Add a new custom hostname and request that an SSL certificate be issued for it. One of three validation methods—http, txt, email—should be used, with 'http' recommended if the CNAME is already in place (or will be soon). Specifying 'email' will send an email to the WHOIS contacts on file for the base domain plus hostmaster, postmaster, webmaster, admin, administrator. If http is used and the domain is not already pointing to the Managed CNAME host, the PATCH method must be used once it is (to complete validation).
/zones/{zone_identifier}/custom_hostnames
post
Custom Hostname for a Zone
custom-hostname-for-a-zone-create-custom-hostname
{
"business": true,
"enterprise": true,
"free": true,
"pro": true
}{
"enum": [
"#ssl:edit"
]
}[
{
"in": "path",
"name": "zone_identifier",
"required": true,
"schema": {
"description": "Identifier",
"example": "023e105f4ecef8ad9ca31a8372d0c353",
"maxLength": 32,
"readOnly": true,
"type": "string"
}
}
]{
"content": {
"application/json": {
"schema": {
"properties": {
"custom_metadata": {
"anyOf": [
{
"properties": {
"key": {
"description": "Unique metadata for this hostname.",
"example": "value",
"type": "string"
}
},
"type": "object"
}
],
"description": "These are per-hostname (customer) settings.",
"type": "object"
},
"hostname": {
"description": "The custom hostname that will point to your hostname via CNAME.",
"example": "app.example.com",
"maxLength": 255,
"type": "string"
},
"ssl": {
"description": "SSL properties used when creating the custom hostname.",
"oneOf": [
{
"properties": {
"bundle_method": {
"default": "ubiquitous",
"description": "A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it.",
"enum": [
"ubiquitous",
"optimal",
"force"
],
"example": "ubiquitous",
"type": "string"
},
"certificate_authority": {
"description": "The Certificate Authority that will issue the certificate",
"enum": [
"digicert",
"google",
"lets_encrypt"
],
"example": "google",
"type": "string"
},
"custom_certificate": {
"description": "If a custom uploaded certificate is used.",
"example": "-----BEGIN CERTIFICATE-----\\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\\n-----END CERTIFICATE-----\\n",
"type": "string"
},
"custom_key": {
"description": "The key for a custom uploaded certificate.",
"example": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n",
"type": "string"
},
"method": {
"description": "Domain control validation (DCV) method used for this hostname.",
"enum": [
"http",
"txt",
"email"
],
"example": "http"
},
"settings": {
"description": "SSL specific settings.",
"properties": {
"ciphers": {
"description": "An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.",
"example": [
"ECDHE-RSA-AES128-GCM-SHA256",
"AES128-SHA"
],
"items": {
"type": "string"
},
"type": "array",
"uniqueItems": true
},
"early_hints": {
"description": "Whether or not Early Hints is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
},
"http2": {
"description": "Whether or not HTTP2 is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
},
"min_tls_version": {
"description": "The minimum TLS version supported.",
"enum": [
"1.0",
"1.1",
"1.2",
"1.3"
],
"example": "1.2"
},
"tls_1_3": {
"description": "Whether or not TLS 1.3 is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
}
},
"type": "object"
},
"type": {
"description": "Level of validation to be used for this hostname. Domain validation (dv) must be used.",
"enum": [
"dv"
],
"example": "dv"
},
"wildcard": {
"description": "Indicates whether the certificate covers a wildcard.",
"example": false,
"type": "boolean"
}
},
"type": "object"
}
],
"type": "object"
}
},
"required": [
"hostname",
"ssl"
],
"type": "object"
}
}
},
"required": true
}{
"200": {
"content": {
"application/json": {
"schema": {
"allOf": [
{
"allOf": [
{
"properties": {
"errors": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"messages": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"result": {
"anyOf": [
{
"type": "object"
},
{
"items": {},
"type": "array"
},
{
"type": "string"
}
]
},
"success": {
"description": "Whether the API call was successful",
"enum": [
true
],
"example": true,
"type": "boolean"
}
},
"required": [
"success",
"errors",
"messages",
"result"
],
"type": "object"
},
{
"properties": {
"result": {
"anyOf": [
{
"type": "object"
},
{
"type": "string"
}
]
