Skip to content
Cloudflare API
Start here
API Reference

Origin CA Certificates

List Certificates
origin_ca_certificates.list(OriginCACertificateListParams**kwargs) -> SyncV4PagePaginationArray[OriginCACertificate]
GET/certificates
Get Certificate
origin_ca_certificates.get(strcertificate_id) -> OriginCACertificate
GET/certificates/{certificate_id}
Create Certificate
origin_ca_certificates.create(OriginCACertificateCreateParams**kwargs) -> OriginCACertificate
POST/certificates
Revoke Certificate
origin_ca_certificates.delete(strcertificate_id) -> OriginCACertificateDeleteResponse
DELETE/certificates/{certificate_id}
ModelsExpand Collapse
class OriginCACertificate:
csr: str

The Certificate Signing Request (CSR). Must be newline-encoded.

hostnames: List[str]

Array of hostnames or wildcard names bound to the certificate. Hostnames must be fully qualified domain names (FQDNs) belonging to zones on your account (e.g., example.com or sub.example.com). Wildcards are supported only as a *. prefix for a single level (e.g., *.example.com). Double wildcards (*.*.example.com) and interior wildcards (foo.*.example.com) are not allowed. The wildcard suffix must be a multi-label domain (*.example.com is valid, but *.com is not). Unicode/IDN hostnames are accepted and automatically converted to punycode.

request_type: CertificateRequestType

Signature type desired on certificate ("origin-rsa" (rsa), "origin-ecc" (ecdsa), or "keyless-certificate" (for Keyless SSL servers).

requested_validity: RequestValidity

The number of days for which the certificate should be valid.

id: Optional[str]

Identifier.

maxLength32
certificate: Optional[str]

The Origin CA certificate. Will be newline-encoded.

expires_on: Optional[str]

When the certificate will expire.

class OriginCACertificateDeleteResponse:
id: Optional[str]

Identifier.

maxLength32
revoked_at: Optional[datetime]

When the certificate was revoked.

formatdate-time