Skip to content
Cloudflare API
Start here
API Reference
Keyless Certificates

Get Keyless SSL Configuration

keyless_certificates.get(strkeyless_certificate_id, KeylessCertificateGetParams**kwargs) -> KeylessCertificate
GET/zones/{zone_id}/keyless_certificates/{keyless_certificate_id}

Get details for one Keyless SSL configuration.

Security
API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY
API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194
Accepted Permissions (at least one required)
Trust and Safety WriteTrust and Safety ReadZero Trust: PII ReadZaraz EditZaraz ReadZaraz AdminAccess: Apps and Policies RevokeAccess: Apps and Policies WriteAccess: Apps and Policies ReadAccess: Apps and Policies RevokeAccess: Mutual TLS Certificates WriteAccess: Organizations, Identity Providers, and Groups WriteZone Settings WriteZone Settings ReadZone ReadDNS ReadWorkers Scripts WriteWorkers Scripts ReadZone WriteWorkers Routes WriteWorkers Routes ReadStream WriteStream ReadSSL and Certificates WriteSSL and Certificates ReadLogs WriteLogs ReadCache PurgePage Rules WritePage Rules ReadLoad Balancers WriteLoad Balancers ReadFirewall Services WriteFirewall Services ReadDNS WriteApps WriteAnalytics ReadAccess: Apps and Policies WriteAccess: Apps and Policies Read
ParametersExpand Collapse
zone_id: str

Identifier.

maxLength32
keyless_certificate_id: str

Identifier.

maxLength32
ReturnsExpand Collapse
class KeylessCertificate:
id: str

Keyless certificate identifier tag.

maxLength32
created_on: datetime

When the Keyless SSL was created.

formatdate-time
enabled: bool

Whether or not the Keyless SSL is on or off.

host: str

The keyless SSL name.

formathostname
maxLength253
modified_on: datetime

When the Keyless SSL was last modified.

formatdate-time
name: str

The keyless SSL name.

maxLength180
permissions: List[str]

Available permissions for the Keyless SSL for the current user requesting the item.

port: float

The keyless SSL port used to communicate between Cloudflare and the client's Keyless SSL server.

maxLength65535
status: Literal["active", "deleted"]

Status of the Keyless SSL.

One of the following:
"active"
"deleted"
tunnel: Optional[Tunnel]

Configuration for using Keyless SSL through a Cloudflare Tunnel

private_ip: str

Private IP of the Key Server Host

vnet_id: str

Cloudflare Tunnel Virtual Network ID

Get Keyless SSL Configuration

import os
from cloudflare import Cloudflare

client = Cloudflare(
    api_token=os.environ.get("CLOUDFLARE_API_TOKEN"),  # This is the default and can be omitted
)
keyless_certificate = client.keyless_certificates.get(
    keyless_certificate_id="023e105f4ecef8ad9ca31a8372d0c353",
    zone_id="023e105f4ecef8ad9ca31a8372d0c353",
)
print(keyless_certificate.id)
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "4d2844d2ce78891c34d0b6c0535a291e",
    "created_on": "2014-01-01T05:20:00Z",
    "enabled": false,
    "host": "example.com",
    "modified_on": "2014-01-01T05:20:00Z",
    "name": "example.com Keyless SSL",
    "permissions": [
      "#ssl:read",
      "#ssl:edit"
    ],
    "port": 24008,
    "status": "active",
    "tunnel": {
      "private_ip": "10.0.0.1",
      "vnet_id": "7365377a-85a4-4390-9480-531ef7dc7a3c"
    }
  }
}
Returns Examples
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "id": "4d2844d2ce78891c34d0b6c0535a291e",
    "created_on": "2014-01-01T05:20:00Z",
    "enabled": false,
    "host": "example.com",
    "modified_on": "2014-01-01T05:20:00Z",
    "name": "example.com Keyless SSL",
    "permissions": [
      "#ssl:read",
      "#ssl:edit"
    ],
    "port": 24008,
    "status": "active",
    "tunnel": {
      "private_ip": "10.0.0.1",
      "vnet_id": "7365377a-85a4-4390-9480-531ef7dc7a3c"
    }
  }
}