}
}
}
],
"type": "object"
},
{
"properties": {
"result": {
"allOf": [
{
"allOf": [
{
"properties": {
"created_at": {
"description": "This is the time the hostname was created.",
"example": "2020-02-06T18:11:23.531995Z",
"format": "date-time",
"type": "string"
},
"custom_metadata": {
"anyOf": [
{
"properties": {
"key": {
"description": "Unique metadata for this hostname.",
"example": "value",
"type": "string"
}
},
"type": "object"
}
],
"description": "These are per-hostname (customer) settings.",
"type": "object"
},
"custom_origin_server": {
"description": "a valid hostname that’s been added to your DNS zone as an A, AAAA, or CNAME record.",
"example": "origin2.example.com",
"type": "string"
},
"custom_origin_sni": {
"description": "A hostname that will be sent to your custom origin server as SNI for TLS handshake. This can be a valid subdomain of the zone or custom origin server name or the string ':request_host_header:' which will cause the host header in the request to be used as SNI. Not configurable with default/fallback origin server.",
"example": "sni.example.com",
"type": "string"
},
"hostname": {
"description": "The custom hostname that will point to your hostname via CNAME.",
"example": "app.example.com",
"maxLength": 255,
"readOnly": true,
"type": "string"
},
"id": {
"description": "Identifier",
"example": "023e105f4ecef8ad9ca31a8372d0c353",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"ownership_verification": {
"description": "This is a record which can be placed to activate a hostname.",
"oneOf": [
{
"properties": {
"name": {
"description": "DNS Name for record.",
"example": "_cf-custom-hostname.app.example.com",
"type": "string"
},
"type": {
"description": "DNS Record type.",
"enum": [
"txt"
],
"example": "txt"
},
"value": {
"description": "Content for the record.",
"example": "5cc07c04-ea62-4a5a-95f0-419334a875a4",
"type": "string"
}
},
"type": "object"
}
],
"type": "object"
},
"ownership_verification_http": {
"description": "This presents the token to be served by the given http url to activate a hostname.",
"oneOf": [
{
"properties": {
"http_body": {
"description": "Token to be served.",
"example": "5cc07c04-ea62-4a5a-95f0-419334a875a4",
"type": "string"
},
"http_url": {
"description": "The HTTP URL that will be checked during custom hostname verification and where the customer should host the token.",
"example": "http://custom.test.com/.well-known/cf-custom-hostname-challenge/0d89c70d-ad9f-4843-b99f-6cc0252067e9",
"type": "string"
}
},
"type": "object"
}
],
"type": "object"
},
"ssl": {
"description": "SSL properties for the custom hostname.",
"oneOf": [
{
"properties": {
"bundle_method": {
"default": "ubiquitous",
"description": "A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it.",
"enum": [
"ubiquitous",
"optimal",
"force"
],
"example": "ubiquitous",
"type": "string"
},
"certificate_authority": {
"description": "The Certificate Authority that will issue the certificate",
"enum": [
"digicert",
"google",
"lets_encrypt"
],
"example": "google",
"type": "string"
},
"custom_certificate": {
"description": "If a custom uploaded certificate is used.",
"example": "-----BEGIN CERTIFICATE-----\\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\\n-----END CERTIFICATE-----\\n",
"type": "string"
},
"custom_csr_id": {
"description": "The identifier for the Custom CSR that was used.",
"example": "7b163417-1d2b-4c84-a38a-2fb7a0cd7752",
"type": "string"
},
"custom_key": {
"description": "The key for a custom uploaded certificate.",
"example": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n",
"type": "string"
},
"expires_on": {
"description": "The time the custom certificate expires on.",
"example": "2021-02-06T18:11:23.531995Z",
"format": "date-time",
"type": "string"
},
"hosts": {
"description": "A list of Hostnames on a custom uploaded certificate.",
"example": [
"app.example.com",
"*.app.example.com"
],
"items": {},
"type": "array"
},
"id": {
"description": "Custom hostname SSL identifier tag.",
"example": "0d89c70d-ad9f-4843-b99f-6cc0252067e9",
"maxLength": 36,
"minLength": 36,
"type": "string"
},
"issuer": {
"description": "The issuer on a custom uploaded certificate.",
"example": "DigiCertInc",
"type": "string"
},
"method": {
"description": "Domain control validation (DCV) method used for this hostname.",
