Skip to content
Cloudflare API
Start here
API Reference
SSL

Certificate Packs

List Certificate Packs
ssl.certificate_packs.list(CertificatePackListParams**kwargs) -> SyncV4PagePaginationArray[CertificatePackListResponse]
GET/zones/{zone_id}/ssl/certificate_packs
Get Certificate Pack
ssl.certificate_packs.get(strcertificate_pack_id, CertificatePackGetParams**kwargs) -> CertificatePackGetResponse
GET/zones/{zone_id}/ssl/certificate_packs/{certificate_pack_id}
Order Advanced Certificate Manager Certificate Pack
ssl.certificate_packs.create(CertificatePackCreateParams**kwargs) -> CertificatePackCreateResponse
POST/zones/{zone_id}/ssl/certificate_packs/order
Restart Validation or Update Advanced Certificate Manager Certificate Pack
ssl.certificate_packs.edit(strcertificate_pack_id, CertificatePackEditParams**kwargs) -> CertificatePackEditResponse
PATCH/zones/{zone_id}/ssl/certificate_packs/{certificate_pack_id}
Delete Advanced Certificate Manager Certificate Pack
ssl.certificate_packs.delete(strcertificate_pack_id, CertificatePackDeleteParams**kwargs) -> CertificatePackDeleteResponse
DELETE/zones/{zone_id}/ssl/certificate_packs/{certificate_pack_id}
ModelsExpand Collapse
str
Literal[7, 30, 90, 4 more]

The number of days for which the certificate should be valid.

One of the following:
7
30
90
365
730
1095
5475
Literal["initializing", "pending_validation", "deleted", 18 more]

Status of certificate pack.

One of the following:
"initializing"
"pending_validation"
"deleted"
"pending_issuance"
"pending_deployment"
"pending_deletion"
"pending_expiration"
"expired"
"active"
"initializing_timed_out"
"validation_timed_out"
"issuance_timed_out"
"deployment_timed_out"
"deletion_timed_out"
"pending_cleanup"
"staging_deployment"
"staging_active"
"deactivating"
"inactive"
"backup_issued"
"holding_deployment"
Literal["http", "cname", "txt"]

Validation method in use for a certificate pack order.

One of the following:
"http"
"cname"
"txt"
class CertificatePackListResponse:

A certificate pack with all its properties.

id: str

Identifier.

maxLength32
certificates: List[Certificate]

Array of certificates in this pack.

id: str

Certificate identifier.

hosts: List[str]

Hostnames covered by this certificate.

status: str

Certificate status.

bundle_method: Optional[str]

Certificate bundle method.

expires_on: Optional[datetime]

When the certificate from the authority expires.

formatdate-time
geo_restrictions: Optional[CertificateGeoRestrictions]

Specify the region where your private key can be held locally.

label: Optional[Literal["us", "eu", "highest_security"]]
One of the following:
"us"
"eu"
"highest_security"
issuer: Optional[str]

The certificate authority that issued the certificate.

modified_on: Optional[datetime]

When the certificate was last modified.

formatdate-time
priority: Optional[float]

The order/priority in which the certificate will be used.

signature: Optional[str]

The type of hash used for the certificate.

uploaded_on: Optional[datetime]

When the certificate was uploaded to Cloudflare.

formatdate-time
zone_id: Optional[str]

Identifier.

maxLength32
hosts: List[Host]

Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty.

status: Status

Status of certificate pack.

type: Literal["mh_custom", "managed_hostname", "sni_custom", 5 more]

Type of certificate pack.

One of the following:
"mh_custom"
"managed_hostname"
"sni_custom"
"universal"
"advanced"
"total_tls"
"keyless"
"legacy_custom"
certificate_authority: Optional[Literal["google", "lets_encrypt", "ssl_com"]]

Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions see this page for more details.

One of the following:
"google"
"lets_encrypt"
"ssl_com"
cloudflare_branding: Optional[bool]

Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true.

dcv_delegation_records: Optional[List[DCVDelegationRecord]]

DCV Delegation records for domain validation.

cname: Optional[str]

The CNAME record hostname for DCV delegation.

cname_target: Optional[str]

The CNAME record target value for DCV delegation.

emails: Optional[List[str]]

The set of email addresses that the certificate authority (CA) will use to complete domain validation.

http_body: Optional[str]

The content that the certificate authority (CA) will expect to find at the http_url during the domain validation.

http_url: Optional[str]

The url that will be checked during domain validation.

status: Optional[str]

Status of the validation record.

txt_name: Optional[str]

The hostname that the certificate authority (CA) will check for a TXT record during domain validation .

txt_value: Optional[str]

The TXT record that the certificate authority (CA) will check during domain validation.

primary_certificate: Optional[str]

Identifier of the primary certificate in a pack.

validation_errors: Optional[List[ValidationError]]

Domain validation errors that have been received by the certificate authority (CA).

message: Optional[str]

A domain validation error.

validation_method: Optional[Literal["txt", "http", "email"]]

Validation Method selected for the order.

