Create a client certificate

To create a client certificate in the Cloudflare dashboard:

Log into the Cloudflare dashboard and select your account and application.
Navigate to SSL > Client Certificates.
Click Create Certificate.
Important
You can only use API Shield with a certificate authority (CA) that is fully managed by Cloudflare. Cloudflare generates a unique CA for each zone.
If you need to use certificates issued by another CA, use Cloudflare Access to upload your own CA.
For Private key type, select a value.
For Certificate Validity, select a value. The default value is 10 years.
Click Create.
To copy the certificate or private key to your clipboard, use the click to copy link.
To close the dialog, click OK.

You can now embed the client certificate in your mobile app or IoT device. For an example, refer to Configure your mobile app or Internet-of-things device.