"enum": [
"http",
"txt",
"email"
],
"example": "txt"
},
"serial_number": {
"description": "The serial number on a custom uploaded certificate.",
"example": "6743787633689793699141714808227354901",
"type": "string"
},
"settings": {
"description": "SSL specific settings.",
"properties": {
"ciphers": {
"description": "An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.",
"example": [
"ECDHE-RSA-AES128-GCM-SHA256",
"AES128-SHA"
],
"items": {
"type": "string"
},
"type": "array",
"uniqueItems": true
},
"early_hints": {
"description": "Whether or not Early Hints is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
},
"http2": {
"description": "Whether or not HTTP2 is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
},
"min_tls_version": {
"description": "The minimum TLS version supported.",
"enum": [
"1.0",
"1.1",
"1.2",
"1.3"
],
"example": "1.2"
},
"tls_1_3": {
"description": "Whether or not TLS 1.3 is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
}
},
"type": "object"
},
"signature": {
"description": "The signature on a custom uploaded certificate.",
"example": "SHA256WithRSA",
"type": "string"
},
"status": {
"description": "Status of the hostname's SSL certificates.",
"enum": [
"initializing",
"pending_validation",
"deleted",
"pending_issuance",
"pending_deployment",
"pending_deletion",
"pending_expiration",
"expired",
"active",
"initializing_timed_out",
"validation_timed_out",
"issuance_timed_out",
"deployment_timed_out",
"deletion_timed_out",
"pending_cleanup",
"staging_deployment",
"staging_active",
"deactivating",
"inactive",
"backup_issued",
"holding_deployment"
],
"example": "pending_validation",
"readOnly": true
},
"type": {
"description": "Level of validation to be used for this hostname. Domain validation (dv) must be used.",
"enum": [
"dv"
],
"example": "dv",
"readOnly": true
},
"uploaded_on": {
"description": "The time the custom certificate was uploaded.",
"example": "2020-02-06T18:11:23.531995Z",
"format": "date-time",
"type": "string"
},
"validation_errors": {
"description": "Domain validation errors that have been received by the certificate authority (CA).",
"items": {
"properties": {
"message": {
"description": "A domain validation error.",
"example": "SERVFAIL looking up CAA for app.example.com",
"type": "string"
}
},
"type": "object"
},
"type": "array"
},
"validation_records": {
"items": {
"description": "Certificate's required validation record.",
"properties": {
"emails": {
"description": "The set of email addresses that the certificate authority (CA) will use to complete domain validation.",
"example": [
"administrator@example.com",
"webmaster@example.com"
],
"items": {},
"type": "array"
},
"http_body": {
"description": "The content that the certificate authority (CA) will expect to find at the http_url during the domain validation.",
"example": "ca3-574923932a82475cb8592200f1a2a23d",
"type": "string"
},
"http_url": {
"description": "The url that will be checked during domain validation.",
"example": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt",
"type": "string"
},
"txt_name": {
"description": "The hostname that the certificate authority (CA) will check for a TXT record during domain validation .",
"example": "_acme-challenge.app.example.com",
"type": "string"
},
"txt_value": {
"description": "The TXT record that the certificate authority (CA) will check during domain validation.",
"example": "810b7d5f01154524b961ba0cd578acc2",
"type": "string"
}
},
"type": "object"
},
"type": "array"
},
"wildcard": {
"description": "Indicates whether the certificate covers a wildcard.",
"example": false,
"type": "boolean"
}
},
"type": "object"
}
],
"type": "object"
},
"status": {
"description": "Status of the hostname's activation.",
"enum": [
"active",
"pending",
"active_redeploying",
"moved",
"pending_deletion",
"deleted",
"pending_blocked",
"pending_migration",
"pending_provisioned",
"test_pending",
"test_active",
"test_active_apex",
"test_blocked",
"test_failed",
"provisioned",
"blocked"
],
"example": "pending"
},
"verification_errors": {
"description": "These are errors that were encountered while trying to activate a hostname.",
"example": [
"None of the A or AAAA records are owned by this account and the pre-generated ownership verification token was not found."
