# SSL # Analyze ## Analyze Certificate `client.ssl.analyze.create(AnalyzeCreateParamsparams, RequestOptionsoptions?): AnalyzeCreateResponse` **post** `/zones/{zone_id}/ssl/analyze` Returns the set of hostnames, the signature algorithm, and the expiration date of the certificate. ### Parameters - `params: AnalyzeCreateParams` - `zone_id: string` Path param: Identifier. - `bundle_method?: BundleMethod` Body param: A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. - `"ubiquitous"` - `"optimal"` - `"force"` - `certificate?: string` Body param: The zone's SSL certificate or certificate and the intermediate(s). ### Returns - `AnalyzeCreateResponse = unknown` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const analyze = await client.ssl.analyze.create({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' }); console.log(analyze); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": {} } ``` ## Domain Types ### Analyze Create Response - `AnalyzeCreateResponse = unknown` # Certificate Packs ## List Certificate Packs `client.ssl.certificatePacks.list(CertificatePackListParamsparams, RequestOptionsoptions?): V4PagePaginationArray` **get** `/zones/{zone_id}/ssl/certificate_packs` For a given zone, list all active certificate packs. ### Parameters - `params: CertificatePackListParams` - `zone_id: string` Path param: Identifier. - `deploy?: "staging" | "production"` Query param: Specify the deployment environment for the certificate packs. - `"staging"` - `"production"` - `page?: number` Query param: Page number of paginated results. - `per_page?: number` Query param: Number of certificate packs per page. - `status?: "all"` Query param: Include Certificate Packs of all statuses, not just active ones. - `"all"` ### Returns - `CertificatePackListResponse` A certificate pack with all its properties. - `id: string` Identifier. - `certificates: Array` Array of certificates in this pack. - `id: string` Certificate identifier. - `hosts: Array` Hostnames covered by this certificate. - `status: string` Certificate status. - `bundle_method?: string` Certificate bundle method. - `expires_on?: string` When the certificate from the authority expires. - `geo_restrictions?: GeoRestrictions` Specify the region where your private key can be held locally. - `label?: "us" | "eu" | "highest_security"` - `"us"` - `"eu"` - `"highest_security"` - `issuer?: string` The certificate authority that issued the certificate. - `modified_on?: string` When the certificate was last modified. - `priority?: number` The order/priority in which the certificate will be used. - `signature?: string` The type of hash used for the certificate. - `uploaded_on?: string` When the certificate was uploaded to Cloudflare. - `zone_id?: string` Identifier. - `hosts: Array` Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `status: Status` Status of certificate pack. - `"initializing"` - `"pending_validation"` - `"deleted"` - `"pending_issuance"` - `"pending_deployment"` - `"pending_deletion"` - `"pending_expiration"` - `"expired"` - `"active"` - `"initializing_timed_out"` - `"validation_timed_out"` - `"issuance_timed_out"` - `"deployment_timed_out"` - `"deletion_timed_out"` - `"pending_cleanup"` - `"staging_deployment"` - `"staging_active"` - `"deactivating"` - `"inactive"` - `"backup_issued"` - `"holding_deployment"` - `type: "mh_custom" | "managed_hostname" | "sni_custom" | 5 more` Type of certificate pack. - `"mh_custom"` - `"managed_hostname"` - `"sni_custom"` - `"universal"` - `"advanced"` - `"total_tls"` - `"keyless"` - `"legacy_custom"` - `certificate_authority?: "google" | "lets_encrypt" | "ssl_com"` Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `cloudflare_branding?: boolean` Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. - `dcv_delegation_records?: Array` DCV Delegation records for domain validation. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `primary_certificate?: string` Identifier of the primary certificate in a pack. - `validation_errors?: Array` Domain validation errors that have been received by the certificate authority (CA). - `message?: string` A domain validation error. - `validation_method?: "txt" | "http" | "email"` Validation Method selected for the order. - `"txt"` - `"http"` - `"email"` - `validation_records?: Array` Certificates' validation records. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `validity_days?: 14 | 30 | 90 | 365` Validity Days selected for the order. - `14` - `30` - `90` - `365` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const certificatePackListResponse of client.ssl.certificatePacks.list({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', })) { console.log(certificatePackListResponse.id); } ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificates": [ { "id": "7e7b8deba8538af625850b7b2530034c", "hosts": [ "example.com", "*.example.com" ], "status": "active", "bundle_method": "ubiquitous", "expires_on": "2024-01-01T00:00:00Z", "geo_restrictions": { "label": "us" }, "issuer": "Let's Encrypt", "modified_on": "2014-01-01T05:20:00Z", "priority": 0, "signature": "ECDSAWithSHA256", "uploaded_on": "2014-01-01T05:20:00Z", "zone_id": "023e105f4ecef8ad9ca31a8372d0c353" } ], "hosts": [ "example.com", "*.example.com", "www.example.com" ], "status": "initializing", "type": "universal", "certificate_authority": "lets_encrypt", "cloudflare_branding": false, "dcv_delegation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "primary_certificate": "7e7b8deba8538af625850b7b2530034c", "validation_errors": [ { "message": "SERVFAIL looking up CAA for app.example.com" } ], "validation_method": "txt", "validation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "validity_days": 14 } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Get Certificate Pack `client.ssl.certificatePacks.get(stringcertificatePackId, CertificatePackGetParamsparams, RequestOptionsoptions?): CertificatePackGetResponse` **get** `/zones/{zone_id}/ssl/certificate_packs/{certificate_pack_id}` For a given zone, get a certificate pack. ### Parameters - `certificatePackId: string` Identifier. - `params: CertificatePackGetParams` - `zone_id: string` Identifier. ### Returns - `CertificatePackGetResponse` A certificate pack with all its properties. - `id: string` Identifier. - `certificates: Array` Array of certificates in this pack. - `id: string` Certificate identifier. - `hosts: Array` Hostnames covered by this certificate. - `status: string` Certificate status. - `bundle_method?: string` Certificate bundle method. - `expires_on?: string` When the certificate from the authority expires. - `geo_restrictions?: GeoRestrictions` Specify the region where your private key can be held locally. - `label?: "us" | "eu" | "highest_security"` - `"us"` - `"eu"` - `"highest_security"` - `issuer?: string` The certificate authority that issued the certificate. - `modified_on?: string` When the certificate was last modified. - `priority?: number` The order/priority in which the certificate will be used. - `signature?: string` The type of hash used for the certificate. - `uploaded_on?: string` When the certificate was uploaded to Cloudflare. - `zone_id?: string` Identifier. - `hosts: Array` Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `status: Status` Status of certificate pack. - `"initializing"` - `"pending_validation"` - `"deleted"` - `"pending_issuance"` - `"pending_deployment"` - `"pending_deletion"` - `"pending_expiration"` - `"expired"` - `"active"` - `"initializing_timed_out"` - `"validation_timed_out"` - `"issuance_timed_out"` - `"deployment_timed_out"` - `"deletion_timed_out"` - `"pending_cleanup"` - `"staging_deployment"` - `"staging_active"` - `"deactivating"` - `"inactive"` - `"backup_issued"` - `"holding_deployment"` - `type: "mh_custom" | "managed_hostname" | "sni_custom" | 5 more` Type of certificate pack. - `"mh_custom"` - `"managed_hostname"` - `"sni_custom"` - `"universal"` - `"advanced"` - `"total_tls"` - `"keyless"` - `"legacy_custom"` - `certificate_authority?: "google" | "lets_encrypt" | "ssl_com"` Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `cloudflare_branding?: boolean` Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. - `dcv_delegation_records?: Array` DCV Delegation records for domain validation. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `primary_certificate?: string` Identifier of the primary certificate in a pack. - `validation_errors?: Array` Domain validation errors that have been received by the certificate authority (CA). - `message?: string` A domain validation error. - `validation_method?: "txt" | "http" | "email"` Validation Method selected for the order. - `"txt"` - `"http"` - `"email"` - `validation_records?: Array` Certificates' validation records. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `validity_days?: 14 | 30 | 90 | 365` Validity Days selected for the order. - `14` - `30` - `90` - `365` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const certificatePack = await client.ssl.certificatePacks.get('023e105f4ecef8ad9ca31a8372d0c353', { zone_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(certificatePack.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificates": [ { "id": "7e7b8deba8538af625850b7b2530034c", "hosts": [ "example.com", "*.example.com" ], "status": "active", "bundle_method": "ubiquitous", "expires_on": "2024-01-01T00:00:00Z", "geo_restrictions": { "label": "us" }, "issuer": "Let's Encrypt", "modified_on": "2014-01-01T05:20:00Z", "priority": 0, "signature": "ECDSAWithSHA256", "uploaded_on": "2014-01-01T05:20:00Z", "zone_id": "023e105f4ecef8ad9ca31a8372d0c353" } ], "hosts": [ "example.com", "*.example.com", "www.example.com" ], "status": "initializing", "type": "universal", "certificate_authority": "lets_encrypt", "cloudflare_branding": false, "dcv_delegation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "primary_certificate": "7e7b8deba8538af625850b7b2530034c", "validation_errors": [ { "message": "SERVFAIL looking up CAA for app.example.com" } ], "validation_method": "txt", "validation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "validity_days": 14 } } ``` ## Order Advanced Certificate Manager Certificate Pack `client.ssl.certificatePacks.create(CertificatePackCreateParamsparams, RequestOptionsoptions?): CertificatePackCreateResponse` **post** `/zones/{zone_id}/ssl/certificate_packs/order` For a given zone, order an advanced certificate pack. ### Parameters - `params: CertificatePackCreateParams` - `zone_id: string` Path param: Identifier. - `certificate_authority: "google" | "lets_encrypt" | "ssl_com"` Body param: Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `hosts: Array` Body param: Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `type: "advanced"` Body param: Type of certificate pack. - `"advanced"` - `validation_method: "txt" | "http" | "email"` Body param: Validation Method selected for the order. - `"txt"` - `"http"` - `"email"` - `validity_days: 14 | 30 | 90 | 365` Body param: Validity Days selected for the order. - `14` - `30` - `90` - `365` - `cloudflare_branding?: boolean` Body param: Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. ### Returns - `CertificatePackCreateResponse` A certificate pack with all its properties. - `id: string` Identifier. - `certificates: Array` Array of certificates in this pack. - `id: string` Certificate identifier. - `hosts: Array` Hostnames covered by this certificate. - `status: string` Certificate status. - `bundle_method?: string` Certificate bundle method. - `expires_on?: string` When the certificate from the authority expires. - `geo_restrictions?: GeoRestrictions` Specify the region where your private key can be held locally. - `label?: "us" | "eu" | "highest_security"` - `"us"` - `"eu"` - `"highest_security"` - `issuer?: string` The certificate authority that issued the certificate. - `modified_on?: string` When the certificate was last modified. - `priority?: number` The order/priority in which the certificate will be used. - `signature?: string` The type of hash used for the certificate. - `uploaded_on?: string` When the certificate was uploaded to Cloudflare. - `zone_id?: string` Identifier. - `hosts: Array` Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `status: Status` Status of certificate