@cloudflare/workers-types 4.20260531.1 → 4.20260602.1

package/2021-11-03/index.d.ts

@@ -12844,6 +12844,32 @@ interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12864,6 +12890,10 @@ interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 declare type CertVerificationStatus =

package/2021-11-03/index.ts

@@ -12861,6 +12861,32 @@ export interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12881,6 +12907,10 @@ export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 export declare type CertVerificationStatus =

package/2022-01-31/index.d.ts

@@ -12911,6 +12911,32 @@ interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12931,6 +12957,10 @@ interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 declare type CertVerificationStatus =

package/2022-01-31/index.ts

@@ -12928,6 +12928,32 @@ export interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12948,6 +12974,10 @@ export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 export declare type CertVerificationStatus =

package/2022-03-21/index.d.ts

@@ -12920,6 +12920,32 @@ interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12940,6 +12966,10 @@ interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 declare type CertVerificationStatus =

package/2022-03-21/index.ts

@@ -12937,6 +12937,32 @@ export interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12957,6 +12983,10 @@ export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 export declare type CertVerificationStatus =

package/2022-08-04/index.d.ts

@@ -12921,6 +12921,32 @@ interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12941,6 +12967,10 @@ interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 declare type CertVerificationStatus =

package/2022-08-04/index.ts

@@ -12938,6 +12938,32 @@ export interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12958,6 +12984,10 @@ export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 export declare type CertVerificationStatus =

package/2022-10-31/index.d.ts

@@ -12941,6 +12941,32 @@ interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12961,6 +12987,10 @@ interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 declare type CertVerificationStatus =

package/2022-10-31/index.ts

@@ -12958,6 +12958,32 @@ export interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12978,6 +13004,10 @@ export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 export declare type CertVerificationStatus =

package/2022-11-30/index.d.ts

@@ -12946,6 +12946,32 @@ interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12966,6 +12992,10 @@ interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 declare type CertVerificationStatus =

package/2022-11-30/index.ts

@@ -12963,6 +12963,32 @@ export interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12983,6 +13009,10 @@ export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 export declare type CertVerificationStatus =

package/2023-03-01/index.d.ts

@@ -12952,6 +12952,32 @@ interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12972,6 +12998,10 @@ interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 declare type CertVerificationStatus =

package/2023-03-01/index.ts

@@ -12969,6 +12969,32 @@ export interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12989,6 +13015,10 @@ export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 export declare type CertVerificationStatus =

package/2023-07-01/index.d.ts

@@ -12952,6 +12952,32 @@ interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12972,6 +12998,10 @@ interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 declare type CertVerificationStatus =

package/2023-07-01/index.ts

@@ -12969,6 +12969,32 @@ export interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12989,6 +13015,10 @@ export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 export declare type CertVerificationStatus =

package/experimental/index.d.ts

@@ -13653,6 +13653,32 @@ interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -13673,6 +13699,10 @@ interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 declare type CertVerificationStatus =

package/experimental/index.ts

@@ -13670,6 +13670,32 @@ export interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -13690,6 +13716,10 @@ export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 export declare type CertVerificationStatus =

package/index.d.ts

@@ -12844,6 +12844,32 @@ interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12864,6 +12890,10 @@ interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 declare type CertVerificationStatus =

package/index.ts

@@ -12861,6 +12861,32 @@ export interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12881,6 +12907,10 @@ export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 export declare type CertVerificationStatus =

package/latest/index.d.ts

@@ -12985,6 +12985,32 @@ interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -13005,6 +13031,10 @@ interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 declare type CertVerificationStatus =

package/latest/index.ts

@@ -13002,6 +13002,32 @@ export interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -13022,6 +13048,10 @@ export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 export declare type CertVerificationStatus =

package/oldest/index.d.ts

@@ -12844,6 +12844,32 @@ interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12864,6 +12890,10 @@ interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 declare type CertVerificationStatus =

package/oldest/index.ts

@@ -12861,6 +12861,32 @@ export interface IncomingRequestCfPropertiesTLSClientAuth {
    * @example "Dec 22 19:39:00 2018 GMT"
    */
   certNotAfter: string;
+  /**
+   * The client leaf certificate in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format (`:base64-DER:`). Empty if no client certificate was presented or if
+   * the leaf certificate exceeded 10 KB (see {@link certRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert` HTTP header.
+   */
+  certRFC9440: string;
+  /**
+   * `true` if the leaf certificate exceeded 10 KB and was omitted from
+   * {@link certRFC9440}.
+   */
+  certRFC9440TooLarge: boolean;
+  /**
+   * The intermediate certificate chain in [RFC 9440](https://www.rfc-editor.org/rfc/rfc9440)
+   * format as a comma-separated list. Empty if no intermediates were sent or
+   * if the chain exceeded 16 KB (see {@link certChainRFC9440TooLarge}).
+   *
+   * Suitable for forwarding to an origin via the `Client-Cert-Chain` HTTP header.
+   */
+  certChainRFC9440: string;
+  /**
+   * `true` if the intermediate chain exceeded 16 KB and was omitted from
+   * {@link certChainRFC9440}.
+   */
+  certChainRFC9440TooLarge: boolean;
 }
 /** Placeholder values for TLS Client Authorization */
 export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
@@ -12881,6 +12907,10 @@ export interface IncomingRequestCfPropertiesTLSClientAuthPlaceholder {
   certFingerprintSHA256: "";
   certNotBefore: "";
   certNotAfter: "";
+  certRFC9440: "";
+  certRFC9440TooLarge: false;
+  certChainRFC9440: "";
+  certChainRFC9440TooLarge: false;
 }
 /** Possible outcomes of TLS verification */
 export declare type CertVerificationStatus =

package/package.json

@@ -7,5 +7,5 @@
   },
   "author": "Cloudflare Workers DevProd Team <workers-devprod@cloudflare.com> (https://workers.cloudflare.com)",
   "license": "MIT OR Apache-2.0",
-  "version": "4.20260531.1"
+  "version": "4.20260602.1"
 }