],
"items": {},
"type": "array"
}
}
}
],
"properties": {
"hostname": {
"description": "The custom hostname that will point to your hostname via CNAME.",
"example": "app.example.com",
"maxLength": 255,
"readOnly": true,
"type": "string"
},
"id": {
"description": "Identifier",
"example": "023e105f4ecef8ad9ca31a8372d0c353",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"ssl": {
"description": "SSL properties for the custom hostname.",
"oneOf": [
{
"properties": {
"bundle_method": {
"default": "ubiquitous",
"description": "A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it.",
"enum": [
"ubiquitous",
"optimal",
"force"
],
"example": "ubiquitous",
"type": "string"
},
"certificate_authority": {
"description": "The Certificate Authority that will issue the certificate",
"enum": [
"digicert",
"google",
"lets_encrypt"
],
"example": "google",
"type": "string"
},
"custom_certificate": {
"description": "If a custom uploaded certificate is used.",
"example": "-----BEGIN CERTIFICATE-----\\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\\n-----END CERTIFICATE-----\\n",
"type": "string"
},
"custom_csr_id": {
"description": "The identifier for the Custom CSR that was used.",
"example": "7b163417-1d2b-4c84-a38a-2fb7a0cd7752",
"type": "string"
},
"custom_key": {
"description": "The key for a custom uploaded certificate.",
"example": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n",
"type": "string"
},
"expires_on": {
"description": "The time the custom certificate expires on.",
"example": "2021-02-06T18:11:23.531995Z",
"format": "date-time",
"type": "string"
},
"hosts": {
"description": "A list of Hostnames on a custom uploaded certificate.",
"example": [
"app.example.com",
"*.app.example.com"
],
"items": {},
"type": "array"
},
"id": {
"description": "Custom hostname SSL identifier tag.",
"example": "0d89c70d-ad9f-4843-b99f-6cc0252067e9",
"maxLength": 36,
"minLength": 36,
"type": "string"
},
"issuer": {
"description": "The issuer on a custom uploaded certificate.",
"example": "DigiCertInc",
"type": "string"
},
"method": {
"description": "Domain control validation (DCV) method used for this hostname.",
"enum": [
"http",
"txt",
"email"
],
"example": "txt"
},
"serial_number": {
"description": "The serial number on a custom uploaded certificate.",
"example": "6743787633689793699141714808227354901",
"type": "string"
},
"settings": {
"description": "SSL specific settings.",
"properties": {
"ciphers": {
"description": "An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.",
"example": [
"ECDHE-RSA-AES128-GCM-SHA256",
"AES128-SHA"
],
"items": {
"type": "string"
},
"type": "array",
"uniqueItems": true
},
"early_hints": {
"description": "Whether or not Early Hints is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
},
"http2": {
"description": "Whether or not HTTP2 is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
},
"min_tls_version": {
"description": "The minimum TLS version supported.",
"enum": [
"1.0",
"1.1",
"1.2",
"1.3"
],
"example": "1.2"
},
"tls_1_3": {
"description": "Whether or not TLS 1.3 is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
}
},
"type": "object"
},
"signature": {
"description": "The signature on a custom uploaded certificate.",
"example": "SHA256WithRSA",
"type": "string"
},
"status": {
"description": "Status of the hostname's SSL certificates.",
"enum": [
"initializing",
"pending_validation",
"deleted",
"pending_issuance",
"pending_deployment",
"pending_deletion",
"pending_expiration",
"expired",
"active",
"initializing_timed_out",
"validation_timed_out",
"issuance_timed_out",
"deployment_timed_out",
"deletion_timed_out",
"pending_cleanup",
"staging_deployment",
"staging_active",
"deactivating",
"inactive",
"backup_issued",
"holding_deployment"
],
"example": "pending_validation",
"readOnly": true
},
"type": {
"description": "Level of validation to be used for this hostname. Domain validation (dv) must be used.",
"enum": [
"dv"
],
"example": "dv",
"readOnly": true
},
"uploaded_on": {
"description": "The time the custom certificate was uploaded.",
"example": "2020-02-06T18:11:23.531995Z",
"format": "date-time",
"type": "string"
},
"validation_errors": {
"description": "Domain validation errors that have been received by the certificate authority (CA).",
"items": {
"properties": {
"message": {
"description": "A domain validation error.",
"example": "SERVFAIL looking up CAA for app.example.com",
"type": "string"
}
},
"type": "object"
},
"type": "array"
},
"validation_records": {
"items": {
"description": "Certificate's required validation record.",
"properties": {
"emails": {
"description": "The set of email addresses that the certificate authority (CA) will use to complete domain validation.",
"example": [
"administrator@example.com",
"webmaster@example.com"
],
"items": {},
"type": "array"
},
"http_body": {
"description": "The content that the certificate authority (CA) will expect to find at the http_url during the domain validation.",
"example": "ca3-574923932a82475cb8592200f1a2a23d",
"type": "string"
},
"http_url": {
