# ACM # Total TLS ## Total TLS Settings Details `client.acm.totalTLS.get(TotalTLSGetParamsparams, RequestOptionsoptions?): TotalTLSGetResponse` **get** `/zones/{zone_id}/acm/total_tls` Get Total TLS Settings for a Zone. ### Parameters - `params: TotalTLSGetParams` - `zone_id: string` Identifier. ### Returns - `TotalTLSGetResponse` - `certificate_authority?: CertificateAuthority` The Certificate Authority that Total TLS certificates will be issued through. - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `enabled?: boolean` If enabled, Total TLS will order a hostname specific TLS certificate for any proxied A, AAAA, or CNAME record in your zone. - `validity_period?: 90` The validity period in days for the certificates ordered via Total TLS. - `90` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const totalTLS = await client.acm.totalTLS.get({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' }); console.log(totalTLS.validity_period); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "certificate_authority": "google", "enabled": true, "validity_period": 90 } } ``` ## Enable or Disable Total TLS `client.acm.totalTLS.update(TotalTLSUpdateParamsparams, RequestOptionsoptions?): TotalTLSUpdateResponse` **post** `/zones/{zone_id}/acm/total_tls` Set Total TLS Settings or disable the feature for a Zone. ### Parameters - `params: TotalTLSUpdateParams` - `zone_id: string` Path param: Identifier. - `enabled: boolean` Body param: If enabled, Total TLS will order a hostname specific TLS certificate for any proxied A, AAAA, or CNAME record in your zone. - `certificate_authority?: CertificateAuthority` Body param: The Certificate Authority that Total TLS certificates will be issued through. - `"google"` - `"lets_encrypt"` - `"ssl_com"` ### Returns - `TotalTLSUpdateResponse` - `certificate_authority?: CertificateAuthority` The Certificate Authority that Total TLS certificates will be issued through. - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `enabled?: boolean` If enabled, Total TLS will order a hostname specific TLS certificate for any proxied A, AAAA, or CNAME record in your zone. - `validity_period?: 90` The validity period in days for the certificates ordered via Total TLS. - `90` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const totalTLS = await client.acm.totalTLS.update({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', enabled: true, }); console.log(totalTLS.validity_period); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "certificate_authority": "google", "enabled": true, "validity_period": 90 } } ``` ## Enable or Disable Total TLS `client.acm.totalTLS.edit(TotalTLSEditParamsparams, RequestOptionsoptions?): TotalTLSEditResponse` **post** `/zones/{zone_id}/acm/total_tls` Set Total TLS Settings or disable the feature for a Zone. ### Parameters - `params: TotalTLSEditParams` - `zone_id: string` Path param: Identifier. - `enabled: boolean` Body param: If enabled, Total TLS will order a hostname specific TLS certificate for any proxied A, AAAA, or CNAME record in your zone. - `certificate_authority?: CertificateAuthority` Body param: The Certificate Authority that Total TLS certificates will be issued through. - `"google"` - `"lets_encrypt"` - `"ssl_com"` ### Returns - `TotalTLSEditResponse` - `certificate_authority?: CertificateAuthority` The Certificate Authority that Total TLS certificates will be issued through. - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `enabled?: boolean` If enabled, Total TLS will order a hostname specific TLS certificate for any proxied A, AAAA, or CNAME record in your zone. - `validity_period?: 90` The validity period in days for the certificates ordered via Total TLS. - `90` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const response = await client.acm.totalTLS.edit({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', enabled: true, }); console.log(response.validity_period); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "certificate_authority": "google", "enabled": true, "validity_period": 90 } } ``` ## Domain Types ### Certificate Authority - `CertificateAuthority = "google" | "lets_encrypt" | "ssl_com"` The Certificate Authority that Total TLS certificates will be issued through. - `"google"` - `"lets_encrypt"` - `"ssl_com"` ### Total TLS