diff --git a/docs/resources/cdn.md b/docs/resources/cdn.md
index 0ec013c..90d7730 100644
--- a/docs/resources/cdn.md
+++ b/docs/resources/cdn.md
@@ -156,3 +156,15 @@ Optional:
 - `port` (Number)
 - `protocol` (String)
 - `query_key` (String)
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import cdn77_cdn.example <id>
+
+# <id> must be the ID (unsigned integer) of the CDN
+# Example:
+$ terraform import cdn77_cdn.example 1837865409
+```
diff --git a/docs/resources/origin.md b/docs/resources/origin.md
index 47785f3..fc6cd08 100644
--- a/docs/resources/origin.md
+++ b/docs/resources/origin.md
@@ -48,3 +48,36 @@ resource "cdn77_origin" "example" {
 - `access_key_id` (String) Access key to your Object Storage bucket
 - `access_key_secret` (String, Sensitive) Access secret to your Object Storage bucket
 - `id` (String) Origin ID (UUID)
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import cdn77_origin.example <id>,<type>[,type-specific parameters,...]
+
+# <id> must be the ID (UUID) of the Origin
+# <type> must be a type of the Origin (one of: "aws", "object-storage", "url")
+# Depending on the type of the origin there may be other required parameters:
+
+# URL type doesn't need other parameters
+$ terraform import cdn77_origin.example <id>,url
+
+# AWS type requires access key secret
+# <aws_access_key_secret> must be the secret of the AWS access key that you provided when creating the Origin
+$ terraform import cdn77_origin.example <id>,aws,<aws_access_key_secret>
+
+# Object Storage type requires ACL, cluster ID, access key ID and access key secret
+# <acl> must be ACL type (one of: "authenticated-read", "private", "public-read", "public-read-write")
+# <cluster_id> must be an ID (UUID) of the Object Storage cluster
+# <access_key_id> must be the ID of the access key that was returned when creating the Origin
+# <access_key_secret> must be the secret of the access key that was returned when creating the Origin
+$ terraform import cdn77_origin.example <id>,object-storage,<acl>,<cluster_id>,<access_key_id>,<access_key_secret>
+
+# Examples:
+$ terraform import cdn77_origin.example_url 4cd2378b-dec8-49e2-aa17-bf7561452998,url
+$ terraform import cdn77_origin.example_aws 4cd2378b-dec8-49e2-aa17-bf7561452998,aws,\
+VWK92izmd7zpY8Khs/Dllv4yLYc4sFWNyg2XtuNF
+$ terraform import cdn77_origin.example_object_storage 4cd2378b-dec8-49e2-aa17-bf7561452998,object-storage,\
+private,842b5641-b641-4723-ac81-f8cc286e288f,I17DXFE00GNJZVQUTQPW,7UG7WbcIz4VhZnVxV4XQcDR2X0APApuvthyATf2v
+```
diff --git a/docs/resources/ssl.md b/docs/resources/ssl.md
index bb39550..55ea725 100644
--- a/docs/resources/ssl.md
+++ b/docs/resources/ssl.md
@@ -32,3 +32,24 @@ resource "cdn77_ssl" "example" {
 - `expires_at` (String) Date and time of the SNI certificate expiration
 - `id` (String) ID (UUID) of the SSL certificate
 - `subjects` (Set of String) Subjects (domain names) of the certificate
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+$ terraform import cdn77_ssl.example <id>,<private_key>
+
+# <id> must be the ID (UUID) of the SSL certificate
+# <privateKey> must be an entire private key (including PEM headers) encoded via base64.
