# SSL Certificate URL: https://developers.cloud66.com/v3/models/ssl-certificate/ Represents an SSL/TLS certificate used for securing web traffic in Cloud66 stacks. Certificates can be either manually uploaded or automatically provisioned through Let's Encrypt integration. Unique identifier for the SSL certificate. Certificate display name, typically the primary domain name. ID of the server group this certificate is associated with. Comma-separated list of domain names covered by this certificate. SHA256 fingerprint of the certificate for verification purposes. May be null if certificate parsing failed. Certificate Authority name (e.g., "Let's Encrypt") or null for manually uploaded certificates. Certificate type: "lets_encrypt" for automatically provisioned certificates or "manual" for externally obtained certificates. Whether this is a wildcard certificate (covers *.domain.com patterns). UUID of the DNS provider used for Let's Encrypt domain validation. Only applicable for Let's Encrypt certificates. SSL termination configuration setting. Whether an intermediate certificate is present in the certificate chain. Current certificate status (e.g., "active", "expired", "pending"). ISO 8601 formatted timestamp when the certificate was created. ISO 8601 formatted timestamp when the certificate was last updated. ISO 8601 formatted timestamp when the certificate expires. May be null if expiration cannot be determined. Always null in API responses for security reasons. Used only for certificate upload operations. Always null in API responses for security reasons. Used only for certificate upload operations. Always null in API responses for security reasons. Used only for certificate upload operations. ## Certificate Types ### Let's Encrypt Certificates - **Automatic provisioning** - Certificates are automatically obtained and renewed - **DNS validation** - Uses configured DNS providers for domain validation - **Free certificates** - No cost for basic SSL certificates - **Wildcard support** - Can provision wildcard certificates with DNS validation ### Manual Certificates - **External certificates** - Certificates obtained from any Certificate Authority - **Upload required** - Certificate, private key, and intermediate certificates must be uploaded - **Custom CA support** - Supports certificates from any trusted Certificate Authority - **Extended validation** - Can use EV and OV certificates ## Security Considerations Certificate private keys and certificate content are never exposed through the API for security reasons. The `certificate`, `key`, and `intermediate_certificate` fields are always null in API responses. ## Use Cases - **Web application security** - Securing HTTP traffic with SSL/TLS - **API endpoint protection** - Securing REST API endpoints - **Custom domain certificates** - Certificates for custom domains - **Wildcard domain coverage** - Single certificate for multiple subdomains **Related models:** DnsProvider, Stack, Server ## Example ```json { "uuid": "550e8400-e29b-41d4-a716-446655440000", "name": "example.com", "server_group_id": 123, "server_names": "example.com,www.example.com", "sha256_fingerprint": "A1:B2:C3:D4:E5:F6:78:90:AB:CD:EF:12:34:56:78:90:AB:CD:EF:12:34:56:78:90:AB:CD:EF:12:34:56:78:90:AB", "ca_name": "Let's Encrypt", "type": "lets_encrypt", "wildcard": false, "dns_provider_uuid": "dns-550e8400-e29b-41d4-a716", "ssl_termination": "nginx", "has_intermediate_cert": true, "status": "active", "created_at": "2024-01-15T10:30:00Z", "updated_at": "2024-02-15T09:45:00Z", "expires_at": "2024-04-15T10:30:00Z", "certificate": null, "key": null, "intermediate_certificate": null } ```