Get Response - `TotalTLSGetResponse` - `certificate_authority?: CertificateAuthority` The Certificate Authority that Total TLS certificates will be issued through. - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `enabled?: boolean` If enabled, Total TLS will order a hostname specific TLS certificate for any proxied A, AAAA, or CNAME record in your zone. - `validity_period?: 90` The validity period in days for the certificates ordered via Total TLS. - `90` ### Total TLS Update Response - `TotalTLSUpdateResponse` - `certificate_authority?: CertificateAuthority` The Certificate Authority that Total TLS certificates will be issued through. - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `enabled?: boolean` If enabled, Total TLS will order a hostname specific TLS certificate for any proxied A, AAAA, or CNAME record in your zone. - `validity_period?: 90` The validity period in days for the certificates ordered via Total TLS. - `90` ### Total TLS Edit Response - `TotalTLSEditResponse` - `certificate_authority?: CertificateAuthority` The Certificate Authority that Total TLS certificates will be issued through. - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `enabled?: boolean` If enabled, Total TLS will order a hostname specific TLS certificate for any proxied A, AAAA, or CNAME record in your zone. - `validity_period?: 90` The validity period in days for the certificates ordered via Total TLS. - `90` # Custom Trust Store ## List Custom Origin Trust Store Details `client.acm.customTrustStore.list(CustomTrustStoreListParamsparams, RequestOptionsoptions?): V4PagePaginationArray` **get** `/zones/{zone_id}/acm/custom_trust_store` Get Custom Origin Trust Store for a Zone. ### Parameters - `params: CustomTrustStoreListParams` - `zone_id: string` Path param: Identifier. - `limit?: number` Query param: Limit to the number of records returned. - `offset?: number` Query param: Offset the results - `page?: number` Query param: Page number of paginated results. - `per_page?: number` Query param: Number of records per page. ### Returns - `CustomTrustStore` - `id: string` Identifier. - `certificate: string` The zone's SSL certificate or certificate and the intermediate(s). - `expires_on: string` When the certificate expires. - `issuer: string` The certificate authority that issued the certificate. - `signature: string` The type of hash used for the certificate. - `status: "initializing" | "pending_deployment" | "active" | 3 more` Status of the zone's custom SSL. - `"initializing"` - `"pending_deployment"` - `"active"` - `"pending_deletion"` - `"deleted"` - `"expired"` - `updated_at: string` When the certificate was last modified. - `uploaded_on: string` When the certificate was uploaded to Cloudflare. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const customTrustStore of client.acm.customTrustStore.list({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', })) { console.log(customTrustStore.id); } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificate": "-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", "expires_on": "2122-10-29T16:59:47Z", "issuer": "GlobalSign", "signature": "SHA256WithRSA", "status": "active", "updated_at": "2014-01-01T05:20:00Z", "uploaded_on": "2014-01-01T05:20:00Z" } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Upload Custom Origin Trust Store `client.acm.customTrustStore.create(CustomTrustStoreCreateParamsparams, RequestOptionsoptions?): CustomTrustStore` **post** `/zones/{zone_id}/acm/custom_trust_store` Add Custom Origin Trust Store for a Zone. ### Parameters - `params: CustomTrustStoreCreateParams` - `zone_id: string` Path param: Identifier. - `certificate: string` Body param: The zone's SSL certificate or certificate and the intermediate(s). ### Returns - `CustomTrustStore` - `id: string` Identifier. - `certificate: string` The zone's SSL certificate or certificate and the intermediate(s). - `expires_on: string` When the certificate expires. - `issuer: string` The certificate authority that issued the certificate. - `signature: string` The type of hash used for the certificate. - `status: "initializing" | "pending_deployment" | "active" | 3 more` Status of the zone's custom SSL. - `"initializing"` - `"pending_deployment"` - `"active"` - `"pending_deletion"` - `"deleted"` - `"expired"` - `updated_at: string` When the certificate was last modified. - `uploaded_on: string` When the certificate was uploaded to Cloudflare. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const customTrustStore = await client.acm.customTrustStore.create({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', certificate: '-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n', }); console.log(customTrustStore.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificate": "-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", "expires_on": "2122-10-29T16:59:47Z", "issuer": "GlobalSign", "signature": "SHA256WithRSA", "status": "active", "updated_at": "2014-01-01T05:20:00Z", "uploaded_on": "2014-01-01T05:20:00Z" } } ``` ## Custom Origin Trust Store Details `client.acm.customTrustStore.get(stringcustomOriginTrustStoreId, CustomTrustStoreGetParamsparams, RequestOptionsoptions?): CustomTrustStore` **get** `/zones/{zone_id}/acm/custom_trust_store/{custom_origin_trust_store_id}` Retrieves details about a specific certificate in the custom origin trust store, including expiration and subject information. ### Parameters - `customOriginTrustStoreId: string` Identifier. - `params: CustomTrustStoreGetParams` - `zone_id: string` Identifier. ### Returns - `CustomTrustStore` - `id: string` Identifier. - `certificate: string` The zone's SSL certificate or certificate and the intermediate(s). - `expires_on: string` When the certificate expires. - `issuer: string` The certificate authority that issued the certificate. - `signature: string` The type of hash used for the certificate. - `status: "initializing" | "pending_deployment" | "active" | 3 more` Status of the zone's custom SSL. - `"initializing"` - `"pending_deployment"` - `"active"` - `"pending_deletion"` - `"deleted"` - `"expired"` - `updated_at: string` When the certificate was last modified. - `uploaded_on: string` When the certificate was uploaded to Cloudflare. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const customTrustStore = await client.acm.customTrustStore.get('023e105f4ecef8ad9ca31a8372d0c353', { zone_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(customTrustStore.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificate": "-----BEGIN CERTIFICATE-----\nMIIDdjCCAl6gAwIBAgIJAPnMg0Fs+/B0MA0GCSqGSIb3DQEBCwUAMFsx...\n-----END CERTIFICATE-----\n", "expires_on": "2122-10-29T16:59:47Z", "issuer": "GlobalSign", "signature": "SHA256WithRSA", "status": "active", "updated_at": "2014-01-01T05:20:00Z", "uploaded_on": "2014-01-01T05:20:00Z" } } ``` ## Delete Custom Origin Trust Store `client.acm.customTrustStore.delete(stringcustomOriginTrustStoreId, CustomTrustStoreDeleteParamsparams, RequestOptionsoptions?): CustomTrustStoreDeleteResponse` **delete** `/zones/{zone_id}/acm/custom_trust_store/{custom_origin_trust_store_id}` Removes a CA certificate from the custom origin trust store. Origins using certificates signed by this CA will no longer be trusted. ### Parameters - `customOriginTrustStoreId: string` Identifier. - `params: CustomTrustStoreDeleteParams` - `zone_id: string` Identifier. ### Returns - `CustomTrustStoreDeleteResponse` - `id?: string` Identifier. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const customTrustStore = await client.acm.customTrustStore.delete( '023e105f4ecef8ad9ca31a8372d0c353', { zone_id: '023e105f4ecef8ad9ca31a8372d0c353' }, ); console.log(customTrustStore.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353" } } ``` ## Domain Types ### Custom Trust Store - `CustomTrustStore` - `id: string` Identifier. - `certificate: string` The zone's SSL certificate or certificate and the intermediate(s). - `expires_on: string` When the certificate expires. - `issuer: string` The certificate authority that issued the certificate. - `signature: string` The type of hash used for the certificate. - `status: "initializing" | "pending_deployment" | "active" | 3 more` Status of the zone's custom SSL. - `"initializing"` - `"pending_deployment"` - `"active"` - `"pending_deletion"` - `"deleted"` - `"expired"` - `updated_at: string` When the certificate was last modified. - `uploaded_on: string` When the certificate was uploaded to Cloudflare. ### Custom Trust Store Delete Response - `CustomTrustStoreDeleteResponse` - `id?: string` Identifier.