Provides a Cloudflare Origin CA certificate used to protect traffic to your origin without involving a third party Certificate Authority.
resource "tls_private_key" "example" {
algorithm = "RSA"
}
resource "tls_cert_request" "example" {
private_key_pem = tls_private_key.example.private_key_pem
subject {
common_name = ""
organization = "Terraform Test"
}
}
resource "cloudflare_origin_ca_certificate" "example" {
csr = tls_cert_request.example.cert_request_pem
hostnames = ["example.com"]
request_type = "origin-rsa"
requested_validity = 7
}
csr
(String) The Certificate Signing Request. Must be newline-encoded. Modifying this attribute will force creation of a new resource.hostnames
(Set of String) A list of hostnames or wildcard names bound to the certificate. Modifying this attribute will force creation of a new resource.request_type
(String) The signature type desired on the certificate. Available values: origin-rsa
, origin-ecc
, keyless-certificate
. Modifying this attribute will force creation of a new resource.min_days_for_renewal
(Number) Number of days prior to the expiry to trigger a renewal of the certificate if a Terraform operation is run.requested_validity
(Number) The number of days for which the certificate should be valid. Available values: 7
, 30
, 90
, 365
, 730
, 1095
, 5475
. Modifying this attribute will force creation of a new resource.certificate
(String) The Origin CA certificate.expires_on
(String) The datetime when the certificate will expire.id
(String) The ID of this resource.Import is supported using the following syntax:
$ terraform import cloudflare_origin_ca_certificate.example <certificate_id>