+# Example:
+$ key=$(base64 --wrap=0 key.pem <<EOL
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIHqBB2YZkISl1T5TmmZciLN4cJfJPZ6CDpkLgwTiDVyEoAoGCCqGSM49
+AwEHoUQDQgAE+lmT51fh5oPIAvtPOEvDw4Ct2sKCt1kYhASlD5b62pT2UyXPrRWp
+ekd7UQCYC8K86F1OFeupn2DCOnyGCyK8mw==
+-----END EC PRIVATE KEY-----
+EOL
+)
+$ terraform import cdn77_ssl.example "4cd2378b-dec8-49e2-aa17-bf7561452998,$key"
+```
diff --git a/examples/resources/cdn77_cdn/import.sh b/examples/resources/cdn77_cdn/import.sh
new file mode 100644
index 0000000..a0a63fb
--- /dev/null
+++ b/examples/resources/cdn77_cdn/import.sh
@@ -0,0 +1,5 @@
+$ terraform import cdn77_cdn.example <id>
+
+# <id> must be the ID (unsigned integer) of the CDN
+# Example:
+$ terraform import cdn77_cdn.example 1837865409
diff --git a/examples/resources/cdn77_origin/import.sh b/examples/resources/cdn77_origin/import.sh
new file mode 100644
index 0000000..3e4a5f9
--- /dev/null
+++ b/examples/resources/cdn77_origin/import.sh
@@ -0,0 +1,26 @@
+$ terraform import cdn77_origin.example <id>,<type>[,type-specific parameters,...]
+
+# <id> must be the ID (UUID) of the Origin
+# <type> must be a type of the Origin (one of: "aws", "object-storage", "url")
+# Depending on the type of the origin there may be other required parameters:
+
+# URL type doesn't need other parameters
+$ terraform import cdn77_origin.example <id>,url
+
+# AWS type requires access key secret
+# <aws_access_key_secret> must be the secret of the AWS access key that you provided when creating the Origin
+$ terraform import cdn77_origin.example <id>,aws,<aws_access_key_secret>
+
+# Object Storage type requires ACL, cluster ID, access key ID and access key secret
+# <acl> must be ACL type (one of: "authenticated-read", "private", "public-read", "public-read-write")
+# <cluster_id> must be an ID (UUID) of the Object Storage cluster
+# <access_key_id> must be the ID of the access key that was returned when creating the Origin
+# <access_key_secret> must be the secret of the access key that was returned when creating the Origin
+$ terraform import cdn77_origin.example <id>,object-storage,<acl>,<cluster_id>,<access_key_id>,<access_key_secret>
+
+# Examples:
+$ terraform import cdn77_origin.example_url 4cd2378b-dec8-49e2-aa17-bf7561452998,url
+$ terraform import cdn77_origin.example_aws 4cd2378b-dec8-49e2-aa17-bf7561452998,aws,\
+VWK92izmd7zpY8Khs/Dllv4yLYc4sFWNyg2XtuNF
+$ terraform import cdn77_origin.example_object_storage 4cd2378b-dec8-49e2-aa17-bf7561452998,object-storage,\
+private,842b5641-b641-4723-ac81-f8cc286e288f,I17DXFE00GNJZVQUTQPW,7UG7WbcIz4VhZnVxV4XQcDR2X0APApuvthyATf2v
diff --git a/examples/resources/cdn77_ssl/import.sh b/examples/resources/cdn77_ssl/import.sh
new file mode 100644
index 0000000..e51fac4
--- /dev/null
+++ b/examples/resources/cdn77_ssl/import.sh
@@ -0,0 +1,14 @@
+$ terraform import cdn77_ssl.example <id>,<private_key>
+
+# <id> must be the ID (UUID) of the SSL certificate
+# <privateKey> must be an entire private key (including PEM headers) encoded via base64.