"description": "The url that will be checked during domain validation.",
"example": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt",
"type": "string"
},
"txt_name": {
"description": "The hostname that the certificate authority (CA) will check for a TXT record during domain validation .",
"example": "_acme-challenge.app.example.com",
"type": "string"
},
"txt_value": {
"description": "The TXT record that the certificate authority (CA) will check during domain validation.",
"example": "810b7d5f01154524b961ba0cd578acc2",
"type": "string"
}
},
"type": "object"
},
"type": "array"
},
"wildcard": {
"description": "Indicates whether the certificate covers a wildcard.",
"example": false,
"type": "boolean"
}
},
"type": "object"
}
],
"type": "object"
}
},
"required": [
"id",
"hostname",
"ssl"
],
"type": "object"
}
],
"type": "object"
}
}
}
]
}
}
},
"description": "Create Custom Hostname response"
},
"4XX": {
"content": {
"application/json": {
"schema": {
"allOf": [
{
"allOf": [
{
"allOf": [
{
"properties": {
"errors": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"messages": {
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
},
"result": {
"anyOf": [
{
"type": "object"
},
{
"items": {},
"type": "array"
},
{
"type": "string"
}
]
},
"success": {
"description": "Whether the API call was successful",
"enum": [
true
],
"example": true,
"type": "boolean"
}
},
"required": [
"success",
"errors",
"messages",
"result"
],
"type": "object"
},
{
"properties": {
"result": {
"anyOf": [
{
"type": "object"
},
{
"type": "string"
}
]
}
}
}
],
"type": "object"
},
{
"properties": {
"result": {
"allOf": [
{
"allOf": [
{
"properties": {
"created_at": {
"description": "This is the time the hostname was created.",
"example": "2020-02-06T18:11:23.531995Z",
"format": "date-time",
"type": "string"
},
"custom_metadata": {
"anyOf": [
{
"properties": {
"key": {
"description": "Unique metadata for this hostname.",
"example": "value",
"type": "string"
}
},
"type": "object"
}
],
"description": "These are per-hostname (customer) settings.",
"type": "object"
},
"custom_origin_server": {
"description": "a valid hostname that’s been added to your DNS zone as an A, AAAA, or CNAME record.",
"example": "origin2.example.com",
"type": "string"
},
"custom_origin_sni": {
"description": "A hostname that will be sent to your custom origin server as SNI for TLS handshake. This can be a valid subdomain of the zone or custom origin server name or the string ':request_host_header:' which will cause the host header in the request to be used as SNI. Not configurable with default/fallback origin server.",
"example": "sni.example.com",
"type": "string"
},
"hostname": {
"description": "The custom hostname that will point to your hostname via CNAME.",
"example": "app.example.com",
"maxLength": 255,
"readOnly": true,
"type": "string"
},
"id": {
"description": "Identifier",
"example": "023e105f4ecef8ad9ca31a8372d0c353",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"ownership_verification": {
"description": "This is a record which can be placed to activate a hostname.",
"oneOf": [
{
"properties": {
"name": {
"description": "DNS Name for record.",
"example": "_cf-custom-hostname.app.example.com",
"type": "string"
},
"type": {
"description": "DNS Record type.",
"enum": [
"txt"
],
"example": "txt"
},
"value": {
"description": "Content for the record.",
"example": "5cc07c04-ea62-4a5a-95f0-419334a875a4",
"type": "string"
}
},
"type": "object"
}
],
"type": "object"
},
"ownership_verification_http": {
"description": "This presents the token to be served by the given http url to activate a hostname.",
"oneOf": [
{
"properties": {
"http_body": {
"description": "Token to be served.",
"example": "5cc07c04-ea62-4a5a-95f0-419334a875a4",
"type": "string"
},
"http_url": {
"description": "The HTTP URL that will be checked during custom hostname verification and where the customer should host the token.",
"example": "http://custom.test.com/.well-known/cf-custom-hostname-challenge/0d89c70d-ad9f-4843-b99f-6cc0252067e9",
"type": "string"
}
},
"type": "object"
}
],
"type": "object"
},
"ssl": {
"description": "SSL properties for the custom hostname.",
"oneOf": [
{
"properties": {
"bundle_method": {
"default": "ubiquitous",
"description": "A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it.",
"enum": [
"ubiquitous",
"optimal",
"force"
],
"example": "ubiquitous",
"type": "string"
},
"certificate_authority": {
"description": "The Certificate Authority that will issue the certificate",
"enum": [
"digicert",
"google",
"lets_encrypt"
],
"example": "google",
"type": "string"
},
"custom_certificate": {
"description": "If a custom uploaded certificate is used.",
"example": "-----BEGIN CERTIFICATE-----\\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\\n-----END CERTIFICATE-----\\n",
"type": "string"
},
"custom_csr_id": {
"description": "The identifier for the Custom CSR that was used.",
"example": "7b163417-1d2b-4c84-a38a-2fb7a0cd7752",
"type": "string"
},
"custom_key": {
"description": "The key for a custom uploaded certificate.",
