API Reference

Keyless Certificates

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Edit Keyless SSL Configuration

client.keylessCertificates.edit(stringkeylessCertificateId, KeylessCertificateEditParams { zone_id, enabled, host, 3 more } params, RequestOptionsoptions?): KeylessCertificate { id, created_on, enabled, 7 more }

PATCH/zones/{zone_id}/keyless_certificates/{keyless_certificate_id}

This will update attributes of a Keyless SSL. Consists of one or more of the following: host,name,port.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

SSL and Certificates Write

ParametersExpand Collapse

keylessCertificateId: string

Identifier.

maxLength32

params: KeylessCertificateEditParams { zone_id, enabled, host, 3 more }

zone_id: string

Path param: Identifier.

maxLength32

Deprecatedenabled?: boolean

Body param: Whether or not the Keyless SSL is on or off.

host?: string

Body param: The keyless SSL name.

formathostname

maxLength253

name?: string

Body param: The keyless SSL name.

maxLength180

port?: number

Body param: The keyless SSL port used to communicate between Cloudflare and the client’s Keyless SSL server.

maxLength65535

tunnel?: Tunnel { private_ip, vnet_id }

Body param: Configuration for using Keyless SSL through a Cloudflare Tunnel

private_ip: string

Private IP of the Key Server Host

vnet_id: string

Cloudflare Tunnel Virtual Network ID

ReturnsExpand Collapse

KeylessCertificate { id, created_on, enabled, 7 more }

id: string

Keyless certificate identifier tag.

maxLength32

created_on: string

When the Keyless SSL was created.

formatdate-time

enabled: boolean

Whether or not the Keyless SSL is on or off.

host: string

The keyless SSL name.

formathostname

maxLength253

modified_on: string

When the Keyless SSL was last modified.

formatdate-time

name: string

The keyless SSL name.

maxLength180

permissions: Array<string>

Available permissions for the Keyless SSL for the current user requesting the item.

port: number

The keyless SSL port used to communicate between Cloudflare and the client’s Keyless SSL server.

maxLength65535

status: "active" | "deleted"

Status of the Keyless SSL.

One of the following:

"active"

"deleted"

tunnel?: Tunnel { private_ip, vnet_id }

Configuration for using Keyless SSL through a Cloudflare Tunnel

private_ip: string

Private IP of the Key Server Host

vnet_id: string

Cloudflare Tunnel Virtual Network ID

Edit Keyless SSL Configuration

TypeScript

HTTP

TypeScript

Python

Go

Terraform

import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

const keylessCertificate = await client.keylessCertificates.edit(
  '023e105f4ecef8ad9ca31a8372d0c353',
  { zone_id: '023e105f4ecef8ad9ca31a8372d0c353' },
);

console.log(keylessCertificate.id);

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "4d2844d2ce78891c34d0b6c0535a291e",
    "created_on": "2014-01-01T05:20:00Z",
    "enabled": false,
    "host": "example.com",
    "modified_on": "2014-01-01T05:20:00Z",
    "name": "example.com Keyless SSL",
    "permissions": [
      "#ssl:read",
      "#ssl:edit"
    ],
    "port": 24008,
    "status": "active",
    "tunnel": {
      "private_ip": "10.0.0.1",
      "vnet_id": "7365377a-85a4-4390-9480-531ef7dc7a3c"
    }
  }
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "4d2844d2ce78891c34d0b6c0535a291e",
    "created_on": "2014-01-01T05:20:00Z",
    "enabled": false,
    "host": "example.com",
    "modified_on": "2014-01-01T05:20:00Z",
    "name": "example.com Keyless SSL",
    "permissions": [
      "#ssl:read",
      "#ssl:edit"
    ],
    "port": 24008,
    "status": "active",
    "tunnel": {
      "private_ip": "10.0.0.1",
      "vnet_id": "7365377a-85a4-4390-9480-531ef7dc7a3c"
    }
  }
}