+# Example:
+$ key=$(base64 --wrap=0 key.pem <<EOL
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIHqBB2YZkISl1T5TmmZciLN4cJfJPZ6CDpkLgwTiDVyEoAoGCCqGSM49
+AwEHoUQDQgAE+lmT51fh5oPIAvtPOEvDw4Ct2sKCt1kYhASlD5b62pT2UyXPrRWp
+ekd7UQCYC8K86F1OFeupn2DCOnyGCyK8mw==
+-----END EC PRIVATE KEY-----
+EOL
+)
+$ terraform import cdn77_ssl.example "4cd2378b-dec8-49e2-aa17-bf7561452998,$key"
diff --git a/go.mod b/go.mod
index 6203f0d..4a26e37 100644
--- a/go.mod
+++ b/go.mod
@@ -6,13 +6,13 @@ require (
 	github.com/cdn77/cdn77-client-go v1.0.0
 	github.com/google/uuid v1.6.0
 	github.com/hashicorp/terraform-plugin-docs v0.19.4
-	github.com/hashicorp/terraform-plugin-framework v1.9.0
-	github.com/hashicorp/terraform-plugin-framework-validators v0.12.0
+	github.com/hashicorp/terraform-plugin-framework v1.10.0
+	github.com/hashicorp/terraform-plugin-framework-validators v0.13.0
 	github.com/hashicorp/terraform-plugin-go v0.23.0
 	github.com/hashicorp/terraform-plugin-log v0.9.0
-	github.com/hashicorp/terraform-plugin-testing v1.8.0
+	github.com/hashicorp/terraform-plugin-testing v1.9.0
 	github.com/oapi-codegen/nullable v1.1.0
-	golang.org/x/exp v0.0.0-20240613232115-7f521ea00fb8
+	golang.org/x/exp v0.0.0-20240707233637-46b078467d37
 )
 
 require (
@@ -31,7 +31,7 @@ require (
 	github.com/cloudflare/circl v1.3.7 // indirect
 	github.com/deepmap/oapi-codegen/v2 v2.2.0 // indirect
 	github.com/fatih/color v1.16.0 // indirect
-	github.com/getkin/kin-openapi v0.125.0 // indirect
+	github.com/getkin/kin-openapi v0.126.0 // indirect
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.0 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
@@ -47,11 +47,11 @@ require (
 	github.com/hashicorp/go-uuid v1.0.3 // indirect
 	github.com/hashicorp/go-version v1.7.0 // indirect
 	github.com/hashicorp/hc-install v0.7.0 // indirect
-	github.com/hashicorp/hcl/v2 v2.20.1 // indirect
+	github.com/hashicorp/hcl/v2 v2.21.0 // indirect
 	github.com/hashicorp/logutils v1.0.0 // indirect
 	github.com/hashicorp/terraform-exec v0.21.0 // indirect
 	github.com/hashicorp/terraform-json v0.22.1 // indirect
-	github.com/hashicorp/terraform-plugin-sdk/v2 v2.33.0 // indirect
+	github.com/hashicorp/terraform-plugin-sdk/v2 v2.34.0 // indirect
 	github.com/hashicorp/terraform-registry-address v0.2.3 // indirect
 	github.com/hashicorp/terraform-svchost v0.1.1 // indirect
 	github.com/hashicorp/yamux v0.1.1 // indirect
@@ -82,13 +82,13 @@ require (
 	github.com/yuin/goldmark-meta v1.1.0 // indirect
 	github.com/zclconf/go-cty v1.14.4 // indirect
 	go.abhg.dev/goldmark/frontmatter v0.2.0 // indirect
-	golang.org/x/crypto v0.24.0 // indirect
-	golang.org/x/mod v0.18.0 // indirect
-	golang.org/x/net v0.26.0 // indirect
+	golang.org/x/crypto v0.25.0 // indirect
+	golang.org/x/mod v0.19.0 // indirect
+	golang.org/x/net v0.27.0 // indirect
 	golang.org/x/sync v0.7.0 // indirect
-	golang.org/x/sys v0.21.0 // indirect
+	golang.org/x/sys v0.22.0 // indirect
 	golang.org/x/text v0.16.0 // indirect