"example": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n",
"type": "string"
},
"expires_on": {
"description": "The time the custom certificate expires on.",
"example": "2021-02-06T18:11:23.531995Z",
"format": "date-time",
"type": "string"
},
"hosts": {
"description": "A list of Hostnames on a custom uploaded certificate.",
"example": [
"app.example.com",
"*.app.example.com"
],
"items": {},
"type": "array"
},
"id": {
"description": "Custom hostname SSL identifier tag.",
"example": "0d89c70d-ad9f-4843-b99f-6cc0252067e9",
"maxLength": 36,
"minLength": 36,
"type": "string"
},
"issuer": {
"description": "The issuer on a custom uploaded certificate.",
"example": "DigiCertInc",
"type": "string"
},
"method": {
"description": "Domain control validation (DCV) method used for this hostname.",
"enum": [
"http",
"txt",
"email"
],
"example": "txt"
},
"serial_number": {
"description": "The serial number on a custom uploaded certificate.",
"example": "6743787633689793699141714808227354901",
"type": "string"
},
"settings": {
"description": "SSL specific settings.",
"properties": {
"ciphers": {
"description": "An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.",
"example": [
"ECDHE-RSA-AES128-GCM-SHA256",
"AES128-SHA"
],
"items": {
"type": "string"
},
"type": "array",
"uniqueItems": true
},
"early_hints": {
"description": "Whether or not Early Hints is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
},
"http2": {
"description": "Whether or not HTTP2 is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
},
"min_tls_version": {
"description": "The minimum TLS version supported.",
"enum": [
"1.0",
"1.1",
"1.2",
"1.3"
],
"example": "1.2"
},
"tls_1_3": {
"description": "Whether or not TLS 1.3 is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
}
},
"type": "object"
},
"signature": {
"description": "The signature on a custom uploaded certificate.",
"example": "SHA256WithRSA",
"type": "string"
},
"status": {
"description": "Status of the hostname's SSL certificates.",
"enum": [
"initializing",
"pending_validation",
"deleted",
"pending_issuance",
"pending_deployment",
"pending_deletion",
"pending_expiration",
"expired",
"active",
"initializing_timed_out",
"validation_timed_out",
"issuance_timed_out",
"deployment_timed_out",
"deletion_timed_out",
"pending_cleanup",
"staging_deployment",
"staging_active",
"deactivating",
"inactive",
"backup_issued",
"holding_deployment"
],
"example": "pending_validation",
"readOnly": true
},
"type": {
"description": "Level of validation to be used for this hostname. Domain validation (dv) must be used.",
"enum": [
"dv"
],
"example": "dv",
"readOnly": true
},
"uploaded_on": {
"description": "The time the custom certificate was uploaded.",
"example": "2020-02-06T18:11:23.531995Z",
"format": "date-time",
"type": "string"
},
"validation_errors": {
"description": "Domain validation errors that have been received by the certificate authority (CA).",
"items": {
"properties": {
"message": {
"description": "A domain validation error.",
"example": "SERVFAIL looking up CAA for app.example.com",
"type": "string"
}
},
"type": "object"
},
"type": "array"
},
"validation_records": {
"items": {
"description": "Certificate's required validation record.",
"properties": {
"emails": {
"description": "The set of email addresses that the certificate authority (CA) will use to complete domain validation.",
"example": [
"administrator@example.com",
"webmaster@example.com"
],
"items": {},
"type": "array"
},
"http_body": {
"description": "The content that the certificate authority (CA) will expect to find at the http_url during the domain validation.",
"example": "ca3-574923932a82475cb8592200f1a2a23d",
"type": "string"
},
"http_url": {
"description": "The url that will be checked during domain validation.",
"example": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt",
"type": "string"
},
"txt_name": {
"description": "The hostname that the certificate authority (CA) will check for a TXT record during domain validation .",
"example": "_acme-challenge.app.example.com",
"type": "string"
},
"txt_value": {
"description": "The TXT record that the certificate authority (CA) will check during domain validation.",
"example": "810b7d5f01154524b961ba0cd578acc2",
"type": "string"
}
},
"type": "object"
},
"type": "array"
},
"wildcard": {
"description": "Indicates whether the certificate covers a wildcard.",
"example": false,
"type": "boolean"
}
},
"type": "object"
}
],
"type": "object"
},
"status": {
"description": "Status of the hostname's activation.",
"enum": [
"active",
"pending",
"active_redeploying",
"moved",
"pending_deletion",
"deleted",
"pending_blocked",
"pending_migration",
"pending_provisioned",
"test_pending",
"test_active",
"test_active_apex",
"test_blocked",
"test_failed",
"provisioned",
"blocked"
],
"example": "pending"
},
"verification_errors": {
"description": "These are errors that were encountered while trying to activate a hostname.",
"example": [
"None of the A or AAAA records are owned by this account and the pre-generated ownership verification token was not found."
