# Universal # Settings ## Universal SSL Settings Details `client.SSL.Universal.Settings.Get(ctx, query) (*UniversalSSLSettings, error)` **get** `/zones/{zone_id}/ssl/universal/settings` Get Universal SSL Settings for a Zone. ### Parameters - `query UniversalSettingGetParams` - `ZoneID param.Field[string]` Identifier. ### Returns - `type UniversalSSLSettings struct{…}` - `Enabled bool` Disabling Universal SSL removes any currently active Universal SSL certificates for your zone from the edge and prevents any future Universal SSL certificates from being ordered. If there are no advanced certificates or custom certificates uploaded for the domain, visitors will be unable to access the domain over HTTPS. By disabling Universal SSL, you understand that the following Cloudflare settings and preferences will result in visitors being unable to visit your domain unless you have uploaded a custom certificate or purchased an advanced certificate. * HSTS * Always Use HTTPS * Opportunistic Encryption * Onion Routing * Any Page Rules redirecting traffic to HTTPS Similarly, any HTTP redirect to HTTPS at the origin while the Cloudflare proxy is enabled will result in users being unable to visit your site without a valid certificate at Cloudflare's edge. If you do not have a valid custom or advanced certificate at Cloudflare's edge and are unsure if any of the above Cloudflare settings are enabled, or if any HTTP redirects exist at your origin, we advise leaving Universal SSL enabled for your domain. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) universalSSLSettings, err := client.SSL.Universal.Settings.Get(context.TODO(), ssl.UniversalSettingGetParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", universalSSLSettings.Enabled) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "enabled": true } } ``` ## Edit Universal SSL Settings `client.SSL.Universal.Settings.Edit(ctx, params) (*UniversalSSLSettings, error)` **patch** `/zones/{zone_id}/ssl/universal/settings` Patch Universal SSL Settings for a Zone. ### Parameters - `params UniversalSettingEditParams` - `ZoneID param.Field[string]` Path param: Identifier. - `UniversalSSLSettings param.Field[UniversalSSLSettings]` Body param ### Returns - `type UniversalSSLSettings struct{…}` - `Enabled bool` Disabling Universal SSL removes any currently active Universal SSL certificates for your zone from the edge and prevents any future Universal SSL certificates from being ordered. If there are no advanced certificates or custom certificates uploaded for the domain, visitors will be unable to access the domain over HTTPS. By disabling Universal SSL, you understand that the following Cloudflare settings and preferences will result in visitors being unable to visit your domain unless you have uploaded a custom certificate or purchased an advanced certificate. * HSTS * Always Use HTTPS * Opportunistic Encryption * Onion Routing * Any Page Rules redirecting traffic to HTTPS Similarly, any HTTP redirect to HTTPS at the origin while the Cloudflare proxy is enabled will result in users being unable to visit your site without a valid certificate at Cloudflare's edge. If you do not have a valid custom or advanced certificate at Cloudflare's edge and are unsure if any of the above Cloudflare settings are enabled, or if any HTTP redirects exist at your origin, we advise leaving Universal SSL enabled for your domain. ### Example ```go package main import ( "context" "fmt" "github.com/cloudflare/cloudflare-go" "github.com/cloudflare/cloudflare-go/option" "github.com/cloudflare/cloudflare-go/ssl" ) func main() { client := cloudflare.NewClient( option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"), ) universalSSLSettings, err := client.SSL.Universal.Settings.Edit(context.TODO(), ssl.UniversalSettingEditParams{ ZoneID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"), UniversalSSLSettings: ssl.UniversalSSLSettingsParam{ }, }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", universalSSLSettings.Enabled) } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "enabled": true } } ``` ## Domain Types ### Universal SSL Settings - `type UniversalSSLSettings struct{…}` - `Enabled bool` Disabling Universal SSL removes any currently active Universal SSL certificates for your zone from the edge and prevents any future Universal SSL certificates from being ordered. If there are no advanced certificates or custom certificates uploaded for the domain, visitors will be unable to access the domain over HTTPS. By disabling Universal SSL, you understand that the following Cloudflare settings and preferences will result in visitors being unable to visit your domain unless you have uploaded a custom certificate or purchased an advanced certificate. * HSTS * Always Use HTTPS * Opportunistic Encryption * Onion Routing * Any Page Rules redirecting traffic to HTTPS Similarly, any HTTP redirect to HTTPS at the origin while the Cloudflare proxy is enabled will result in users being unable to visit your site without a valid certificate at Cloudflare's edge. If you do not have a valid custom or advanced certificate at Cloudflare's edge and are unsure if any of the above Cloudflare settings are enabled, or if any HTTP redirects exist at your origin, we advise leaving Universal SSL enabled for your domain.