> ## Documentation Index > Fetch the complete documentation index at: https://gcore.com/docs/llms.txt > Use this file to discover all available pages before exploring further. # Add SSL certificate > Add an SSL certificate for content delivery over HTTPS protocol. Enter all strings of the certificate(s) and the private key into one string parameter. Each certificate and the private key in chain should be separated by the "\n" symbol, as shown in the example. Additionally, you can add a Let's Encrypt certificate. In this case, certificate and private key will be generated automatically after attaching this certificate to your CDN resource. ## OpenAPI ````yaml /api-reference/services_documented/cdn_api.yaml post /cdn/sslData openapi: 3.1.0 info: title: Gcore OpenAPI – CDN API description: >- This OpenAPI is an aggregated OpenAPI specification that unifies all Gcore products into a single file. It covers Cloud, CDN, DNS, WAAP, DDoS Protection, Object Storage, Streaming, and FastEdge services. version: '2026-05-14T07:00:22.640261+00:00' servers: - url: https://api.gcore.com security: - APIKey: [] tags: - name: CDN service description: Information about the current state of the CDN service in your account. x-displayName: CDN service - name: CDN resources x-displayName: CDN resources - name: Origins x-displayName: Origins - name: Rules description: >- Rules allow to set up custom settings for certain file types or paths. By default, the rule inherits all options values from the related CDN resource. Each option in rule settings can be in one of the following states: - **Inherit** - Option is not added to the rule. Option inherits its value from the CDN resource settings. In this case, the option value is **null**. - **ON** - Option is added to the rule and enabled. Option values configured in the rule will override values from the CDN resource settings. - **OFF** - Option is added to the rule and disabled. Option will be turned off. x-displayName: Rules - name: Rule templates x-displayName: Rule templates - name: SSL certificates x-displayName: SSL certificates - name: Let's Encrypt certificates x-displayName: Let's Encrypt certificates - name: CA certificates x-displayName: CA certificates - name: CDN activity logs description: |- Get the history of users requests to CDN. It contains requests made both via the API and via the control panel. The following methods are not tracked in the activity logs: - HEAD - OPTIONS x-displayName: CDN activity logs - name: Log viewer description: >- Log viewer provides you with general information about CDN operation. This information does not contain all possible sets of fields and restricted by time. To receive full data, use Logs Uploader. x-displayName: Log viewer - name: Logs uploader description: >- Logs uploader allows you to upload logs with desired format to desired storages. Consists of three main parts: - **Policies** - rules that define which logs are uploaded and how they are uploaded. - **Targets** - destinations where logs are uploaded. - **Configs** - combinations of logs uploader policies, targets and resources to which they are applied. x-displayName: Logs uploader - name: Tools x-displayName: Tools - name: CDN Statistics description: >- Consumption statistics is updated in near real-time as a standard practice. However, the frequency of updates can vary, but they are typically available within a 24-hour period. Exceptions, such as maintenance periods, may delay data beyond 24 hours until servers resume and fill in the missing statistics. x-displayName: Statistics - name: Advanced analytics description: >- Advanced analytics allows to get statistics about unique visitors, traffic, and requests for countries, directories, browsers, devices, and operation