],
"items": {},
"type": "array"
}
}
}
],
"properties": {
"hostname": {
"description": "The custom hostname that will point to your hostname via CNAME.",
"example": "app.example.com",
"maxLength": 255,
"readOnly": true,
"type": "string"
},
"id": {
"description": "Identifier",
"example": "023e105f4ecef8ad9ca31a8372d0c353",
"maxLength": 32,
"readOnly": true,
"type": "string"
},
"ssl": {
"description": "SSL properties for the custom hostname.",
"oneOf": [
{
"properties": {
"bundle_method": {
"default": "ubiquitous",
"description": "A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it.",
"enum": [
"ubiquitous",
"optimal",
"force"
],
"example": "ubiquitous",
"type": "string"
},
"certificate_authority": {
"description": "The Certificate Authority that will issue the certificate",
"enum": [
"digicert",
"google",
"lets_encrypt"
],
"example": "google",
"type": "string"
},
"custom_certificate": {
"description": "If a custom uploaded certificate is used.",
"example": "-----BEGIN CERTIFICATE-----\\nMIIFJDCCBAygAwIBAgIQD0ifmj/Yi5NP/2gdUySbfzANBgkqhkiG9w0BAQsFADBN\\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E...SzSHfXp5lnu/3V08I72q1QNzOCgY1XeL4GKVcj4or6cT6tX6oJH7ePPmfrBfqI/O\\nOeH8gMJ+FuwtXYEPa4hBf38M5eU5xWG7\\n-----END CERTIFICATE-----\\n",
"type": "string"
},
"custom_csr_id": {
"description": "The identifier for the Custom CSR that was used.",
"example": "7b163417-1d2b-4c84-a38a-2fb7a0cd7752",
"type": "string"
},
"custom_key": {
"description": "The key for a custom uploaded certificate.",
"example": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG\ndtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn\nabIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid\ntnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py\nFxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE\newooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb\nHBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/\naxiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb\n+ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g\n+j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv\nKLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7\n9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo\n/WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu\niacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9\nN2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe\nVAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB\nvULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U\nlySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR\n9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7\nmEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX\ndFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe\nPG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS\nfhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W\nqu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T\nlv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi\n-----END RSA PRIVATE KEY-----\n",
"type": "string"
},
"expires_on": {
"description": "The time the custom certificate expires on.",
"example": "2021-02-06T18:11:23.531995Z",
"format": "date-time",
"type": "string"
},
"hosts": {
"description": "A list of Hostnames on a custom uploaded certificate.",
"example": [
"app.example.com",
"*.app.example.com"
],
"items": {},
"type": "array"
},
"id": {
"description": "Custom hostname SSL identifier tag.",
"example": "0d89c70d-ad9f-4843-b99f-6cc0252067e9",
"maxLength": 36,
"minLength": 36,
"type": "string"
},
"issuer": {
"description": "The issuer on a custom uploaded certificate.",
"example": "DigiCertInc",
"type": "string"
},
"method": {
"description": "Domain control validation (DCV) method used for this hostname.",
"enum": [
"http",
"txt",
"email"
],
"example": "txt"
},
"serial_number": {
"description": "The serial number on a custom uploaded certificate.",
"example": "6743787633689793699141714808227354901",
"type": "string"
},
"settings": {
"description": "SSL specific settings.",
"properties": {
"ciphers": {
"description": "An allowlist of ciphers for TLS termination. These ciphers must be in the BoringSSL format.",
"example": [
"ECDHE-RSA-AES128-GCM-SHA256",
