Skip to content
Cloudflare API
Start here
API Reference
SSL
Auto Origin TLS Kex

Patch Auto-Origin TLS KEX enrollment status for the given zone

client.SSL.AutoOriginTLSKex.Edit(ctx, params) (*AutoOriginTLSKexEditResponse, error)
PATCH/zones/{zone_id}/settings/auto_origin_tls_kex

Enable or disable Auto-Origin TLS KEX selection for the zone by sending {"enabled": true} or {"enabled": false}. When enabled, Cloudflare runs a periodic scan of the zone’s origins to determine the preferred key-exchange algorithm and writes that preference to the edge so it is sent first in the TLS ClientHello to the origin.

Security
API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY
API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194
ParametersExpand Collapse
params AutoOriginTLSKexEditParams
ZoneID param.Field[string]

Path param

maxLength32
Enabled param.Field[bool]

Body param: Controls enablement of Auto-Origin TLS KEX selection for the zone.

ReturnsExpand Collapse
type AutoOriginTLSKexEditResponse struct{…}
ID string
Enabled bool

Whether Auto-Origin TLS KEX selection is enabled for the zone.

ModifiedOn Time

Last time this setting was modified.

formatdate-time

Patch Auto-Origin TLS KEX enrollment status for the given zone

package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/option"
  "github.com/cloudflare/cloudflare-go/ssl"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  response, err := client.SSL.AutoOriginTLSKex.Edit(context.TODO(), ssl.AutoOriginTLSKexEditParams{
    ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
    Enabled: cloudflare.F(true),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", response.ID)
}

{
  "errors": [],
  "messages": [],
  "result": {
    "enabled": false,
    "id": "auto_origin_tls_kex",
    "modified_on": "2014-01-01T05:20:00.12345Z"
  },
  "success": true
}
{
  "errors": [],
  "messages": [],
  "result": {
    "enabled": true,
    "id": "auto_origin_tls_kex",
    "modified_on": "2014-01-01T05:20:00.12345Z"
  },
  "success": true
}
{
  "errors": [
    {
      "code": 1009,
      "message": "Missing field 'enabled' in JSON body"
    }
  ],
  "messages": [],
  "result": {
    "enabled": false,
    "id": "auto_origin_tls_kex",
    "modified_on": "2014-01-01T05:20:00.12345Z"
  },
  "success": false
}
Returns Examples
{
  "errors": [],
  "messages": [],
  "result": {
    "enabled": false,
    "id": "auto_origin_tls_kex",
    "modified_on": "2014-01-01T05:20:00.12345Z"
  },
  "success": true
}
{
  "errors": [],
  "messages": [],
  "result": {
    "enabled": true,
    "id": "auto_origin_tls_kex",
    "modified_on": "2014-01-01T05:20:00.12345Z"
  },
  "success": true
}
{
  "errors": [
    {
      "code": 1009,
      "message": "Missing field 'enabled' in JSON body"
    }
  ],
  "messages": [],
  "result": {
    "enabled": false,
    "id": "auto_origin_tls_kex",
    "modified_on": "2014-01-01T05:20:00.12345Z"
  },
  "success": false
}