systems for up to 90 days starting from today. Advanced analytics API is based on the [GraphQL framework](https://graphql.org/). Advanced analytics API has one single endpoint: https://api.gcore.com/cdn/advanced/v2/query You can pass the query parameters as a JSON object in the payload of a POST request to this endpoint. You can use curl to make requests to the Advanced analytics API. Alternatively, you can use a GraphQL client to construct queries and pass requests to the Advanced analytics API. You can write queries in GraphQL much like in SQL: specify the data set (CDN resource), the metrics to retrieve (such as unique visitors and traffic), and filter or group by dimensions (for example, a country). x-displayName: Advanced analytics - name: Origin shielding x-displayName: Origin shielding - name: IP addresses list x-displayName: IP addresses list - name: Purge history x-displayName: Purge history paths: /cdn/sslData: post: tags: - SSL certificates summary: Add SSL certificate description: >- Add an SSL certificate for content delivery over HTTPS protocol. Enter all strings of the certificate(s) and the private key into one string parameter. Each certificate and the private key in chain should be separated by the "\n" symbol, as shown in the example. Additionally, you can add a Let's Encrypt certificate. In this case, certificate and private key will be generated automatically after attaching this certificate to your CDN resource. operationId: add-ssl-certificate requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/AddSSL' responses: '201': description: Successful. x-codeSamples: - lang: Python source: |- import os from gcore import Gcore client = Gcore( api_key=os.environ.get("GCORE_API_KEY"), # This is the default and can be omitted ) client.cdn.certificates.create( name="New certificate", ssl_certificate="-----BEGIN CERTIFICATE-----\nMIIFWzCCBEOgAwIBAgISBK6qoNitg//89H/YJamujpWlMA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODExMTMxMjQwMDJaFw0x\nOTAyMTExMjQwMDJaMBwxGjAYBgNVBAMTEWNkbjIudG50LWNsdWIuY29tMIIBIjAN\nBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaHExDEXNSf6ELS0WUR7qq8gs9cc\nxx99sM2zs3Jld0twPmuldkVNe5xte/Hj03r4SesfOBczR7pn+t60YujPvUQDN8lx\nWYpvRuetOneyf4gNPatwzR/W1GWGlahet1xPVYGrttqL4gCJeShIXvU4aCyzW941\nPt0wCs+bg9u+59fXFkigWrWJPkwbR7bJ14XTStYynMbYLfCg+VPeGWj3d8wOhQcf\nAD86o8TLTbVfK2BDXwS5S8Dgf5u8g+WvmVHYDIkYKCxcLj0jP61Y7uHoFbSg41oN\nA9yPOa+0cYxA7U702V2WjxbfIeATYtNLZvH17lk+DYlQl8q3MLwguqZdgwIDAQAB\niIqI2xquGONtHFDOKJvy1O2qYTVRtNRVZqhc1ol+mw==\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n", ssl_private_key="-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDZcNCZiNNHfX2O\ndZpf12mv2rAZwqGZBAdpox0wntEPK3JciQ7ZRloLJeHuCNIJs9MidnH7Xk8zveju\nmab6HmfIzvMJAAm88OYWMFQRiYe1ggJEHMe7yYPQbtXwTqWDYdWmjPPma3Ujqqmb\nhmVX2rsYILD7cUjS+e0Ucfqx3QODQj/aujTt1rS0gFhJ0soY5m+C6VimPCx4Bjyw\n5rhtskJDRrfXxrIhVXOvSPFRyxDSfjt3win8vjhhZ3oFPWgrl9lVhn0zaB5hjDsd\n-----END PRIVATE KEY-----\n", ) - lang: Go source: "package main\n\nimport (\n\t\"context\"\n\n\t\"github.com/G-Core/gcore-go\"\n\t\"github.com/G-Core/gcore-go/cdn\"\n\t\"github.com/G-Core/gcore-go/option\"\n)\n\nfunc main() {\n\tclient := gcore.NewClient(\n\t\toption.WithAPIKey(\"My API Key\"),\n\t)\n\terr := client.CDN.Certificates.New(context.TODO(), cdn.CertificateNewParams{\n\t\tOfOwnCertificate: &cdn.CertificateNewParamsBodyOwnCertificate{\n\t\t\tName: \"New certificate\",\n\t\t\tSslCertificate: \"-----BEGIN