One of the following:
"txt"
"http"
"email"
validation_records: Optional[List[ValidationRecord]]

Certificates' validation records.

cname: Optional[str]

The CNAME record hostname for DCV delegation.

cname_target: Optional[str]

The CNAME record target value for DCV delegation.

emails: Optional[List[str]]

The set of email addresses that the certificate authority (CA) will use to complete domain validation.

http_body: Optional[str]

The content that the certificate authority (CA) will expect to find at the http_url during the domain validation.

http_url: Optional[str]

The url that will be checked during domain validation.

status: Optional[str]

Status of the validation record.

txt_name: Optional[str]

The hostname that the certificate authority (CA) will check for a TXT record during domain validation .

txt_value: Optional[str]

The TXT record that the certificate authority (CA) will check during domain validation.

validity_days: Optional[Literal[14, 30, 90, 365]]

Validity Days selected for the order.

One of the following:
14
30
90
365
class CertificatePackGetResponse:

A certificate pack with all its properties.

id: str

Identifier.

maxLength32
certificates: List[Certificate]

Array of certificates in this pack.

id: str

Certificate identifier.

hosts: List[str]

Hostnames covered by this certificate.

status: str

Certificate status.

bundle_method: Optional[str]

Certificate bundle method.

expires_on: Optional[datetime]

When the certificate from the authority expires.

formatdate-time
geo_restrictions: Optional[CertificateGeoRestrictions]

Specify the region where your private key can be held locally.

label: Optional[Literal["us", "eu", "highest_security"]]
One of the following:
"us"
"eu"
"highest_security"
issuer: Optional[str]

The certificate authority that issued the certificate.

modified_on: Optional[datetime]

When the certificate was last modified.

formatdate-time
priority: Optional[float]

The order/priority in which the certificate will be used.

signature: Optional[str]

The type of hash used for the certificate.

uploaded_on: Optional[datetime]

When the certificate was uploaded to Cloudflare.

formatdate-time
zone_id: Optional[str]

Identifier.

maxLength32
hosts: List[Host]

Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty.

status: Status

Status of certificate pack.

type: Literal["mh_custom", "managed_hostname", "sni_custom", 5 more]

Type of certificate pack.

One of the following:
"mh_custom"
"managed_hostname"
"sni_custom"
"universal"
"advanced"
"total_tls"
"keyless"
"legacy_custom"
certificate_authority: Optional[Literal["google", "lets_encrypt", "ssl_com"]]

Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions see this page for more details.

One of the following:
"google"
"lets_encrypt"
"ssl_com"
cloudflare_branding: Optional[bool]

Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true.

dcv_delegation_records: Optional[List[DCVDelegationRecord]]

DCV Delegation records for domain validation.

cname: Optional[str]

The CNAME record hostname for DCV delegation.

cname_target: Optional[str]

The CNAME record target value for DCV delegation.

emails: Optional[List[str]]

The set of email addresses that the certificate authority (CA) will use to complete domain validation.

http_body: Optional[str]

The content that the certificate authority (CA) will expect to find at the http_url during the domain validation.

http_url: Optional[str]

The url that will be checked during domain validation.

status: Optional[str]

Status of the validation record.

txt_name: Optional[str]

The hostname that the certificate authority (CA) will check for a TXT record during domain validation .

txt_value: Optional[str]

The TXT record that the certificate authority (CA) will check during domain validation.

primary_certificate: Optional[str]

Identifier of the primary certificate in a pack.

validation_errors: Optional[List[ValidationError]]

Domain validation errors that have been received by the certificate authority (CA).

message: Optional[str]

A domain validation error.

validation_method: Optional[Literal["txt", "http", "email"]]

Validation Method selected for the order.

