Enable
To enable Total TLS - which issues individual certificates for your proxied hostnames - follow these instructions:
To enable Total TLS in the dashboard:
- Log into the Cloudflare dashboard ↗.
- Choose your account and domain.
- Go to SSL/TLS > Edge Certificates.
- For Total TLS, switch the toggle to On and - if desired - choose an issuing Certificate Authority.
To enable Total TLS with the API, send a PATCH request with the enabled parameter set to your desired setting (true or false).
You can also specify a desired certificate authority by adding a value to the certificate_authority parameter.
-
Total TLS certificates follow the Common Name (CN) restriction of 64 characters (RFC 5280 ↗). If you have a hostname that exceeds this length, you can create an Advanced Certificate via API to cover it.
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Products
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark