cloudflare · pedrosousa · Apr 7, 2025 · Apr 6, 2025
@@ -16,7 +16,7 @@ To create a client certificate in the Cloudflare dashboard:
 
     By default, client certificates are issued by a Cloudflare Managed CA. Cloudflare generates a unique CA for each account.
 
-    If you need to use certificates issued by another CA, use the API to [bring your own CA for mTLS](/ssl/client-certificates/byo-ca/). 
+    If you need to use certificates issued by another CA, use the API to [bring your own CA for mTLS](/ssl/client-certificates/byo-ca/).
     :::
 
 4. For **Private key type**, select a value.

@@ -11,7 +11,7 @@ import { DirectoryListing, Render } from "~/components"
 Total TLS allows Cloudflare to issue individual certificates for your proxied hostnames. These certificates will protect proxied hostnames not covered by [Universal certificates](/ssl/edge-certificates/universal-ssl/).
 
 :::caution
- <Render file="total-tls-character-limitation" /> 
+ <Render file="total-tls-character-limitation" />
 :::
 
 When issued, these certificates will have a type of **Advanced - Total TLS**, and their default validity period is 90 days.

@@ -20,7 +20,7 @@ Expiration values for these certificates may appear in the `expires_on` field wh
 
 ### Compatible
 
-Compatible is the default methodology and uses **common and well distributed intermediate certificates** to complete the chain. This ensures that the resulting bundle is compatible with as many clients as possible. 
+Compatible is the default methodology and uses **common and well distributed intermediate certificates** to complete the chain. This ensures that the resulting bundle is compatible with as many clients as possible.
 The related value for the `bundle_method` parameter when using the [API](/api/resources/custom_certificates/methods/create/) is `ubiquitous`.
 
 ### Modern

@@ -21,7 +21,7 @@ Cloudflare automatically sends email notifications 30 and 14 days before your cu
 
 When renewing a custom certificate, you can reuse a [previously generated CSR](/ssl/edge-certificates/additional-options/certificate-signing-requests/).
 
-If you are on an Enterprise plan and want to renew a custom (modern) certificate, consider requesting access to [Staging environment (Beta)](/ssl/edge-certificates/staging-environment/). 
+If you are on an Enterprise plan and want to renew a custom (modern) certificate, consider requesting access to [Staging environment (Beta)](/ssl/edge-certificates/staging-environment/).
 :::
 
 ## Expired certificates
@@ -37,7 +37,7 @@ Affected domains and subdomains will fall back to any other active certificate c
 All certificates in a [certificate pack](/ssl/edge-certificates/custom-certificates/#certificate-packs) are treated as one object.
 The expiration date of a certificate pack is equivalent to the soonest `Not After` date among the certificates in the pack.
 
-For example if you have a custom certificate made of an ECSDA and a RSA certificate, if one of them expires the whole pack will be removed. 
+For example if you have a custom certificate made of an ECSDA and a RSA certificate, if one of them expires the whole pack will be removed.
 :::
 
 ## Migrate to other certificate types