CERTIFICATE-----\\nMIIFWzCCBEOgAwIBAgISBK6qoNitg//89H/YJamujpWlMA0GCSqGSIb3DQEBCwUA\\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODExMTMxMjQwMDJaFw0x\\nOTAyMTExMjQwMDJaMBwxGjAYBgNVBAMTEWNkbjIudG50LWNsdWIuY29tMIIBIjAN\\nBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaHExDEXNSf6ELS0WUR7qq8gs9cc\\nxx99sM2zs3Jld0twPmuldkVNe5xte/Hj03r4SesfOBczR7pn+t60YujPvUQDN8lx\\nWYpvRuetOneyf4gNPatwzR/W1GWGlahet1xPVYGrttqL4gCJeShIXvU4aCyzW941\\nPt0wCs+bg9u+59fXFkigWrWJPkwbR7bJ14XTStYynMbYLfCg+VPeGWj3d8wOhQcf\\nAD86o8TLTbVfK2BDXwS5S8Dgf5u8g+WvmVHYDIkYKCxcLj0jP61Y7uHoFbSg41oN\\nA9yPOa+0cYxA7U702V2WjxbfIeATYtNLZvH17lk+DYlQl8q3MLwguqZdgwIDAQAB\\niIqI2xquGONtHFDOKJvy1O2qYTVRtNRVZqhc1ol+mw==\\ n-----END CERTIFICATE-----\\n-----BEGIN CERTIFICATE-----\\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\\n-----END CERTIFICATE-----\\n\",\n\t\t\tSslPrivateKey: \"-----BEGIN PRIVATE KEY-----\\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDZcNCZiNNHfX2O\\ndZpf12mv2rAZwqGZBAdpox0wntEPK3JciQ7ZRloLJeHuCNIJs9MidnH7Xk8zveju\\nmab6HmfIzvMJAAm88OYWMFQRiYe1ggJEHMe7yYPQbtXwTqWDYdWmjPPma3Ujqqmb\\nhmVX2rsYILD7cUjS+e0Ucfqx3QODQj/aujTt1rS0gFhJ0soY5m+C6VimPCx4Bjyw\\n5rhtskJDRrfXxrIhVXOvSPFRyxDSfjt3win8vjhhZ3oFPWgrl9lVhn0zaB5hjDsd\\n-----END PRIVATE KEY-----\\n\",\n\t\t},\n\t})\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n}\n" components: schemas: AddSSL: oneOf: - $ref: '#/components/schemas/CreateSSlPayload' type: object title: Own Certificate - type: object title: Let's Encrypt Certificate properties: name: type: string description: SSL certificate name. It must be unique. example: New Let's Encrypt certificate automated: type: boolean description: Must be **true** to issue certificate automatically. example: true required: - name - automated CreateSSlPayload: title: Own Certificate properties: name: type: string description: |- SSL certificate name. It must be unique. example: New certificate sslCertificate: type: string description: |- Public part of the SSL certificate. All chain of the SSL certificate should be added. example: | -----BEGIN CERTIFICATE----- MIIFWzCCBEOgAwIBAgISBK6qoNitg//89H/YJamujpWlMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODExMTMxMjQwMDJaFw0x OTAyMTExMjQwMDJaMBwxGjAYBgNVBAMTEWNkbjIudG50LWNsdWIuY29tMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaHExDEXNSf6ELS0WUR7qq8gs9cc xx99sM2zs3Jld0twPmuldkVNe5xte/Hj03r4SesfOBczR7pn+t60YujPvUQDN8lx WYpvRuetOneyf4gNPatwzR/W1GWGlahet1xPVYGrttqL4gCJeShIXvU4aCyzW941 Pt0wCs+bg9u+59fXFkigWrWJPkwbR7bJ14XTStYynMbYLfCg+VPeGWj3d8wOhQcf AD86o8TLTbVfK2BDXwS5S8Dgf5u8g+WvmVHYDIkYKCxcLj0jP61Y7uHoFbSg41oN A9yPOa+0cYxA7U702V2WjxbfIeATYtNLZvH17lk+DYlQl8q3MLwguqZdgwIDAQAB iIqI2xquGONtHFDOKJvy1O2qYTVRtNRVZqhc1ol+mw== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/ MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8 SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0 KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg== -----END CERTIFICATE----- sslPrivateKey: type: string description: Private key of the SSL certificate. example: | -----BEGIN PRIVATE KEY----- MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDZcNCZiNNHfX2O dZpf12mv2rAZwqGZBAdpox0wntEPK3JciQ7ZRloLJeHuCNIJs9MidnH7Xk8zveju mab6HmfIzvMJAAm88OYWMFQRiYe1ggJEHMe7yYPQbtXwTqWDYdWmjPPma3Ujqqmb hmVX2rsYILD7cUjS+e0Ucfqx3QODQj/aujTt1rS0gFhJ0soY5m+C6VimPCx4Bjyw 5rhtskJDRrfXxrIhVXOvSPFRyxDSfjt3win8vjhhZ3oFPWgrl9lVhn0zaB5hjDsd -----END PRIVATE KEY----- validate_root_ca: type: boolean description: >- Defines whether to check the SSL certificate for a signature from a trusted certificate authority. Possible values: - **true** - SSL certificate must be verified to be signed by a trusted certificate authority. - **false** - SSL certificate will not be verified to be signed by a trusted certificate authority. example: true required: - name - sslCertificate - sslPrivateKey securitySchemes: APIKey: description: >- API key for authentication. Make sure to include the word `apikey`, followed by a single space and then your token. Example: `apikey 1234$abcdef` type: apiKey in: header name: Authorization ````