pack. - `"initializing"` - `"pending_validation"` - `"deleted"` - `"pending_issuance"` - `"pending_deployment"` - `"pending_deletion"` - `"pending_expiration"` - `"expired"` - `"active"` - `"initializing_timed_out"` - `"validation_timed_out"` - `"issuance_timed_out"` - `"deployment_timed_out"` - `"deletion_timed_out"` - `"pending_cleanup"` - `"staging_deployment"` - `"staging_active"` - `"deactivating"` - `"inactive"` - `"backup_issued"` - `"holding_deployment"` - `type: "mh_custom" | "managed_hostname" | "sni_custom" | 5 more` Type of certificate pack. - `"mh_custom"` - `"managed_hostname"` - `"sni_custom"` - `"universal"` - `"advanced"` - `"total_tls"` - `"keyless"` - `"legacy_custom"` - `certificate_authority?: "google" | "lets_encrypt" | "ssl_com"` Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `cloudflare_branding?: boolean` Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. - `dcv_delegation_records?: Array` DCV Delegation records for domain validation. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `primary_certificate?: string` Identifier of the primary certificate in a pack. - `validation_errors?: Array` Domain validation errors that have been received by the certificate authority (CA). - `message?: string` A domain validation error. - `validation_method?: "txt" | "http" | "email"` Validation Method selected for the order. - `"txt"` - `"http"` - `"email"` - `validation_records?: Array` Certificates' validation records. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `validity_days?: 14 | 30 | 90 | 365` Validity Days selected for the order. - `14` - `30` - `90` - `365` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const certificatePack = await client.ssl.certificatePacks.create({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', certificate_authority: 'lets_encrypt', hosts: ['example.com', '*.example.com', 'www.example.com'], type: 'advanced', validation_method: 'txt', validity_days: 14, }); console.log(certificatePack.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificates": [ { "id": "7e7b8deba8538af625850b7b2530034c", "hosts": [ "example.com", "*.example.com" ], "status": "active", "bundle_method": "ubiquitous", "expires_on": "2024-01-01T00:00:00Z", "geo_restrictions": { "label": "us" }, "issuer": "Let's Encrypt", "modified_on": "2014-01-01T05:20:00Z", "priority": 0, "signature": "ECDSAWithSHA256", "uploaded_on": "2014-01-01T05:20:00Z", "zone_id": "023e105f4ecef8ad9ca31a8372d0c353" } ], "hosts": [ "example.com", "*.example.com", "www.example.com" ], "status": "initializing", "type": "universal", "certificate_authority": "lets_encrypt", "cloudflare_branding": false, "dcv_delegation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "primary_certificate": "7e7b8deba8538af625850b7b2530034c", "validation_errors": [ { "message": "SERVFAIL looking up CAA for app.example.com" } ], "validation_method": "txt", "validation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "validity_days": 14 } } ``` ## Restart Validation or Update Advanced Certificate Manager Certificate Pack `client.ssl.certificatePacks.edit(stringcertificatePackId, CertificatePackEditParamsparams, RequestOptionsoptions?): CertificatePackEditResponse` **patch** `/zones/{zone_id}/ssl/certificate_packs/{certificate_pack_id}` For a given zone, restart validation or add cloudflare branding for an advanced certificate pack. The former is only a validation operation for a Certificate Pack in a validation_timed_out status. ### Parameters - `certificatePackId: string` Identifier. - `params: CertificatePackEditParams` - `zone_id: string` Path param: Identifier. - `cloudflare_branding?: boolean` Body param: Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. ### Returns - `CertificatePackEditResponse` A certificate pack with all its properties. - `id: string` Identifier. - `certificates: Array` Array of certificates in this pack. - `id: string` Certificate identifier. - `hosts: Array` Hostnames covered by this certificate. - `status: string` Certificate status. - `bundle_method?: string` Certificate bundle method. - `expires_on?: string` When the certificate from the authority expires. - `geo_restrictions?: GeoRestrictions` Specify the region where your private key can be held locally. - `label?: "us" | "eu" | "highest_security"` - `"us"` - `"eu"` - `"highest_security"` - `issuer?: string` The certificate authority that issued the certificate. - `modified_on?: string` When the certificate was last modified. - `priority?: number` The order/priority in which the certificate will be used. - `signature?: string` The type of hash used for the certificate. - `uploaded_on?: string` When the certificate was uploaded to Cloudflare. - `zone_id?: string` Identifier. - `hosts: Array` Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `status: Status` Status of certificate pack. - `"initializing"` - `"pending_validation"` - `"deleted"` - `"pending_issuance"` - `"pending_deployment"` - `"pending_deletion"` - `"pending_expiration"` - `"expired"` - `"active"` - `"initializing_timed_out"` - `"validation_timed_out"` - `"issuance_timed_out"` - `"deployment_timed_out"` - `"deletion_timed_out"` - `"pending_cleanup"` - `"staging_deployment"` - `"staging_active"` - `"deactivating"` - `"inactive"` - `"backup_issued"` - `"holding_deployment"` - `type: "mh_custom" | "managed_hostname" | "sni_custom" | 5 more` Type of certificate pack. - `"mh_custom"` - `"managed_hostname"` - `"sni_custom"` - `"universal"` - `"advanced"` - `"total_tls"` - `"keyless"` - `"legacy_custom"` - `certificate_authority?: "google" | "lets_encrypt" | "ssl_com"` Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `cloudflare_branding?: boolean` Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. - `dcv_delegation_records?: Array` DCV Delegation records for domain validation. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `primary_certificate?: string` Identifier of the primary certificate in a pack. - `validation_errors?: Array` Domain validation errors that have been received by the certificate authority (CA). - `message?: string` A domain validation error. - `validation_method?: "txt" | "http" | "email"` Validation Method selected for the order. - `"txt"` - `"http"` - `"email"` - `validation_records?: Array` Certificates' validation records. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `validity_days?: 14 | 30 | 90 | 365` Validity Days selected for the order. - `14` - `30` - `90` - `365` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const response = await client.ssl.certificatePacks.edit('023e105f4ecef8ad9ca31a8372d0c353', { zone_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(response.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353", "certificates": [ { "id": "7e7b8deba8538af625850b7b2530034c", "hosts": [ "example.com", "*.example.com" ], "status": "active", "bundle_method": "ubiquitous", "expires_on": "2024-01-01T00:00:00Z", "geo_restrictions": { "label": "us" }, "issuer": "Let's Encrypt", "modified_on": "2014-01-01T05:20:00Z", "priority": 0, "signature": "ECDSAWithSHA256", "uploaded_on": "2014-01-01T05:20:00Z", "zone_id": "023e105f4ecef8ad9ca31a8372d0c353" } ], "hosts": [ "example.com", "*.example.com", "www.example.com" ], "status": "initializing", "type": "universal", "certificate_authority": "lets_encrypt", "cloudflare_branding": false, "dcv_delegation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "primary_certificate": "7e7b8deba8538af625850b7b2530034c", "validation_errors": [ { "message": "SERVFAIL looking up CAA for app.example.com" } ], "validation_method": "txt", "validation_records": [ { "cname": "_acme-challenge.example.com", "cname_target": "dcv.cloudflare.com", "emails": [ "administrator@example.com", "webmaster@example.com" ], "http_body": "ca3-574923932a82475cb8592200f1a2a23d", "http_url": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt", "status": "pending", "txt_name": "_acme-challenge.app.example.com", "txt_value": "810b7d5f01154524b961ba0cd578acc2" } ], "validity_days": 14 } } ``` ## Delete Advanced Certificate Manager Certificate Pack `client.ssl.certificatePacks.delete(stringcertificatePackId, CertificatePackDeleteParamsparams, RequestOptionsoptions?): CertificatePackDeleteResponse` **delete** `/zones/{zone_id}/ssl/certificate_packs/{certificate_pack_id}` For a given zone, delete an advanced certificate pack. ### Parameters - `certificatePackId: string` Identifier. - `params: CertificatePackDeleteParams` - `zone_id: string` Identifier. ### Returns - `CertificatePackDeleteResponse` - `id?: string` Identifier. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const certificatePack = await client.ssl.certificatePacks.delete( '023e105f4ecef8ad9ca31a8372d0c353', { zone_id: '023e105f4ecef8ad9ca31a8372d0c353' }, ); console.log(certificatePack.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "id": "023e105f4ecef8ad9ca31a8372d0c353" } } ``` ## Domain Types ### Host - `Host = string` ### Request Validity - `RequestValidity = 7 | 30 | 90 | 4 more` The number of days for which the certificate should be valid. - `7` - `30` - `90` - `365` - `730` - `1095` - `5475` ### Status - `Status = "initializing" | "pending_validation" | "deleted" | 18 more` Status of certificate pack. - `"initializing"` - `"pending_validation"` - `"deleted"` - `"pending_issuance"` - `"pending_deployment"` - `"pending_deletion"` - `"pending_expiration"` - `"expired"` - `"active"` - `"initializing_timed_out"` - `"validation_timed_out"` - `"issuance_timed_out"` - `"deployment_timed_out"` - `"deletion_timed_out"` - `"pending_cleanup"` - `"staging_deployment"` - `"staging_active"` - `"deactivating"` - `"inactive"` - `"backup_issued"` - `"holding_deployment"` ### Validation Method - `ValidationMethod = "http" | "cname" | "txt"` Validation method in use for a certificate pack order. - `"http"` - `"cname"` - `"txt"` ### Certificate Pack List Response - `CertificatePackListResponse` A certificate pack with all its properties. - `id: string` Identifier. - `certificates: Array` Array of certificates in this pack. - `id: string` Certificate identifier. - `hosts: Array` Hostnames covered by this certificate. - `status: string` Certificate status. - `bundle_method?: string` Certificate bundle method. - `expires_on?: string` When the certificate from the authority expires. - `geo_restrictions?: GeoRestrictions` Specify the region where your private key can be held locally. - `label?: "us" | "eu" | "highest_security"` - `"us"` - `"eu"` - `"highest_security"` - `issuer?: string` The certificate authority that issued the certificate. - `modified_on?: string` When the certificate was last modified. - `priority?: number` The order/priority in which the certificate will be used. - `signature?: string` The type of hash used for the certificate. - `uploaded_on?: string` When the certificate was uploaded to Cloudflare. - `zone_id?: string` Identifier. - `hosts: Array` Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `status: Status` Status of certificate pack. - `"initializing"` - `"pending_validation"` - `"deleted"` - `"pending_issuance"` - `"pending_deployment"` - `"pending_deletion"` - `"pending_expiration"` - `"expired"` - `"active"` - `"initializing_timed_out"` - `"validation_timed_out"` - `"issuance_timed_out"` - `"deployment_timed_out"` - `"deletion_timed_out"` - `"pending_cleanup"` - `"staging_deployment"` - `"staging_active"` - `"deactivating"` - `"inactive"` - `"backup_issued"` - `"holding_deployment"` - `type: "mh_custom" | "managed_hostname" | "sni_custom" | 5 more` Type of certificate pack. - `"mh_custom"` - `"managed_hostname"` - `"sni_custom"` - `"universal"` - `"advanced"` - `"total_tls"` - `"keyless"` - `"legacy_custom"` - `certificate_authority?: "google" | "lets_encrypt" | "ssl_com"` Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `cloudflare_branding?: boolean` Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. - `dcv_delegation_records?: Array` DCV Delegation records for domain validation. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `primary_certificate?: string` Identifier of the primary certificate in a pack. - `validation_errors?: Array` Domain validation errors that have been received by the certificate authority (CA). - `message?: string` A domain validation error. - `validation_method?: "txt" | "http" | "email"` Validation Method selected for the order. - `"txt"` - `"http"` - `"email"` - `validation_records?: Array` Certificates' validation records. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `validity_days?: 14 | 30 | 90 | 365` Validity Days selected for the order. - `14` - `30` - `90` - `365` ### Certificate Pack Get Response - `CertificatePackGetResponse` A certificate pack with all its properties. - `id: string` Identifier. - `certificates: Array` Array of certificates in this pack. - `id: string` Certificate identifier. - `hosts: Array` Hostnames covered by this certificate. - `status: string` Certificate status. - `bundle_method?: string` Certificate bundle method. - `expires_on?: string` When the certificate from the authority expires. - `geo_restrictions?: GeoRestrictions` Specify the region where your private key can be held locally. - `label?: "us" | "eu" | "highest_security"` - `"us"` - `"eu"` - `"highest_security"` - `issuer?: string` The certificate authority that issued the certificate. - `modified_on?: string` When the certificate was last modified. - `priority?: number` The order/priority in which the certificate will be used. - `signature?: string` The type of hash used for the certificate. - `uploaded_on?: string` When the certificate was uploaded to Cloudflare. - `zone_id?: string` Identifier. - `hosts: Array` Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `status: Status` Status of certificate pack. - `"initializing"` - `"pending_validation"` - `"deleted"` - `"pending_issuance"` - `"pending_deployment"` - `"pending_deletion"` - `"pending_expiration"` - `"expired"` - `"active"` - `"initializing_timed_out"` - `"validation_timed_out"` - `"issuance_timed_out"` - `"deployment_timed_out"` - `"deletion_timed_out"` - `"pending_cleanup"` - `"staging_deployment"` - `"staging_active"` - `"deactivating"` - `"inactive"` - `"backup_issued"` - `"holding_deployment"` - `type: "mh_custom" | "managed_hostname" | "sni_custom" | 5 more` Type of certificate pack. - `"mh_custom"` - `"managed_hostname"` - `"sni_custom"` - `"universal"` - `"advanced"` - `"total_tls"` - `"keyless"` - `"legacy_custom"` - `certificate_authority?: "google" | "lets_encrypt" | "ssl_com"` Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `cloudflare_branding?: boolean` Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. - `dcv_delegation_records?: Array` DCV Delegation records for domain validation. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `primary_certificate?: string` Identifier of the primary certificate in a pack. - `validation_errors?: Array` Domain validation errors that have been received by the certificate authority (CA). - `message?: string` A domain validation error. - `validation_method?: "txt" | "http" | "email"` Validation Method selected for the order. - `"txt"` - `"http"` - `"email"` - `validation_records?: Array` Certificates' validation records. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `validity_days?: 14 | 30 | 90 | 365` Validity Days selected for the order. - `14` - `30` - `90` - `365` ### Certificate Pack Create Response - `CertificatePackCreateResponse` A certificate pack with all its properties. - `id: string` Identifier. - `certificates: Array` Array of certificates in this pack. - `id: string` Certificate identifier. - `hosts: Array` Hostnames covered by this certificate. - `status: string` Certificate status. - `bundle_method?: string` Certificate bundle method. - `expires_on?: string` When the certificate from the authority expires. - `geo_restrictions?: GeoRestrictions` Specify the region where your private key can be held locally. - `label?: "us" | "eu" | "highest_security"` - `"us"` - `"eu"` - `"highest_security"` - `issuer?: string` The certificate authority that issued the certificate. - `modified_on?: string` When the certificate was last modified. - `priority?: number` The order/priority in which the certificate will be used. - `signature?: string` The type of hash used for the certificate. - `uploaded_on?: string` When the certificate was uploaded to Cloudflare. - `zone_id?: string` Identifier. - `hosts: Array` Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `status: Status` Status of certificate pack. - `"initializing"` - `"pending_validation"` - `"deleted"` - `"pending_issuance"` - `"pending_deployment"` - `"pending_deletion"` - `"pending_expiration"` - `"expired"` - `"active"` - `"initializing_timed_out"` - `"validation_timed_out"` - `"issuance_timed_out"` - `"deployment_timed_out"` - `"deletion_timed_out"` - `"pending_cleanup"` - `"staging_deployment"` - `"staging_active"` - `"deactivating"` - `"inactive"` - `"backup_issued"` - `"holding_deployment"` - `type: "mh_custom" | "managed_hostname" | "sni_custom" | 5 more` Type of certificate pack. - `"mh_custom"` - `"managed_hostname"` - `"sni_custom"` - `"universal"` - `"advanced"` - `"total_tls"` - `"keyless"` - `"legacy_custom"` - `certificate_authority?: "google" | "lets_encrypt" | "ssl_com"` Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `cloudflare_branding?: boolean` Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. - `dcv_delegation_records?: Array` DCV Delegation records for domain validation. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `primary_certificate?: string` Identifier of the primary certificate in a pack. - `validation_errors?: Array` Domain validation errors that have been received by the certificate authority (CA). - `message?: string` A domain validation error. - `validation_method?: "txt" | "http" | "email"` Validation Method selected for the order. - `"txt"` - `"http"` - `"email"` - `validation_records?: Array` Certificates' validation records. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `validity_days?: 14 | 30 | 90 | 365` Validity Days selected for the order. - `14` - `30` - `90` - `365` ### Certificate Pack Edit Response - `CertificatePackEditResponse` A certificate pack with all its properties. - `id: string` Identifier. - `certificates: Array` Array of certificates in this pack. - `id: string` Certificate identifier. - `hosts: Array` Hostnames covered by this certificate. - `status: string` Certificate status. - `bundle_method?: string` Certificate bundle method. - `expires_on?: string` When the certificate from the authority expires. - `geo_restrictions?: GeoRestrictions` Specify the region where your private key can be held locally. - `label?: "us" | "eu" | "highest_security"` - `"us"` - `"eu"` - `"highest_security"` - `issuer?: string` The certificate authority that issued the certificate. - `modified_on?: string` When the certificate was last modified. - `priority?: number` The order/priority in which the certificate will be used. - `signature?: string` The type of hash used for the certificate. - `uploaded_on?: string` When the certificate was uploaded to Cloudflare. - `zone_id?: string` Identifier. - `hosts: Array` Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty. - `status: Status` Status of certificate pack. - `"initializing"` - `"pending_validation"` - `"deleted"` - `"pending_issuance"` - `"pending_deployment"` - `"pending_deletion"` - `"pending_expiration"` - `"expired"` - `"active"` - `"initializing_timed_out"` - `"validation_timed_out"` - `"issuance_timed_out"` - `"deployment_timed_out"` - `"deletion_timed_out"` - `"pending_cleanup"` - `"staging_deployment"` - `"staging_active"` - `"deactivating"` - `"inactive"` - `"backup_issued"` - `"holding_deployment"` - `type: "mh_custom" | "managed_hostname" | "sni_custom" | 5 more` Type of certificate pack. - `"mh_custom"` - `"managed_hostname"` - `"sni_custom"` - `"universal"` - `"advanced"` - `"total_tls"` - `"keyless"` - `"legacy_custom"` - `certificate_authority?: "google" | "lets_encrypt" | "ssl_com"` Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions [see this page for more details.](https://developers.cloudflare.com/ssl/reference/certificate-authorities) - `"google"` - `"lets_encrypt"` - `"ssl_com"` - `cloudflare_branding?: boolean` Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true. - `dcv_delegation_records?: Array` DCV Delegation records for domain validation. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `primary_certificate?: string` Identifier of the primary certificate in a pack. - `validation_errors?: Array` Domain validation errors that have been received by the certificate authority (CA). - `message?: string` A domain validation error. - `validation_method?: "txt" | "http" | "email"` Validation Method selected for the order. - `"txt"` - `"http"` - `"email"` - `validation_records?: Array` Certificates' validation records. - `cname?: string` The CNAME record hostname for DCV delegation. - `cname_target?: string` The CNAME record target value for DCV delegation. - `emails?: Array` The set of email addresses that the certificate authority (CA) will use to complete domain validation. - `http_body?: string` The content that the certificate authority (CA) will expect to find at the http_url during the domain validation. - `http_url?: string` The url that will be checked during domain validation. - `status?: string` Status of the validation record. - `txt_name?: string` The hostname that the certificate authority (CA) will check for a TXT record during domain validation . - `txt_value?: string` The TXT record that the certificate authority (CA) will check during domain validation. - `validity_days?: 14 | 30 | 90 | 365` Validity Days selected for the order. - `14` - `30` - `90` - `365` ### Certificate Pack Delete Response - `CertificatePackDeleteResponse` - `id?: string` Identifier. # Quota ## Get Certificate Pack Quotas `client.ssl.certificatePacks.quota.get(QuotaGetParamsparams, RequestOptionsoptions?): QuotaGetResponse` **get** `/zones/{zone_id}/ssl/certificate_packs/quota` For a given zone, list certificate pack quotas. ### Parameters - `params: QuotaGetParams` - `zone_id: string` Identifier. ### Returns - `QuotaGetResponse` - `advanced?: Advanced` - `allocated?: number` Quantity Allocated. - `used?: number` Quantity Used. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const quota = await client.ssl.certificatePacks.quota.get({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(quota.advanced); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "advanced": { "allocated": 0, "used": 0 } } } ``` ## Domain Types ### Quota Get Response - `QuotaGetResponse` - `advanced?: Advanced` - `allocated?: number` Quantity Allocated. - `used?: number` Quantity Used. # Recommendations ## SSL/TLS Recommendation `client.ssl.recommendations.get(RecommendationGetParamsparams, RequestOptionsoptions?): RecommendationGetResponse` **get** `/zones/{zone_id}/ssl/recommendation` Retrieve the SSL/TLS Recommender's recommendation for a zone. ### Parameters - `params: RecommendationGetParams` - `zone_id: string` ### Returns - `RecommendationGetResponse` - `id: string` - `editable: boolean` Whether this setting can be updated or not. - `modified_on: string` Last time this setting was modified. - `value: "auto" | "custom"` Current setting of the automatic SSL/TLS. - `"auto"` - `"custom"` - `next_scheduled_scan?: string | null` Next time this zone will be scanned by the Automatic SSL/TLS. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const recommendation = await client.ssl.recommendations.get({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(recommendation.id); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "id": "ssl_automatic_mode", "editable": true, "modified_on": "2014-01-01T05:20:00.12345Z", "value": "auto", "next_scheduled_scan": "2014-01-01T05:20:00.12345Z" }, "success": true } ``` ## Domain Types ### Recommendation Get Response - `RecommendationGetResponse` - `id: string` - `editable: boolean` Whether this setting can be updated or not. - `modified_on: string` Last time this setting was modified. - `value: "auto" | "custom"` Current setting of the automatic SSL/TLS. - `"auto"` - `"custom"` - `next_scheduled_scan?: string | null` Next time this zone will be scanned by the Automatic SSL/TLS. # Automatic Upgrader # Universal # Settings ## Universal SSL Settings Details `client.ssl.universal.settings.get(SettingGetParamsparams, RequestOptionsoptions?): UniversalSSLSettings` **get** `/zones/{zone_id}/ssl/universal/settings` Get Universal SSL Settings for