration Status = "pending_expiration"` - `const StatusExpired Status = "expired"` - `const StatusActive Status = "active"` - `const StatusInitializingTimedOut Status = "initializing_timed_out"` - `const StatusValidationTimedOut Status = "validation_timed_out"` - `const StatusIssuanceTimedOut Status = "issuance_timed_out"` - `const StatusDeploymentTimedOut Status = "deployment_timed_out"` - `const StatusDeletionTimedOut Status = "deletion_timed_out"` - `const StatusPendingCleanup Status = "pending_cleanup"` - `const StatusStagingDeployment Status = "staging_deployment"` - `const StatusStagingActive Status = "staging_active"` - `const StatusDeactivating Status = "deactivating"` - `const StatusInactive Status = "inactive"` - `const StatusBackupIssued Status = "backup_issued"` - `const StatusHoldingDeployment Status = "holding_deployment"` ### Validation Method - `type ValidationMethod string` Validation method in use for a certificate pack order. - `const ValidationMethodHTTP ValidationMethod = "http"` - `const ValidationMethodCNAME ValidationMethod = "cname"` - `const ValidationMethodTXT ValidationMethod = "txt"` # Quota ## Get Certificate Pack Quotas `client.SSL.CertificatePacks.Quota.Get(ctx, query) (*CertificatePackQuotaGetResponse, error)` **get** `/zones/{zone_id}/ssl/certificate_packs/quota` For a given zone, list certificate pack quotas. ### Parameters - `query CertificatePackQuotaGetParams` - `ZoneID param.Field[string]` Identifier. ### Returns - `type CertificatePackQuotaGetResponse struct{…}` - `Advanced CertificatePackQuotaGetResponseAdvanced` - `Allocated int64` Quantity Allocated. - `Used int64` Quantity Used. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) quota, err := client.SSL.CertificatePacks.Quota.Get(context.TODO(), ssl.CertificatePackQuotaGetParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", quota.Advanced) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "advanced": { "allocated": 0, "used": 0 } } } ``` # Recommendations ## SSL/TLS Recommendation `client.SSL.Recommendations.Get(ctx, query) (*RecommendationGetResponse, error)` **get** `/zones/{zone_id}/ssl/recommendation` Retrieve the SSL/TLS Recommender's recommendation for a zone. ### Parameters - `query RecommendationGetParams` - `ZoneID param.Field[string]` ### Returns - `type RecommendationGetResponse struct{…}` - `ID string` - `Editable bool` Whether this setting can be updated or not. - `ModifiedOn Time` Last time this setting was modified. - `Value RecommendationGetResponseValue` Current setting of the automatic SSL/TLS. - `const RecommendationGetResponseValueAuto RecommendationGetResponseValue = "auto"` - `const RecommendationGetResponseValueCustom RecommendationGetResponseValue = "custom"` - `NextScheduledScan Time` Next time this zone will be scanned by the Automatic SSL/TLS. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) recommendation, err := client.SSL.Recommendations.Get(context.TODO(), ssl.RecommendationGetParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", recommendation.ID) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "ssl_automatic_mode", "editable": true, "modified_on": "2014-01-01T05:20:00.12345Z", "value": "auto", "next_scheduled_scan": "2014-01-01T05:20:00.12345Z" }, "success": true } ``` # Automatic Upgrader # Universal # Settings ## Universal SSL Settings Details `client.SSL.Universal.Settings.Get(ctx, query) (*UniversalSSLSettings, error)` **get** `/zones/{zone_id}/ssl/universal/settings` Get Universal SSL Settings for a Zone. ### Parameters - `query UniversalSettingGetParams` - `ZoneID param.Field[string]` Identifier. ### Returns - `type UniversalSSLSettings struct{…}` - `Enabled bool` Disabling Universal SSL removes any currently active Universal SSL certificates for your zone from the edge and prevents any future Universal SSL certificates from being ordered. If there are no advanced certificates or custom certificates uploaded for the domain, visitors will be unable to access the domain over HTTPS. By disabling Universal SSL, you understand that the following Cloudflare settings and preferences will result in visitors being unable to visit your domain unless you have uploaded a custom certificate or purchased an advanced certificate. * HSTS * Always Use HTTPS * Opportunistic Encryption * Onion Routing * Any Page Rules redirecting traffic to HTTPS Similarly, any HTTP redirect to HTTPS at the origin while the Cloudflare proxy is enabled will result in users being unable to visit your site without a valid certificate at Cloudflare's edge. If you do not have a valid custom or advanced certificate at Cloudflare's edge and are unsure if any of the above Cloudflare settings are enabled, or if any HTTP redirects exist at your origin, we advise leaving Universal SSL enabled for your domain. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) universalSSLSettings, err := client.SSL.Universal.Settings.Get(context.TODO(), ssl.UniversalSettingGetParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", universalSSLSettings.Enabled) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "enabled": true } } ``` ## Edit Universal SSL Settings `client.SSL.Universal.Settings.Edit(ctx, params) (*UniversalSSLSettings, error)` **patch** `/zones/{zone_id}/ssl/universal/settings` Patch Universal SSL Settings for a Zone. ### Parameters - `params UniversalSettingEditParams` - `ZoneID param.Field[string]` Path param: Identifier. - `UniversalSSLSettings param.Field[UniversalSSLSettings]` Body param ### Returns - `type UniversalSSLSettings struct{…}` - `Enabled bool` Disabling Universal SSL removes any currently active Universal SSL certificates for your zone from the edge and prevents any future Universal SSL certificates from being ordered. If there are no advanced certificates or custom certificates uploaded for the domain, visitors will be unable to access the domain over HTTPS. By disabling Universal SSL, you understand that the following Cloudflare settings and preferences will result in visitors being unable to visit your domain unless you have uploaded a custom certificate or purchased an advanced certificate. * HSTS * Always Use HTTPS * Opportunistic Encryption * Onion Routing * Any Page Rules redirecting traffic to HTTPS Similarly, any HTTP redirect to HTTPS at the origin while the Cloudflare proxy is enabled will result in users being unable to visit your site without a valid certificate at Cloudflare's edge. If you do not have a valid custom or advanced certificate at Cloudflare's edge and are unsure if any of the above Cloudflare settings are enabled, or if any HTTP redirects exist at your origin, we advise leaving Universal SSL enabled for your domain. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) universalSSLSettings, err := client.SSL.Universal.Settings.Edit(context.TODO(), ssl.UniversalSettingEditParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), UniversalSSLSettings: ssl.UniversalSSLSettingsParam{ }, }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", universalSSLSettings.Enabled) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "enabled": true } } ``` ## Domain Types ### Universal SSL Settings - `type UniversalSSLSettings struct{…}` - `Enabled bool` Disabling Universal SSL removes any currently active Universal SSL certificates for your zone from the edge and prevents any future Universal SSL certificates from being ordered. If there are no advanced certificates or custom certificates uploaded for the domain, visitors will be unable to access the domain over HTTPS. By disabling Universal SSL, you understand that the following Cloudflare settings and preferences will result in visitors being unable to visit your domain unless you have uploaded a custom certificate or purchased an advanced certificate. * HSTS * Always Use HTTPS * Opportunistic Encryption * Onion Routing * Any Page Rules redirecting traffic to HTTPS Similarly, any HTTP redirect to HTTPS at the origin while the Cloudflare proxy is enabled will result in users being unable to visit your site without a valid certificate at Cloudflare's edge. If you do not have a valid custom or advanced certificate at Cloudflare's edge and are unsure if any of the above Cloudflare settings are enabled, or if any HTTP redirects exist at your origin, we advise leaving Universal SSL enabled for your domain. # Verification ## SSL Verification Details `client.SSL.Verification.Get(ctx, params) (*[]Verification, error)` **get** `/zones/{zone_id}/ssl/verification` Get SSL Verification Info for a Zone. ### Parameters - `params VerificationGetParams` - `ZoneID param.Field[string]` Path param: Identifier. - `Retry param.Field[VerificationGetParamsRetry]` Query param: Immediately retry SSL Verification. - `const VerificationGetParamsRetryTrue VerificationGetParamsRetry = true` ### Returns - `type VerificationGetResponseEnvelopeResult []Verification` - `CertificateStatus VerificationCertificateStatus` Current status of certificate. - `const VerificationCertificateStatusInitializing VerificationCertificateStatus = "initializing"` - `const VerificationCertificateStatusAuthorizing VerificationCertificateStatus = "authorizing"` - `const VerificationCertificateStatusActive VerificationCertificateStatus = "active"` - `const VerificationCertificateStatusExpired VerificationCertificateStatus = "expired"` - `const VerificationCertificateStatusIssuing VerificationCertificateStatus = "issuing"` - `const VerificationCertificateStatusTimingOut VerificationCertificateStatus = "timing_out"` - `const VerificationCertificateStatusPendingDeployment VerificationCertificateStatus = "pending_deployment"` - `BrandCheck bool` Certificate Authority is manually reviewing the order. - `CERTPackUUID string` Certificate Pack UUID. - `Signature VerificationSignature` Certificate's signature algorithm. - `const VerificationSignatureEcdsaWithSha256 VerificationSignature = "ECDSAWithSHA256"` - `const VerificationSignatureSha1WithRSA VerificationSignature = "SHA1WithRSA"` - `const VerificationSignatureSha256WithRSA VerificationSignature = "SHA256WithRSA"` - `ValidationMethod ValidationMethod` Validation method in use for a certificate pack order. - `const ValidationMethodHTTP ValidationMethod = "http"` - `const ValidationMethodCNAME ValidationMethod = "cname"` - `const ValidationMethodTXT ValidationMethod = "txt"` - `VerificationInfo VerificationVerificationInfo` Certificate's required verification information. - `RecordName VerificationVerificationInfoRecordName` Name of CNAME record. - `const VerificationVerificationInfoRecordNameRecordName VerificationVerificationInfoRecordName = "record_name"` - `const VerificationVerificationInfoRecordNameHTTPURL VerificationVerificationInfoRecordName = "http_url"` - `const VerificationVerificationInfoRecordNameCNAME VerificationVerificationInfoRecordName = "cname"` - `const VerificationVerificationInfoRecordNameTXTName VerificationVerificationInfoRecordName = "txt_name"` - `RecordTarget VerificationVerificationInfoRecordTarget` Target of CNAME record. - `const VerificationVerificationInfoRecordTargetRecordValue VerificationVerificationInfoRecordTarget = "record_value"` - `const VerificationVerificationInfoRecordTargetHTTPBody VerificationVerificationInfoRecordTarget = "http_body"` - `const VerificationVerificationInfoRecordTargetCNAMETarget VerificationVerificationInfoRecordTarget = "cname_target"` - `const VerificationVerificationInfoRecordTargetTXTValue VerificationVerificationInfoRecordTarget = "txt_value"` - `VerificationStatus bool` Status of the required verification information, omitted if verification status is unknown. - `VerificationType VerificationVerificationType` Method of verification. - `const VerificationVerificationTypeCNAME VerificationVerificationType = "cname"` - `const VerificationVerificationTypeMetaTag VerificationVerificationType = "meta tag"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) verifications, err := client.SSL.Verification.Get(context.TODO(), ssl.VerificationGetParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", verifications) } ``` #### Response ```json { "result": [ { "certificate_status": "active", "brand_check": false, "cert_pack_uuid": "a77f8bd7-3b47-46b4-a6f1-75cf98109948", "signature": "ECDSAWithSHA256", "validation_method": "txt", "verification_info": { "record_name": "record_name", "record_target": "record_value" }, "verification_status": true, "verification_type": "cname" } ] } ``` ## Edit SSL Certificate Pack Validation Method `client.SSL.Verification.Edit(ctx, certificatePackID, params) (*VerificationEditResponse, error)` **patch** `/zones/{zone_id}/ssl/verification/{certificate_pack_id}` Edit SSL validation method for a certificate pack. A PATCH request will request an immediate validation check on any certificate, and return the updated status. If a validation method is provided, the validation will be immediately attempted using that method. ### Parameters - `certificatePackID string` Certificate Pack UUID. - `params VerificationEditParams` - `ZoneID param.Field[string]` Path param: Identifier. - `ValidationMethod param.Field[VerificationEditParamsValidationMethod]` Body param: Desired validation method. - `const VerificationEditParamsValidationMethodHTTP VerificationEditParamsValidationMethod = "http"` - `const