One of the following:
"txt"
"http"
"email"
validation_records: Optional[List[ValidationRecord]]

Certificates' validation records.

cname: Optional[str]

The CNAME record hostname for DCV delegation.

cname_target: Optional[str]

The CNAME record target value for DCV delegation.

emails: Optional[List[str]]

The set of email addresses that the certificate authority (CA) will use to complete domain validation.

http_body: Optional[str]

The content that the certificate authority (CA) will expect to find at the http_url during the domain validation.

http_url: Optional[str]

The url that will be checked during domain validation.

status: Optional[str]

Status of the validation record.

txt_name: Optional[str]

The hostname that the certificate authority (CA) will check for a TXT record during domain validation .

txt_value: Optional[str]

The TXT record that the certificate authority (CA) will check during domain validation.

validity_days: Optional[Literal[14, 30, 90, 365]]

Validity Days selected for the order.

One of the following:
14
30
90
365
class CertificatePackCreateResponse:

A certificate pack with all its properties.

id: str

Identifier.

maxLength32
certificates: List[Certificate]

Array of certificates in this pack.

id: str

Certificate identifier.

hosts: List[str]

Hostnames covered by this certificate.

status: str

Certificate status.

bundle_method: Optional[str]

Certificate bundle method.

expires_on: Optional[datetime]

When the certificate from the authority expires.

formatdate-time
geo_restrictions: Optional[CertificateGeoRestrictions]

Specify the region where your private key can be held locally.

label: Optional[Literal["us", "eu", "highest_security"]]
One of the following:
"us"
"eu"
"highest_security"
issuer: Optional[str]

The certificate authority that issued the certificate.

modified_on: Optional[datetime]

When the certificate was last modified.

formatdate-time
priority: Optional[float]

The order/priority in which the certificate will be used.

signature: Optional[str]

The type of hash used for the certificate.

uploaded_on: Optional[datetime]

When the certificate was uploaded to Cloudflare.

formatdate-time
zone_id: Optional[str]

Identifier.

maxLength32
hosts: List[Host]

Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty.

status: Status

Status of certificate pack.

type: Literal["mh_custom", "managed_hostname", "sni_custom", 5 more]

Type of certificate pack.

One of the following:
"mh_custom"
"managed_hostname"
"sni_custom"
"universal"
"advanced"
"total_tls"
"keyless"
"legacy_custom"
certificate_authority: Optional[Literal["google", "lets_encrypt", "ssl_com"]]

Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions see this page for more details.

One of the following:
"google"
"lets_encrypt"
"ssl_com"
cloudflare_branding: Optional[bool]

Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true.

dcv_delegation_records: Optional[List[DCVDelegationRecord]]

DCV Delegation records for domain validation.

cname: Optional[str]

The CNAME record hostname for DCV delegation.

cname_target: Optional[str]

The CNAME record target value for DCV delegation.

emails: Optional[List[str]]

The set of email addresses that the certificate authority (CA) will use to complete domain validation.

http_body: Optional[str]

The content that the certificate authority (CA) will expect to find at the http_url during the domain validation.

http_url: Optional[str]

The url that will be checked during domain validation.

status: Optional[str]

Status of the validation record.

txt_name: Optional[str]

The hostname that the certificate authority (CA) will check for a TXT record during domain validation .

txt_value: Optional[str]

The TXT record that the certificate authority (CA) will check during domain validation.

primary_certificate: Optional[str]

Identifier of the primary certificate in a pack.

validation_errors: Optional[List[ValidationError]]

Domain validation errors that have been received by the certificate authority (CA).

message: Optional[str]

A domain validation error.

validation_method: Optional[Literal["txt", "http", "email"]]

Validation Method selected for the order.

One of the following:
"txt"
"http"
"email"
validation_records: Optional[List[ValidationRecord]]

Certificates' validation records.

cname: Optional[str]

The CNAME record hostname for DCV delegation.

cname_target: Optional[str]

The CNAME record target value for DCV delegation.

emails: Optional[List[str]]

The set of email addresses that the certificate authority (CA) will use to complete domain validation.

http_body: Optional[str]

The content that the certificate authority (CA) will expect to find at the http_url during the domain validation.

http_url: Optional[str]

The url that will be checked during domain validation.

status: Optional[str]

Status of the validation record.

txt_name: Optional[str]

The hostname that the certificate authority (CA) will check for a TXT record during domain validation .

txt_value: Optional[str]

The TXT record that the certificate authority (CA) will check during domain validation.

validity_days: Optional[Literal[14, 30, 90, 365]]

Validity Days selected for the order.

One of the following:
14
30
90
365
class CertificatePackEditResponse:

A certificate pack with all its properties.

id: str

Identifier.

maxLength32
certificates: List[Certificate]

Array of certificates in this pack.

id: str

Certificate identifier.

hosts: List[str]

Hostnames covered by this certificate.

status: str

Certificate status.

bundle_method: Optional[str]

Certificate bundle method.

expires_on: Optional[datetime]

When the certificate from the authority expires.

formatdate-time
geo_restrictions: Optional[CertificateGeoRestrictions]

Specify the region where your private key can be held locally.

label: Optional[Literal["us", "eu", "highest_security"]]
One of the following:
"us"
"eu"
"highest_security"
issuer: Optional[str]

The certificate authority that issued the certificate.

modified_on: Optional[datetime]

When the certificate was last modified.

formatdate-time
priority: Optional[float]

The order/priority in which the certificate will be used.

signature: Optional[str]

The type of hash used for the certificate.

uploaded_on: Optional[datetime]

When the certificate was uploaded to Cloudflare.

formatdate-time
zone_id: Optional[str]

Identifier.

maxLength32
hosts: List[Host]

Comma separated list of valid host names for the certificate packs. Must contain the zone apex, may not contain more than 50 hosts, and may not be empty.

status: Status

Status of certificate pack.

type: Literal["mh_custom", "managed_hostname", "sni_custom", 5 more]

Type of certificate pack.

One of the following:
"mh_custom"
"managed_hostname"
"sni_custom"
"universal"
"advanced"
"total_tls"
"keyless"
"legacy_custom"
certificate_authority: Optional[Literal["google", "lets_encrypt", "ssl_com"]]

Certificate Authority selected for the order. For information on any certificate authority specific details or restrictions see this page for more details.

One of the following:
"google"
"lets_encrypt"
"ssl_com"
cloudflare_branding: Optional[bool]

Whether or not to add Cloudflare Branding for the order. This will add a subdomain of sni.cloudflaressl.com as the Common Name if set to true.

dcv_delegation_records: Optional[List[DCVDelegationRecord]]

DCV Delegation records for domain validation.

cname: Optional[str]

The CNAME record hostname for DCV delegation.

cname_target: Optional[str]

The CNAME record target value for DCV delegation.

emails: Optional[List[str]]

The set of email addresses that the certificate authority (CA) will use to complete domain validation.

http_body: Optional[str]

The content that the certificate authority (CA) will expect to find at the http_url during the domain validation.

http_url: Optional[str]

The url that will be checked during domain validation.

status: Optional[str]

Status of the validation record.

txt_name: Optional[str]

The hostname that the certificate authority (CA) will check for a TXT record during domain validation .

txt_value: Optional[str]

The TXT record that the certificate authority (CA) will check during domain validation.

primary_certificate: Optional[str]

Identifier of the primary certificate in a pack.

validation_errors: Optional[List[ValidationError]]

Domain validation errors that have been received by the certificate authority (CA).

message: Optional[str]

A domain validation error.

validation_method: Optional[Literal["txt", "http", "email"]]

Validation Method selected for the order.

One of the following:
"txt"
"http"
"email"
validation_records: Optional[List[ValidationRecord]]

Certificates' validation records.

cname: Optional[str]

The CNAME record hostname for DCV delegation.

cname_target: Optional[str]

The CNAME record target value for DCV delegation.

emails: Optional[List[str]]

The set of email addresses that the certificate authority (CA) will use to complete domain validation.

http_body: Optional[str]

The content that the certificate authority (CA) will expect to find at the http_url during the domain validation.

http_url: Optional[str]

The url that will be checked during domain validation.

status: Optional[str]

Status of the validation record.

txt_name: Optional[str]

The hostname that the certificate authority (CA) will check for a TXT record during domain validation .

txt_value: Optional[str]

The TXT record that the certificate authority (CA) will check during domain validation.

validity_days: Optional[Literal[14, 30, 90, 365]]

Validity Days selected for the order.

One of the following:
14
30
90
365
class CertificatePackDeleteResponse:
id: Optional[str]

Identifier.

maxLength32

Certificate PacksQuota

Get Certificate Pack Quotas
ssl.certificate_packs.quota.get(QuotaGetParams**kwargs) -> QuotaGetResponse
GET/zones/{zone_id}/ssl/certificate_packs/quota
ModelsExpand Collapse
class QuotaGetResponse:
advanced: Optional[Advanced]
allocated: Optional[int]

Quantity Allocated.

used: Optional[int]

Quantity Used.