-	golang.org/x/tools v0.22.0 // indirect
+	golang.org/x/tools v0.23.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de // indirect
 	google.golang.org/grpc v1.63.2 // indirect
diff --git a/go.sum b/go.sum
index b2c4bd9..1585e63 100644
--- a/go.sum
+++ b/go.sum
@@ -49,8 +49,8 @@ github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM=
 github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE=
 github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE=
 github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps=
-github.com/getkin/kin-openapi v0.125.0 h1:jyQCyf2qXS1qvs2U00xQzkGCqYPhEhZDmSmVt65fXno=
-github.com/getkin/kin-openapi v0.125.0/go.mod h1:wb1aSZA/iWmorQP9KTAS/phLj/t17B5jT7+fS8ed9NM=
+github.com/getkin/kin-openapi v0.126.0 h1:c2cSgLnAsS0xYfKsgt5oBV6MYRM/giU8/RtwUY4wyfY=
+github.com/getkin/kin-openapi v0.126.0/go.mod h1:7mONz8IwmSRg6RttPu6v8U/OJ+gr+J99qSFNjPGSQqw=
 github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI=
 github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic=
 github.com/go-git/go-billy/v5 v5.5.0 h1:yEY4yhzCDuMGSv83oGxiBotRzhwhNr8VZyphhiu+mTU=
@@ -103,8 +103,8 @@ github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKe
 github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
 github.com/hashicorp/hc-install v0.7.0 h1:Uu9edVqjKQxxuD28mR5TikkKDd/p55S8vzPC1659aBk=
 github.com/hashicorp/hc-install v0.7.0/go.mod h1:ELmmzZlGnEcqoUMKUuykHaPCIR1sYLYX+KSggWSKZuA=
-github.com/hashicorp/hcl/v2 v2.20.1 h1:M6hgdyz7HYt1UN9e61j+qKJBqR3orTWbI1HKBJEdxtc=
-github.com/hashicorp/hcl/v2 v2.20.1/go.mod h1:TZDqQ4kNKCbh1iJp99FdPiUaVDDUPivbqxZulxDYqL4=
+github.com/hashicorp/hcl/v2 v2.21.0 h1:lve4q/o/2rqwYOgUg3y3V2YPyD1/zkCLGjIV74Jit14=
+github.com/hashicorp/hcl/v2 v2.21.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA=
 github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y=
 github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64=
 github.com/hashicorp/terraform-exec v0.21.0 h1:uNkLAe95ey5Uux6KJdua6+cv8asgILFVWkd/RG0D2XQ=
@@ -113,18 +113,18 @@ github.com/hashicorp/terraform-json v0.22.1 h1:xft84GZR0QzjPVWs4lRUwvTcPnegqlyS7
 github.com/hashicorp/terraform-json v0.22.1/go.mod h1:JbWSQCLFSXFFhg42T7l9iJwdGXBYV8fmmD6o/ML4p3A=
 github.com/hashicorp/terraform-plugin-docs v0.19.4 h1:G3Bgo7J22OMtegIgn8Cd/CaSeyEljqjH3G39w28JK4c=
 github.com/hashicorp/terraform-plugin-docs v0.19.4/go.mod h1:4pLASsatTmRynVzsjEhbXZ6s7xBlUw/2Kt0zfrq8HxA=
-github.com/hashicorp/terraform-plugin-framework v1.9.0 h1:caLcDoxiRucNi2hk8+j3kJwkKfvHznubyFsJMWfZqKU=
-github.com/hashicorp/terraform-plugin-framework v1.9.0/go.mod h1:qBXLDn69kM97NNVi/MQ9qgd1uWWsVftGSnygYG1tImM=
-github.com/hashicorp/terraform-plugin-framework-validators v0.12.0 h1:HOjBuMbOEzl7snOdOoUfE2Jgeto6JOjLVQ39Ls2nksc=
-github.com/hashicorp/terraform-plugin-framework-validators v0.12.0/go.mod h1:jfHGE/gzjxYz6XoUwi/aYiiKrJDeutQNUtGQXkaHklg=
+github.com/hashicorp/terraform-plugin-framework v1.10.0 h1:xXhICE2Fns1RYZxEQebwkB2+kXouLC932Li9qelozrc=