VerificationEditParamsValidationMethodCNAME VerificationEditParamsValidationMethod = "cname"` - `const VerificationEditParamsValidationMethodTXT VerificationEditParamsValidationMethod = "txt"` - `const VerificationEditParamsValidationMethodEmail VerificationEditParamsValidationMethod = "email"` ### Returns - `type VerificationEditResponse struct{…}` - `Status string` Result status. - `ValidationMethod VerificationEditResponseValidationMethod` Desired validation method. - `const VerificationEditResponseValidationMethodHTTP VerificationEditResponseValidationMethod = "http"` - `const VerificationEditResponseValidationMethodCNAME VerificationEditResponseValidationMethod = "cname"` - `const VerificationEditResponseValidationMethodTXT VerificationEditResponseValidationMethod = "txt"` - `const VerificationEditResponseValidationMethodEmail VerificationEditResponseValidationMethod = "email"` ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) response, err := client.SSL.Verification.Edit( context.TODO(), "a77f8bd7-3b47-46b4-a6f1-75cf98109948", ssl.VerificationEditParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), ValidationMethod: cloudflare.F(ssl.VerificationEditParamsValidationMethodTXT), }, ) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", response.ValidationMethod) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "status": "pending_validation", "validation_method": "txt" } } ``` ## Domain Types ### Verification - `type Verification struct{…}` - `CertificateStatus VerificationCertificateStatus` Current status of certificate. - `const VerificationCertificateStatusInitializing VerificationCertificateStatus = "initializing"` - `const VerificationCertificateStatusAuthorizing VerificationCertificateStatus = "authorizing"` - `const VerificationCertificateStatusActive VerificationCertificateStatus = "active"` - `const VerificationCertificateStatusExpired VerificationCertificateStatus = "expired"` - `const VerificationCertificateStatusIssuing VerificationCertificateStatus = "issuing"` - `const VerificationCertificateStatusTimingOut VerificationCertificateStatus = "timing_out"` - `const VerificationCertificateStatusPendingDeployment VerificationCertificateStatus = "pending_deployment"` - `BrandCheck bool` Certificate Authority is manually reviewing the order. - `CERTPackUUID string` Certificate Pack UUID. - `Signature VerificationSignature` Certificate's signature algorithm. - `const VerificationSignatureEcdsaWithSha256 VerificationSignature = "ECDSAWithSHA256"` - `const VerificationSignatureSha1WithRSA VerificationSignature = "SHA1WithRSA"` - `const VerificationSignatureSha256WithRSA VerificationSignature = "SHA256WithRSA"` - `ValidationMethod ValidationMethod` Validation method in use for a certificate pack order. - `const ValidationMethodHTTP ValidationMethod = "http"` - `const ValidationMethodCNAME ValidationMethod = "cname"` - `const ValidationMethodTXT ValidationMethod = "txt"` - `VerificationInfo VerificationVerificationInfo` Certificate's required verification information. - `RecordName VerificationVerificationInfoRecordName` Name of CNAME record. - `const VerificationVerificationInfoRecordNameRecordName VerificationVerificationInfoRecordName = "record_name"` - `const VerificationVerificationInfoRecordNameHTTPURL VerificationVerificationInfoRecordName = "http_url"` - `const VerificationVerificationInfoRecordNameCNAME VerificationVerificationInfoRecordName = "cname"` - `const VerificationVerificationInfoRecordNameTXTName VerificationVerificationInfoRecordName = "txt_name"` - `RecordTarget VerificationVerificationInfoRecordTarget` Target of CNAME record. - `const VerificationVerificationInfoRecordTargetRecordValue VerificationVerificationInfoRecordTarget = "record_value"` - `const VerificationVerificationInfoRecordTargetHTTPBody VerificationVerificationInfoRecordTarget = "http_body"` - `const VerificationVerificationInfoRecordTargetCNAMETarget VerificationVerificationInfoRecordTarget = "cname_target"` - `const VerificationVerificationInfoRecordTargetTXTValue VerificationVerificationInfoRecordTarget = "txt_value"` - `VerificationStatus bool` Status of the required verification information, omitted if verification status is unknown. - `VerificationType VerificationVerificationType` Method of verification. - `const VerificationVerificationTypeCNAME VerificationVerificationType = "cname"` - `const VerificationVerificationTypeMetaTag VerificationVerificationType = "meta tag"`