OriginCA certificate create endpoint is returning invalid expires_on date

A POST request to https://api.cloudflare.com/client/v4/certificates returns invalid format in expires_on field.

    "id": "...235529760....",
    "certificate": "-----BEGIN CERTIFICATE-----\...n-----END CERTIFICATE-----\n",
    "expires_on": "2034-11-14 16:32:00 +0000 UTC",
    "request_type": "origin-rsa",
    "hostnames": [
    "csr": "-----BEGIN CERTIFICATE REQUEST-----\n....\n-----END CERTIFICATE REQUEST-----\n",
    "requested_validity": 5475

The API documentation specifies the expires_on examples as 2014-01-01T05:20:00.12345Z , which is not the case in production.

I wouldnt necessarily say “invalid” as the API actually does not really specify it, but rather suggests it via the example. Might be a bit nitpickish, but Cloudflare’s API generally is very “dynamic”.

The format suggested by the API is ISO 8601, whereas what you seem to have got is a slight variation of RFC 3339, which in turn is a profile of 8601.
Any decent date parser should actually be able to handle that smoothly :slight_smile:

Well, the GoLang parser is having troubles with it. Which is why the cloudflare.CreateOriginCertificate function always fails.

Cloudflare’s own code? Well, thats a bit embarrassing :wink:
I guess they should fix their JSON parsing.

There actually is an open issue for that at JSON Unmarshall error when using CreateOriginCertificate · Issue #190 · cloudflare/cloudflare-go · GitHub