a Zone. ### Parameters - `params: SettingGetParams` - `zone_id: string` Identifier. ### Returns - `UniversalSSLSettings` - `enabled?: boolean` Disabling Universal SSL removes any currently active Universal SSL certificates for your zone from the edge and prevents any future Universal SSL certificates from being ordered. If there are no advanced certificates or custom certificates uploaded for the domain, visitors will be unable to access the domain over HTTPS. By disabling Universal SSL, you understand that the following Cloudflare settings and preferences will result in visitors being unable to visit your domain unless you have uploaded a custom certificate or purchased an advanced certificate. * HSTS * Always Use HTTPS * Opportunistic Encryption * Onion Routing * Any Page Rules redirecting traffic to HTTPS Similarly, any HTTP redirect to HTTPS at the origin while the Cloudflare proxy is enabled will result in users being unable to visit your site without a valid certificate at Cloudflare's edge. If you do not have a valid custom or advanced certificate at Cloudflare's edge and are unsure if any of the above Cloudflare settings are enabled, or if any HTTP redirects exist at your origin, we advise leaving Universal SSL enabled for your domain. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const universalSSLSettings = await client.ssl.universal.settings.get({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(universalSSLSettings.enabled); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "enabled": true } } ``` ## Edit Universal SSL Settings `client.ssl.universal.settings.edit(SettingEditParamsparams, RequestOptionsoptions?): UniversalSSLSettings` **patch** `/zones/{zone_id}/ssl/universal/settings` Patch Universal SSL Settings for a Zone. ### Parameters - `params: SettingEditParams` - `zone_id: string` Path param: Identifier. - `enabled?: boolean` Body param: Disabling Universal SSL removes any currently active Universal SSL certificates for your zone from the edge and prevents any future Universal SSL certificates from being ordered. If there are no advanced certificates or custom certificates uploaded for the domain, visitors will be unable to access the domain over HTTPS. By disabling Universal SSL, you understand that the following Cloudflare settings and preferences will result in visitors being unable to visit your domain unless you have uploaded a custom certificate or purchased an advanced certificate. * HSTS * Always Use HTTPS * Opportunistic Encryption * Onion Routing * Any Page Rules redirecting traffic to HTTPS Similarly, any HTTP redirect to HTTPS at the origin while the Cloudflare proxy is enabled will result in users being unable to visit your site without a valid certificate at Cloudflare's edge. If you do not have a valid custom or advanced certificate at Cloudflare's edge and are unsure if any of the above Cloudflare settings are enabled, or if any HTTP redirects exist at your origin, we advise leaving Universal SSL enabled for your domain. ### Returns - `UniversalSSLSettings` - `enabled?: boolean` Disabling Universal SSL removes any currently active Universal SSL certificates for your zone from the edge and prevents any future Universal SSL certificates from being ordered. If there are no advanced certificates or custom certificates uploaded for the domain, visitors will be unable to access the domain over HTTPS. By disabling Universal SSL, you understand that the following Cloudflare settings and preferences will result in visitors being unable to visit your domain unless you have uploaded a custom certificate or purchased an advanced certificate. * HSTS * Always Use HTTPS * Opportunistic Encryption * Onion Routing * Any Page Rules redirecting traffic to HTTPS Similarly, any HTTP redirect to HTTPS at the origin while the Cloudflare proxy is enabled will result in users being unable to visit your site without a valid certificate at Cloudflare's edge. If you do not have a valid custom or advanced certificate at Cloudflare's edge and are unsure if any of the above Cloudflare settings are enabled, or if any HTTP redirects exist at your origin, we advise leaving Universal SSL enabled for your domain. ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const universalSSLSettings = await client.ssl.universal.settings.edit({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(universalSSLSettings.enabled); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "enabled": true } } ``` ## Domain Types ### Universal SSL Settings - `UniversalSSLSettings` - `enabled?: boolean` Disabling Universal SSL removes any currently active Universal SSL certificates for your zone from the edge and prevents any future Universal SSL certificates from being ordered. If there are no advanced certificates or custom certificates uploaded for the domain, visitors will be unable to access the domain over HTTPS. By disabling Universal SSL, you understand that the following Cloudflare settings and preferences will result in visitors being unable to visit your domain unless you have uploaded a custom certificate or purchased an advanced certificate. * HSTS * Always Use HTTPS * Opportunistic Encryption * Onion Routing * Any Page Rules redirecting traffic to HTTPS Similarly, any HTTP redirect to HTTPS at the origin while the Cloudflare proxy is enabled will result in users being unable to visit your site without a valid certificate at Cloudflare's edge. If you do not have a valid custom or advanced certificate at Cloudflare's edge and are unsure if any of the above Cloudflare settings are enabled, or if any HTTP redirects exist at your origin, we advise leaving Universal SSL enabled for your domain. # Verification ## SSL Verification Details `client.ssl.verification.get(VerificationGetParamsparams, RequestOptionsoptions?): VerificationGetResponse` **get** `/zones/{zone_id}/ssl/verification` Get SSL Verification Info for a Zone. ### Parameters - `params: VerificationGetParams` - `zone_id: string` Path param: Identifier. - `retry?: true` Query param: Immediately retry SSL Verification. - `true` ### Returns - `VerificationGetResponse = Array` - `certificate_status: "initializing" | "authorizing" | "active" | 4 more` Current status of certificate. - `"initializing"` - `"authorizing"` - `"active"` - `"expired"` - `"issuing"` - `"timing_out"` - `"pending_deployment"` - `brand_check?: boolean` Certificate Authority is manually reviewing the order. - `cert_pack_uuid?: string` Certificate Pack UUID. - `signature?: "ECDSAWithSHA256" | "SHA1WithRSA" | "SHA256WithRSA"` Certificate's signature algorithm. - `"ECDSAWithSHA256"` - `"SHA1WithRSA"` - `"SHA256WithRSA"` - `validation_method?: ValidationMethod` Validation method in use for a certificate pack order. - `"http"` - `"cname"` - `"txt"` - `verification_info?: VerificationInfo` Certificate's required verification information. - `record_name?: "record_name" | "http_url" | "cname" | "txt_name"` Name of CNAME record. - `"record_name"` - `"http_url"` - `"cname"` - `"txt_name"` - `record_target?: "record_value" | "http_body" | "cname_target" | "txt_value"` Target of CNAME record. - `"record_value"` - `"http_body"` - `"cname_target"` - `"txt_value"` - `verification_status?: boolean` Status of the required verification information, omitted if verification status is unknown. - `verification_type?: "cname" | "meta tag"` Method of verification. - `"cname"` - `"meta tag"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const verifications = await client.ssl.verification.get({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(verifications); ``` #### Response ```json { "result": [ { "certificate_status": "active", "brand_check": false, "cert_pack_uuid": "a77f8bd7-3b47-46b4-a6f1-75cf98109948", "signature": "ECDSAWithSHA256", "validation_method": "txt", "verification_info": { "record_name": "record_name", "record_target": "record_value" }, "verification_status": true, "verification_type": "cname" } ] } ``` ## Edit SSL Certificate Pack Validation Method `client.ssl.verification.edit(stringcertificatePackId, VerificationEditParamsparams, RequestOptionsoptions?): VerificationEditResponse` **patch** `/zones/{zone_id}/ssl/verification/{certificate_pack_id}` Edit SSL validation method for a certificate pack. A PATCH request will request an immediate validation check on any certificate, and return the updated status. If a validation method is provided, the validation will be immediately attempted using that method. ### Parameters - `certificatePackId: string` Certificate Pack UUID. - `params: VerificationEditParams` - `zone_id: string` Path param: Identifier. - `validation_method: "http" | "cname" | "txt" | "email"` Body param: Desired validation method. - `"http"` - `"cname"` - `"txt"` - `"email"` ### Returns - `VerificationEditResponse` - `status?: string` Result status. - `validation_method?: "http" | "cname" | "txt" | "email"` Desired validation method. - `"http"` - `"cname"` - `"txt"` - `"email"` ### Example ```node import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const response = await client.ssl.verification.edit('a77f8bd7-3b47-46b4-a6f1-75cf98109948', { zone_id: '023e105f4ecef8ad9ca31a8372d0c353', validation_method: 'txt', }); console.log(response.validation_method); ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": { "status": "pending_validation", "validation_method": "txt" } } ``` ## Domain Types ### Verification - `Verification` - `certificate_status: "initializing" | "authorizing" | "active" | 4 more` Current status of certificate. - `"initializing"` - `"authorizing"` - `"active"` - `"expired"` - `"issuing"` - `"timing_out"` - `"pending_deployment"` - `brand_check?: boolean` Certificate Authority is manually reviewing the order. - `cert_pack_uuid?: string` Certificate Pack UUID. - `signature?: "ECDSAWithSHA256" | "SHA1WithRSA" | "SHA256WithRSA"` Certificate's signature algorithm. - `"ECDSAWithSHA256"` - `"SHA1WithRSA"` - `"SHA256WithRSA"` - `validation_method?: ValidationMethod` Validation method in use for a certificate pack order. - `"http"` - `"cname"` - `"txt"` - `verification_info?: VerificationInfo` Certificate's required verification information. - `record_name?: "record_name" | "http_url" | "cname" | "txt_name"` Name of CNAME record. - `"record_name"` - `"http_url"` - `"cname"` - `"txt_name"` - `record_target?: "record_value" | "http_body" | "cname_target" | "txt_value"` Target of CNAME record. - `"record_value"` - `"http_body"` - `"cname_target"` - `"txt_value"` - `verification_status?: boolean` Status of the required verification information, omitted if verification status is unknown. - `verification_type?: "cname" | "meta tag"` Method of verification. - `"cname"` - `"meta tag"` ### Verification Get Response - `VerificationGetResponse = Array` - `certificate_status: "initializing" | "authorizing" | "active" | 4 more` Current status of certificate. - `"initializing"` - `"authorizing"` - `"active"` - `"expired"` - `"issuing"` - `"timing_out"` - `"pending_deployment"` - `brand_check?: boolean` Certificate Authority is manually reviewing the order. - `cert_pack_uuid?: string` Certificate Pack UUID. - `signature?: "ECDSAWithSHA256" | "SHA1WithRSA" | "SHA256WithRSA"` Certificate's signature algorithm. - `"ECDSAWithSHA256"` - `"SHA1WithRSA"` - `"SHA256WithRSA"` - `validation_method?: ValidationMethod` Validation method in use for a certificate pack order. - `"http"` - `"cname"` - `"txt"` - `verification_info?: VerificationInfo` Certificate's required verification information. - `record_name?: "record_name" | "http_url" | "cname" | "txt_name"` Name of CNAME record. - `"record_name"` - `"http_url"` - `"cname"` - `"txt_name"` - `record_target?: "record_value" | "http_body" | "cname_target" | "txt_value"` Target of CNAME record. - `"record_value"` - `"http_body"` - `"cname_target"` - `"txt_value"` - `verification_status?: boolean` Status of the required verification information, omitted if verification status is unknown. - `verification_type?: "cname" | "meta tag"` Method of verification. - `"cname"` - `"meta tag"` ### Verification Edit Response - `VerificationEditResponse` - `status?: string` Result status. - `validation_method?: "http" | "cname" | "txt" | "email"` Desired validation method. - `"http"` - `"cname"` - `"txt"` - `"email"`