"AES128-SHA"
],
"items": {
"type": "string"
},
"type": "array",
"uniqueItems": true
},
"early_hints": {
"description": "Whether or not Early Hints is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
},
"http2": {
"description": "Whether or not HTTP2 is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
},
"min_tls_version": {
"description": "The minimum TLS version supported.",
"enum": [
"1.0",
"1.1",
"1.2",
"1.3"
],
"example": "1.2"
},
"tls_1_3": {
"description": "Whether or not TLS 1.3 is enabled.",
"enum": [
"on",
"off"
],
"example": "on"
}
},
"type": "object"
},
"signature": {
"description": "The signature on a custom uploaded certificate.",
"example": "SHA256WithRSA",
"type": "string"
},
"status": {
"description": "Status of the hostname's SSL certificates.",
"enum": [
"initializing",
"pending_validation",
"deleted",
"pending_issuance",
"pending_deployment",
"pending_deletion",
"pending_expiration",
"expired",
"active",
"initializing_timed_out",
"validation_timed_out",
"issuance_timed_out",
"deployment_timed_out",
"deletion_timed_out",
"pending_cleanup",
"staging_deployment",
"staging_active",
"deactivating",
"inactive",
"backup_issued",
"holding_deployment"
],
"example": "pending_validation",
"readOnly": true
},
"type": {
"description": "Level of validation to be used for this hostname. Domain validation (dv) must be used.",
"enum": [
"dv"
],
"example": "dv",
"readOnly": true
},
"uploaded_on": {
"description": "The time the custom certificate was uploaded.",
"example": "2020-02-06T18:11:23.531995Z",
"format": "date-time",
"type": "string"
},
"validation_errors": {
"description": "Domain validation errors that have been received by the certificate authority (CA).",
"items": {
"properties": {
"message": {
"description": "A domain validation error.",
"example": "SERVFAIL looking up CAA for app.example.com",
"type": "string"
}
},
"type": "object"
},
"type": "array"
},
"validation_records": {
"items": {
"description": "Certificate's required validation record.",
"properties": {
"emails": {
"description": "The set of email addresses that the certificate authority (CA) will use to complete domain validation.",
"example": [
"administrator@example.com",
"webmaster@example.com"
],
"items": {},
"type": "array"
},
"http_body": {
"description": "The content that the certificate authority (CA) will expect to find at the http_url during the domain validation.",
"example": "ca3-574923932a82475cb8592200f1a2a23d",
"type": "string"
},
"http_url": {
"description": "The url that will be checked during domain validation.",
"example": "http://app.example.com/.well-known/pki-validation/ca3-da12a1c25e7b48cf80408c6c1763b8a2.txt",
"type": "string"
},
"txt_name": {
"description": "The hostname that the certificate authority (CA) will check for a TXT record during domain validation .",
"example": "_acme-challenge.app.example.com",
"type": "string"
},
"txt_value": {
"description": "The TXT record that the certificate authority (CA) will check during domain validation.",
"example": "810b7d5f01154524b961ba0cd578acc2",
"type": "string"
}
},
"type": "object"
},
"type": "array"
},
"wildcard": {
"description": "Indicates whether the certificate covers a wildcard.",
"example": false,
"type": "boolean"
}
},
"type": "object"
}
],
"type": "object"
}
},
"required": [
"id",
"hostname",
"ssl"
],
"type": "object"
}
],
"type": "object"
}
}
}
]
},
{
"properties": {
"errors": {
"allOf": [
{
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
}
],
"example": [
{
"code": 7003,
"message": "No route for the URI"
}
],
"minLength": 1
},
"messages": {
"allOf": [
{
"example": [],
"items": {
"properties": {
"code": {
"minimum": 1000,
"type": "integer"
},
"message": {
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object",
"uniqueItems": true
},
"type": "array"
}
],
"example": []
},
"result": {
"enum": [
null
],
"nullable": true,
"type": "object"
},
"success": {
"description": "Whether the API call was successful",
"enum": [
false
],
"example": false,
"type": "boolean"
}
},
"required": [
"success",
"errors",
"messages",
"result"
],
"type": "object"
}
]
}
}
},
"description": "Create Custom Hostname response failure"
}
}[
{
"api_email": [],
"api_key": []
}
]