ByCloud Docs
GuidesCLIAPISDK
post/v1/certificates

Create certificate

Create a new certificate. Supports two types: - **ACME**: Automatically issues a certificate using DNS-01 challenge. Supports multi-domain and wildcard certificates. After creation, configure the DNS CNAME records as specified in the response, then call the validate endpoint. - **Uploaded**: Upload your own certificate, private key, and optional chain.

Header Parameters

X-Region

stringrequired

header

Region code to query resources from. Required for all resource operations.

Example: "sao1"

Request Body

required

Content-Type: application/json

name

stringrequired

Name of the certificate

type

stringrequired

Enum: "acme", "uploaded"

domains

arrayoptional

List of domains for ACME certificate (supports multi-domain and wildcard certs)

certificate

stringoptional

PEM-encoded certificate (required when type is 'uploaded')

private_key

stringoptional

PEM-encoded private key (required when type is 'uploaded')

chain

stringoptional

PEM-encoded certificate chain (optional for uploaded certificates)

Responses

201

Certificate created

Content-Type: application/json

certificate

objectoptional
400

Invalid request parameters

Content-Type: application/json

error

objectrequired
401

Authentication required or token invalid

Content-Type: application/json

error

objectrequired
403

Insufficient permissions

Content-Type: application/json

error

objectrequired
409

Certificate with this name already exists

Content-Type: application/json

error

objectrequired
500

Internal server error

Content-Type: application/json

error

objectrequired
curl -X POST "https://api.spo1.mycloud.com/v1/certificates" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "my-certificate",
    "type": "acme",
    "domains": [
      "example.com",
      "*.example.com"
    ],
    "certificate": "-----BEGIN CERTIFICATE-----\n...",
    "private_key": "-----BEGIN PRIVATE KEY-----\n...",
    "chain": "-----BEGIN CERTIFICATE-----\n..."
  }'

Response

Certificate created

{
  "certificate": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "crn": "crn:sao1:certificate:certificate:550e8400-e29b-41d4-a716-446655440000",
    "name": "my-certificate",
    "type": "acme",
    "domains": [
      "example.com",
      "*.example.com"
    ],
    "status": "active",
    "expires_at": "2024-01-15T10:30:00Z",
    "renew_after": "2024-01-15T10:30:00Z",
    "error_message": "string",
    "created_at": "2024-01-15T10:30:00Z",
    "updated_at": "2024-01-15T10:30:00Z",
    "dns_setup": {
      "records": [
        {
          "record_name": "_acme-challenge.example.com",
          "record_type": "CNAME",
          "record_value": "example.com.acme.bycloud.io"
        }
      ],
      "instructions": "Create the following CNAME records to validate domain ownership"
    },
    "bindings": [
      {
        "id": "550e8400-e29b-41d4-a716-446655440000",
        "crn": "crn:sao1:certificate:binding:550e8400-e29b-41d4-a716-446655440000",
        "certificate_id": "550e8400-e29b-41d4-a716-446655440001",
        "resource_type": "octavia:listener",
        "resource_id": "550e8400-e29b-41d4-a716-446655440002",
        "options": {
          "sni": false
        },
        "status": "active",
        "error_message": "string",
        "created_at": "2024-01-15T10:30:00Z",
        "updated_at": "2024-01-15T10:30:00Z"
      }
    ]
  }
}