Skip to content
Cloudflare API
Start here
API Reference
Custom Csrs

Create Custom CSR

client.customCsrs.create(CustomCsrCreateParams { common_name, country, locality, 9 more } params, RequestOptionsoptions?): CustomCsrCreateResponse { id, created_at, key_type, 11 more }
POST/{accounts_or_zones}/{account_or_zone_id}/custom_csrs

Generate a new custom Certificate Signing Request (CSR) for an account or zone. Cloudflare generates and securely stores the private key associated with the CSR.

Security
API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY
API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194
Accepted Permissions (at least one required)
Account: SSL and Certificates Write
ParametersExpand Collapse
params: CustomCsrCreateParams { common_name, country, locality, 9 more }
common_name: string

Body param: The common name (domain) for the CSR. Must be at most 64 characters.

maxLength64
country: string

Body param: Two-letter ISO 3166-1 alpha-2 country code.

locality: string

Body param: City or locality name.

organization: string

Body param: Organization name.

sans: Array<string>

Body param: Subject Alternative Names for the CSR. At least one SAN is required.

state: string

Body param: State or province name.

account_id?: string

Path param: The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.

zone_id?: string

Path param: The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.

description?: string

Body param: Optional description for the CSR.

key_type?: "rsa2048" | "p256v1"

Body param: Key algorithm to use for the CSR. Defaults to rsa2048 if not specified.

One of the following:
"rsa2048"
"p256v1"
name?: string

Body param: Human-readable name for the CSR.

organizational_unit?: string

Body param: Organizational unit name.

ReturnsExpand Collapse
CustomCsrCreateResponse { id, created_at, key_type, 11 more }

A custom Certificate Signing Request (CSR).

id: string

Custom CSR identifier tag.

maxLength36
created_at: string

When the CSR was created.

formatdate-time
key_type: "rsa2048" | "p256v1"

The key algorithm used to generate the CSR.

One of the following:
"rsa2048"
"p256v1"
account_tag?: string

Account identifier associated with this CSR.

common_name?: string

The common name (domain) for the CSR.

maxLength64
country?: string

Two-letter ISO 3166-1 alpha-2 country code.

csr?: string

The PEM-encoded Certificate Signing Request.

description?: string

Optional description for the CSR.

locality?: string

City or locality name.

name?: string

Human-readable name for the CSR.

organization?: string

Organization name.

organizational_unit?: string

Organizational unit name.

sans?: Array<string>

Subject Alternative Names included in the CSR.

state?: string

State or province name.

Create Custom CSR

import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const customCsr = await client.customCsrs.create({
  common_name: 'example.com',
  country: 'US',
  locality: 'San Francisco',
  organization: 'Cloudflare, Inc.',
  sans: ['example.com', 'www.example.com'],
  state: 'California',
  account_id: 'account_id',
});

console.log(customCsr.id);
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "7b163417-1d2b-4c84-a38a-2fb7a0cd7752",
    "created_at": "2024-01-15T10:30:00Z",
    "key_type": "rsa2048",
    "account_tag": "23e087bd19bc1d40ae95b6f297263ceb",
    "common_name": "example.com",
    "country": "US",
    "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIICYzCCAUsCAQAwHj...",
    "description": "CSR for example.com wildcard",
    "locality": "San Francisco",
    "name": "My Custom CSR",
    "organization": "Cloudflare, Inc.",
    "organizational_unit": "Engineering",
    "sans": [
      "example.com",
      "www.example.com"
    ],
    "state": "California"
  }
}
Returns Examples
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "7b163417-1d2b-4c84-a38a-2fb7a0cd7752",
    "created_at": "2024-01-15T10:30:00Z",
    "key_type": "rsa2048",
    "account_tag": "23e087bd19bc1d40ae95b6f297263ceb",
    "common_name": "example.com",
    "country": "US",
    "csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIICYzCCAUsCAQAwHj...",
    "description": "CSR for example.com wildcard",
    "locality": "San Francisco",
    "name": "My Custom CSR",
    "organization": "Cloudflare, Inc.",
    "organizational_unit": "Engineering",
    "sans": [
      "example.com",
      "www.example.com"
    ],
    "state": "California"
  }
}