get_certificate_status
Check SSL certificate status by providing certificate ID and provider name to verify domain security and validity.
Instructions
Get certificate status
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| certId | Yes | Certificate ID from list_certificates or create_certificate | |
| provider | Yes | Provider name (required) |
Implementation Reference
- src/tools/ssl.ts:17-21 (handler)Main handler function that orchestrates the get_certificate_status tool. Retrieves the provider from registry, validates SSL capability support via assertSsl guard, and delegates to the provider's getCertificateStatus method.
export async function handleGetCertificateStatus(input: { certId: string; provider: string }, registry: ProviderRegistry) { const provider = registry.get(input.provider); assertSsl(provider.name(), (f) => provider.supports(f)); return provider.getCertificateStatus(input.certId); } - src/server.ts:212-223 (registration)Tool registration with MCP server. Defines input schema using Zod (certId: string, provider: string), dynamically imports the handler, and wraps execution with error handling.
server.tool('get_certificate_status', 'Get certificate status', { certId: z.string().describe('Certificate ID from list_certificates or create_certificate'), provider: z.string().describe('Provider name (required)'), }, async (input) => { try { const { handleGetCertificateStatus } = await import('./tools/ssl.js'); const result = await handleGetCertificateStatus(input as { certId: string; provider: string }, registry); return { content: [{ type: 'text', text: JSON.stringify(result) }] }; } catch (err) { return { content: [{ type: 'text', text: formatErrorForAgent(err) }], isError: true }; } }); - src/providers/types.ts:100-100 (schema)Interface method signature defining the contract for getCertificateStatus. Part of the Provider interface that all SSL-capable providers must implement.
getCertificateStatus(certId: string): Promise<Certificate>; - Concrete Cloudflare provider implementation of getCertificateStatus. Parses the composite certId (format: zoneId:certId), validates format, calls client API, and maps response to Certificate type.
async getCertificateStatus(certId: string): Promise<Certificate> { // certId format: "zoneId:certId" — split on first colon only const sep = certId.indexOf(':'); const zoneId = sep !== -1 ? certId.substring(0, sep) : ''; const actualCertId = sep !== -1 ? certId.substring(sep + 1) : ''; if (!zoneId || !actualCertId) { throw new AgentError( 'INVALID_CERT_ID', `Invalid certificate ID format: '${certId}'. Expected format: 'zoneId:certId'.`, 'Use list_certificates to get valid certificate IDs.', 'cloudflare', ); } const cert = await this.client.getCertificateStatus(zoneId, actualCertId); return this.mapCertificate(cert, '', zoneId); } - src/tools/guards.ts:26-35 (helper)Validation helper used by the handler to verify SSL feature support. Throws AgentError if provider doesn't support SSL certificate management via API.
export function assertSsl(providerName: string, supports: (f: Feature) => boolean): void { if (!supports(Feature.SSL)) { throw new AgentError( 'FEATURE_NOT_SUPPORTED', `Provider '${providerName}' does not support SSL certificate management via API.`, 'Use Porkbun, Namecheap, or Cloudflare for SSL certificate management.', providerName, ); } }