TLS Subscriptions
The TLS subscriptions API allows you to programmatically generate TLS certificates that are procured and renewed by Fastly. Once a subscription is created for a given hostname or wildcard domain, DNS records are checked to ensure that the domain on the subscription is owned by the subscription creator. Provided DNS records are maintained, TLS certificates will automatically renew. If Fastly is unable to issue a certificate, we will retry to issue the certificate for 7 days past subscription creation or the latest certificate's not_after date, whichever is later. If after 7 days Fastly is unable to issue a certificate, the subscription state will change to failed
and Fastly will stop retrying.
Data model
The common name associated with the subscription generated by Fastly TLS. Optional. If you do not pass a common name on create, we will default to the first TLS domain included. If provided, the domain chosen as the common name must be included in TLS domains.
common_name | object | ||
tls_certificates | object | ||
tls_configuration | object | ||
tls_domains | object | ||
certificate_authority | string | The entity that issues and certifies the TLS certificates for your subscription, either certainly , lets-encrypt , or globalsign . To migrate the subscription from one certificate authority to another, such as to migrate from 'lets-encrypt' to 'certainly', pass certificate_authority to the PATCH endpoint. To migrate from 'globalsign' to 'certainly', contact Fastly Support. | |
relationships.common_name.id | string | The domain name. | |
relationships.tls_certificates.id | string | Alphanumeric string identifying a TLS certificate. | |
relationships.tls_configuration.id | string | Alphanumeric string identifying a TLS configuration. | |
relationships.tls_domains.id | string | The domain name. | |
type | string | Resource type. [Default tls_subscription ] | |
created_at | string | Date and time in ISO 8601 format. Read-only. | |
deleted_at | string | Date and time in ISO 8601 format. Read-only. | |
has_active_order | boolean | Subscription has an active order. | |
id | string | Alphanumeric string identifying a TLS subscription. Read-only. | |
state | string | The current state of your subscription. | |
updated_at | string | Date and time in ISO 8601 format. Read-only. |
Endpoints
POST/tls/subscriptions/tls_subscription_id
/authorizations/tls_authorization_id
/globalsign_email_challenges