+github.com/hashicorp/terraform-plugin-framework v1.10.0/go.mod h1:qBXLDn69kM97NNVi/MQ9qgd1uWWsVftGSnygYG1tImM=
+github.com/hashicorp/terraform-plugin-framework-validators v0.13.0 h1:bxZfGo9DIUoLLtHMElsu+zwqI4IsMZQBRRy4iLzZJ8E=
+github.com/hashicorp/terraform-plugin-framework-validators v0.13.0/go.mod h1:wGeI02gEhj9nPANU62F2jCaHjXulejm/X+af4PdZaNo=
 github.com/hashicorp/terraform-plugin-go v0.23.0 h1:AALVuU1gD1kPb48aPQUjug9Ir/125t+AAurhqphJ2Co=
 github.com/hashicorp/terraform-plugin-go v0.23.0/go.mod h1:1E3Cr9h2vMlahWMbsSEcNrOCxovCZhOOIXjFHbjc/lQ=
 github.com/hashicorp/terraform-plugin-log v0.9.0 h1:i7hOA+vdAItN1/7UrfBqBwvYPQ9TFvymaRGZED3FCV0=
 github.com/hashicorp/terraform-plugin-log v0.9.0/go.mod h1:rKL8egZQ/eXSyDqzLUuwUYLVdlYeamldAHSxjUFADow=
-github.com/hashicorp/terraform-plugin-sdk/v2 v2.33.0 h1:qHprzXy/As0rxedphECBEQAh3R4yp6pKksKHcqZx5G8=
-github.com/hashicorp/terraform-plugin-sdk/v2 v2.33.0/go.mod h1:H+8tjs9TjV2w57QFVSMBQacf8k/E1XwLXGCARgViC6A=
-github.com/hashicorp/terraform-plugin-testing v1.8.0 h1:wdYIgwDk4iO933gC4S8KbKdnMQShu6BXuZQPScmHvpk=
-github.com/hashicorp/terraform-plugin-testing v1.8.0/go.mod h1:o2kOgf18ADUaZGhtOl0YCkfIxg01MAiMATT2EtIHlZk=
+github.com/hashicorp/terraform-plugin-sdk/v2 v2.34.0 h1:kJiWGx2kiQVo97Y5IOGR4EMcZ8DtMswHhUuFibsCQQE=
+github.com/hashicorp/terraform-plugin-sdk/v2 v2.34.0/go.mod h1:sl/UoabMc37HA6ICVMmGO+/0wofkVIRxf+BMb/dnoIg=
+github.com/hashicorp/terraform-plugin-testing v1.9.0 h1:xOsQRqqlHKXpFq6etTxih3ubdK3HVDtfE1IY7Rpd37o=
+github.com/hashicorp/terraform-plugin-testing v1.9.0/go.mod h1:fhhVx/8+XNJZTD5o3b4stfZ6+q7z9+lIWigIYdT6/44=
 github.com/hashicorp/terraform-registry-address v0.2.3 h1:2TAiKJ1A3MAkZlH1YI/aTVcLZRu7JseiXNRHbOAyoTI=
 github.com/hashicorp/terraform-registry-address v0.2.3/go.mod h1:lFHA76T8jfQteVfT7caREqguFrW3c4MFSPhZB7HHgUM=
 github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S52uzrw4x0jKQ=
@@ -234,27 +234,27 @@ github.com/yuin/goldmark-meta v1.1.0 h1:pWw+JLHGZe8Rk0EGsMVssiNb/AaPMHfSRszZeUei
 github.com/yuin/goldmark-meta v1.1.0/go.mod h1:U4spWENafuA7Zyg+Lj5RqK/MF+ovMYtBvXi1lBb2VP0=
 github.com/zclconf/go-cty v1.14.4 h1:uXXczd9QDGsgu0i/QFR/hzI5NYCHLf6NQw/atrbnhq8=
 github.com/zclconf/go-cty v1.14.4/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE=
-github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b h1:FosyBZYxY34Wul7O/MSKey3txpPYyCqVO5ZyceuQJEI=
-github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8=
+github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940 h1:4r45xpDWB6ZMSMNJFMOjqrGHynW3DIBuR2H9j0ug+Mo=
+github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940/go.mod h1:CmBdvvj3nqzfzJ6nTCIwDTPZ56aVGvDrmztiO5g3qrM=
 go.abhg.dev/goldmark/frontmatter v0.2.0 h1:P8kPG0YkL12+aYk2yU3xHv4tcXzeVnN+gU0tJ5JnxRw=
 go.abhg.dev/goldmark/frontmatter v0.2.0/go.mod h1:XqrEkZuM57djk7zrlRUB02x8I5J0px76YjkOzhB4YlU=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
-golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI=
-golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM=
-golang.org/x/exp v0.0.0-20240613232115-7f521ea00fb8 h1:yixxcjnhBmY0nkL253HFVIm0JsFHwrHdT3Yh6szTnfY=
-golang.org/x/exp v0.0.0-20240613232115-7f521ea00fb8/go.mod h1:jj3sYF3dwk5D+ghuXyeI3r5MFf+NT2An6/9dOA95KSI=
+golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30=
+golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M=
+golang.org/x/exp v0.0.0-20240707233637-46b078467d37 h1:uLDX+AfeFCct3a2C7uIWBKMJIR3CJMhcgfrUAqjRK6w=
+golang.org/x/exp v0.0.0-20240707233637-46b078467d37/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
-golang.org/x/mod v0.18.0 h1:5+9lSbEzPSdWkH32vYPBwEpX8KwDbM52Ud9xBUvNlb0=
-golang.org/x/mod v0.18.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
+golang.org/x/mod v0.19.0 h1:fEdghXQSo20giMthA7cd28ZC+jts4amQ3YMXiP5oMQ8=
+golang.org/x/mod v0.19.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
-golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
-golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
+golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
+golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -273,8 +273,8 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
-golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
+golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
@@ -289,8 +289,8 @@ golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
-golang.org/x/tools v0.22.0 h1:gqSGLZqv+AI9lIQzniJ0nZDRG5GBPsSi+DRNHWNz6yA=
-golang.org/x/tools v0.22.0/go.mod h1:aCwcsjqvq7Yqt6TNyX7QMU2enbQ/Gt0bo6krSeEri+c=
+golang.org/x/tools v0.23.0 h1:SGsXPZ+2l4JsgaCKkx+FQ9YZ5XEtA1GZYuoDjenLjvg=
+golang.org/x/tools v0.23.0/go.mod h1:pnu6ufv6vQkll6szChhK3C3L/ruaIv5eBeztNG8wtsI=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
diff --git a/internal/provider/cdn_resource.go b/internal/provider/cdn_resource.go
index c544c79..1ea03d8 100644
--- a/internal/provider/cdn_resource.go
+++ b/internal/provider/cdn_resource.go
@@ -2,6 +2,8 @@ package provider
 
 import (
 	"context"
+	"fmt"
+	"strconv"
 	"time"
 
 	"github.com/cdn77/cdn77-client-go"
@@ -16,6 +18,7 @@ import (
 var (
 	_ resource.ResourceWithConfigure        = &CdnResource{}
 	_ resource.ResourceWithConfigValidators = &CdnResource{}
+	_ resource.ResourceWithImportState      = &CdnResource{}
 )
 
 func NewCdnResource() resource.Resource {
@@ -185,6 +188,24 @@ func (r *CdnResource) Delete(ctx context.Context, req resource.DeleteRequest, re
 	util.CheckResponse(&resp.Diagnostics, errMessage, response, response.JSON404, response.JSONDefault)
 }
 
+func (*CdnResource) ImportState(
+	ctx context.Context,
+	req resource.ImportStateRequest,
+	resp *resource.ImportStateResponse,
+) {
+	id, err := strconv.ParseUint(req.ID, 10, 64)
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Invalid Import Identifier",
+			fmt.Sprintf("Expected unsigned integer, got: %q", req.ID),
+		)
+
+		return
+	}
+
+	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("id"), id)...)
