hostname_certificates
Creates, updates, deletes, gets or lists a hostname_certificates resource.
Overview
| Name | hostname_certificates |
| Type | Resource |
| Id | cloudflare.origin_tls_client_auth.hostname_certificates |
Fields
The following fields are returned by SELECT queries:
- get
- list
Get the Hostname Client Certificate response
| Name | Datatype | Description |
|---|---|---|
id | string | Identifier. (example: 023e105f4ecef8ad9ca31a8372d0c353) |
certificate | string | The hostname certificate. (example: -----BEGIN CERTIFICATE----- MIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1 CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB KwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5 0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI dZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2 izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4 9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI GKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2 2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP Mlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG SvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq 2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw YbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY= -----END CERTIFICATE----- ) |
expires_on | string (date-time) | The date when the certificate expires. (example: 2100-01-01T05:20:00Z) |
issuer | string | The certificate authority that issued the certificate. (example: GlobalSign) |
serial_number | string | The serial number on the uploaded certificate. (example: 6743787633689793699141714808227354901) |
signature | string | The type of hash used for the certificate. (example: SHA256WithRSA) |
status | string | Status of the certificate or the association. (initializing, pending_deployment, pending_deletion, active, deleted, deployment_timed_out, deletion_timed_out) (example: active) |
uploaded_on | string (date-time) | The time when the certificate was uploaded. (example: 2019-10-28T18:11:23.37411Z) |
List Certificates response
| Name | Datatype | Description |
|---|---|---|
id | string | Identifier. (example: 023e105f4ecef8ad9ca31a8372d0c353) |
certificate | string | The hostname certificate. (example: -----BEGIN CERTIFICATE----- MIIDtTCCAp2gAwIBAgIJAMHAwfXZ5/PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1 CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB KwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5 0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI dZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2 izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4 9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI GKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2 2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP Mlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG SvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq 2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw YbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY= -----END CERTIFICATE----- ) |
expires_on | string (date-time) | The date when the certificate expires. (example: 2100-01-01T05:20:00Z) |
issuer | string | The certificate authority that issued the certificate. (example: GlobalSign) |
serial_number | string | The serial number on the uploaded certificate. (example: 6743787633689793699141714808227354901) |
signature | string | The type of hash used for the certificate. (example: SHA256WithRSA) |
status | string | Status of the certificate or the association. (initializing, pending_deployment, pending_deletion, active, deleted, deployment_timed_out, deletion_timed_out) (example: active) |
uploaded_on | string (date-time) | The time when the certificate was uploaded. (example: 2019-10-28T18:11:23.37411Z) |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | certificate_id, zone_id | Get the certificate by ID to be used for client authentication on a hostname. | |
list | select | zone_id | Lists all client certificates configured for per-hostname authenticated origin pulls on the zone. | |
create | insert | zone_id, certificate, private_key | Upload a certificate to be used for client authentication on a hostname. 10 hostname certificates per zone are allowed. | |
delete | delete | certificate_id, zone_id | Removes a client certificate used for authenticated origin pulls on a specific hostname. Note: Before deleting the certificate, you must first invalidate the hostname for client authentication by sending a PUT request with enabled set to null. After invalidating the association, the certificate can be safely deleted. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
certificate_id | string | The certificate ID. |
zone_id | string | The Cloudflare zone ID. |
SELECT examples
- get
- list
Get the certificate by ID to be used for client authentication on a hostname.
SELECT
id,
certificate,
expires_on,
issuer,
serial_number,
signature,
status,
uploaded_on
FROM cloudflare.origin_tls_client_auth.hostname_certificates
WHERE certificate_id = '{{ certificate_id }}' -- required
AND zone_id = '{{ zone_id }}' -- required
;
Lists all client certificates configured for per-hostname authenticated origin pulls on the zone.
SELECT
id,
certificate,
expires_on,
issuer,
serial_number,
signature,
status,
uploaded_on
FROM cloudflare.origin_tls_client_auth.hostname_certificates
WHERE zone_id = '{{ zone_id }}' -- required
;
INSERT examples
- create
- Manifest
Upload a certificate to be used for client authentication on a hostname. 10 hostname certificates per zone are allowed.
INSERT INTO cloudflare.origin_tls_client_auth.hostname_certificates (
certificate,
private_key,
zone_id
)
SELECT
'{{ certificate }}' /* required */,
'{{ private_key }}' /* required */,
'{{ zone_id }}'
RETURNING
errors,
messages,
result,
success
;
# Description fields are for documentation purposes
- name: hostname_certificates
props:
- name: zone_id
value: "{{ zone_id }}"
description: Required parameter for the hostname_certificates resource.
- name: certificate
value: "{{ certificate }}"
description: |
The hostname certificate.
- name: private_key
value: "{{ private_key }}"
description: |
The hostname certificate's private key.
DELETE examples
- delete
Removes a client certificate used for authenticated origin pulls on a specific hostname. Note: Before deleting the certificate, you must first invalidate the hostname for client authentication by sending a PUT request with enabled set to null. After invalidating the association, the certificate can be safely deleted.
DELETE FROM cloudflare.origin_tls_client_auth.hostname_certificates
WHERE certificate_id = '{{ certificate_id }}' --required
AND zone_id = '{{ zone_id }}' --required
;