+}
+
 func (*CdnResource) createDefaultEditRequest() cdn77.CdnEditJSONRequestBody {
 	return cdn77.CdnEditJSONRequestBody{
 		Cache: &cdn77.Cache{
diff --git a/internal/provider/cdn_resource_test.go b/internal/provider/cdn_resource_test.go
index fe48a1a..af3b863 100644
--- a/internal/provider/cdn_resource_test.go
+++ b/internal/provider/cdn_resource_test.go
@@ -514,12 +514,47 @@ func TestAccCdnResource(t *testing.T) {
 	})
 }
 
+func TestAccCdnResourceImport(t *testing.T) {
+	client := acctest.GetClient(t)
+	rsc := "cdn77_cdn.lorem"
+	var cdnId string
+
+	resource.Test(t, resource.TestCase{
+		ProtoV6ProviderFactories: acctest.GetProviderFactories(),
+		CheckDestroy: func(state *terraform.State) error {
+			return errors.Join(checkCdnsDestroyed(client)(state), checkOriginsDestroyed(client)(state))
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: OriginResourceConfig + `resource "cdn77_cdn" "lorem" {
+					origin_id = cdn77_origin.url.id
+					label = "my cdn"
+					note = "custom note"
+				}`,
+				Check: resource.TestCheckResourceAttrWith(rsc, "id", func(value string) (err error) {
+					cdnId = value
+
+					return nil
+				}),
+			},
+			{
+				ResourceName: rsc,
+				ImportState:  true,
+				ImportStateIdFunc: func(*terraform.State) (string, error) {
+					return cdnId, nil
+				},
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
 func checkCdn(
 	client cdn77.ClientWithResponsesInterface,
 	cdnId *int,
 	fn func(o *cdn77.Cdn) error,
 ) func(*terraform.State) error {
-	return func(_ *terraform.State) error {
+	return func(*terraform.State) error {
 		response, err := client.CdnDetailWithResponse(context.Background(), *cdnId)
 		message := fmt.Sprintf("failed to get CDN[id=%d]: %%s", *cdnId)
 
diff --git a/internal/provider/object_storages_data_source_test.go b/internal/provider/object_storages_data_source_test.go
index a1dfa11..e06dd38 100644
--- a/internal/provider/object_storages_data_source_test.go
+++ b/internal/provider/object_storages_data_source_test.go
@@ -43,4 +43,9 @@ func TestAccObjectStoragesDataSource_All(t *testing.T) {
 const objectStoragesDataSourceConfig = `
 data "cdn77_object_storages" "all" {
 }
+
+locals {
+	eu_cluster_id = one([for os in data.cdn77_object_storages.all.clusters : os.id if os.label == "EU"])
+	us_cluster_id = one([for os in data.cdn77_object_storages.all.clusters : os.id if os.label == "US"])
+}
 `
diff --git a/internal/provider/origin_resource.go b/internal/provider/origin_resource.go
index 0d42cf0..528a876 100644
--- a/internal/provider/origin_resource.go
+++ b/internal/provider/origin_resource.go
@@ -4,10 +4,12 @@ import (
 	"context"
 	"fmt"
 	"net/http"
+	"strings"
 
 	"github.com/cdn77/cdn77-client-go"
 	"github.com/cdn77/terraform-provider-cdn77/internal/util"
 	"github.com/hashicorp/terraform-plugin-framework/diag"
+	"github.com/hashicorp/terraform-plugin-framework/path"
 	"github.com/hashicorp/terraform-plugin-framework/resource"
 	"github.com/hashicorp/terraform-plugin-framework/tfsdk"
 	"github.com/hashicorp/terraform-plugin-framework/types"
@@ -17,6 +19,7 @@ import (
 var (
 	_ resource.ResourceWithConfigure        = &OriginResource{}
 	_ resource.ResourceWithConfigValidators = &OriginResource{}
+	_ resource.ResourceWithImportState      = &OriginResource{}
 )
 
 func NewOriginResource() resource.Resource {
@@ -145,6 +148,72 @@ func (r *OriginResource) Delete(ctx context.Context, req resource.DeleteRequest,
 	}
 }
 
+func (*OriginResource) ImportState(
+	ctx context.Context,
+	req resource.ImportStateRequest,
+	resp *resource.ImportStateResponse,
+) {
+	idParts := strings.Split(req.ID, ",")
+	if len(idParts) < 2 {
+		resp.Diagnostics.AddError(
+			"Invalid Import Identifier",
+			fmt.Sprintf(
+				`Expected one of: \n\t"<id>,url"\n\t"<id>,aws,<aws_access_key_secret>" \n\t`+
+					`"<id>,object-storage,<acl>,<cluster_id>,<access_key_id>,<access_key_secret>")\nGot: %q`,
+				req.ID,
+			),
+		)
+	}
+
+	id := idParts[0]
+	originType := idParts[1]
+
+	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("id"), id)...)
+	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("type"), originType)...)
+
+	switch originType {
+	case OriginTypeAws:
+		if len(idParts) != 3 {
+			resp.Diagnostics.AddError(
+				"Invalid AWS Origin Import Identifier",
+				fmt.Sprintf(`Expected "<id>,aws,<aws_access_key_secret>"; got: %q`, req.ID),
+			)
+
+			return
+		}
+
+		resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("aws_access_key_secret"), idParts[2])...)
+	case OriginTypeObjectStorage:
+		if len(idParts) != 6 {
+			resp.Diagnostics.AddError(
+				"Invalid Object Storage Origin Import Identifier",
+				fmt.Sprintf(
+					`Expected "<id>,object-storage,<acl>,<cluster_id>,<access_key_id>,<access_key_secret>"; got: %q`,
+					req.ID,
+				),
+			)
+
+			return
+		}
+
+		resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("acl"), idParts[2])...)
+		resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("cluster_id"), idParts[3])...)
+		resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("access_key_id"), idParts[4])...)
+		resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("access_key_secret"), idParts[5])...)
+	case OriginTypeUrl:
+		if len(idParts) != 2 {
+			resp.Diagnostics.AddError(
+				"Invalid URL Origin Import Identifier",
+				fmt.Sprintf(`Expected "<id>,url"; got: %q`, req.ID),
+			)
+
+			return
+		}
+	default:
+		addUnknownOriginTypeError(&resp.Diagnostics, OriginModel{Type: types.StringValue(originType)})
+	}
+}
+
 func (r *OriginResource) createAws(
 	ctx context.Context,
 	diags *diag.Diagnostics,
diff --git a/internal/provider/origin_resource_test.go b/internal/provider/origin_resource_test.go
index ea9b6ef..980291e 100644
--- a/internal/provider/origin_resource_test.go
+++ b/internal/provider/origin_resource_test.go
@@ -244,6 +244,44 @@ func TestAccOriginResource_Aws(t *testing.T) {
 	})
 }
 
+func TestAccOriginResourceImport_Aws(t *testing.T) {
+	client := acctest.GetClient(t)
+	rsc := "cdn77_origin.aws"
+	var originId string
+
+	resource.Test(t, resource.TestCase{
+		ProtoV6ProviderFactories: acctest.GetProviderFactories(),
+		CheckDestroy:             checkOriginsDestroyed(client),
+		Steps: []resource.TestStep{
+			{
+				Config: `resource "cdn77_origin" "aws" {
+					type = "aws"
+					label = "some label"
+					note = "some note"
+					aws_access_key_id = "keyid"
+					aws_access_key_secret = "keysecret"
+					aws_region = "eu"
+					scheme = "http"
+					host = "my-totally-random-custom-host.com"
+				}`,
+				Check: resource.TestCheckResourceAttrWith(rsc, "id", func(value string) error {
+					originId = value
+
+					return acctest.NotEqual(value, "")
+				}),
+			},
+			{
+				ResourceName: rsc,
+				ImportState:  true,
+				ImportStateIdFunc: func(*terraform.State) (string, error) {
+					return fmt.Sprintf("%s,aws,keysecret", originId), nil
+				},
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
 func TestAccOriginResource_ObjectStorage(t *testing.T) {
 	client := acctest.GetClient(t)
 	bucketName := "my-bucket-" + uuid.New().String()
@@ -251,16 +289,6 @@ func TestAccOriginResource_ObjectStorage(t *testing.T) {
 	var originId string
 	var clusterId string
 
-	const objectStoragesDataSourceConfig = `
-		data "cdn77_object_storages" "all" {
-		}
-
-		locals {
-			eu_cluster_id = one([for os in data.cdn77_object_storages.all.clusters : os.id if os.label == "EU"])
-			us_cluster_id = one([for os in data.cdn77_object_storages.all.clusters : os.id if os.label == "US"])
-		}
-	`
-
 	resource.Test(t, resource.TestCase{
 		ProtoV6ProviderFactories: acctest.GetProviderFactories(),
 		CheckDestroy:             checkOriginsDestroyed(client),
@@ -598,6 +626,63 @@ func TestAccOriginResource_ObjectStorage(t *testing.T) {
 	})
 }
 
+func TestAccOriginResourceImport_ObjectStorage(t *testing.T) {
+	client := acctest.GetClient(t)
+	rsc := "cdn77_origin.os"
+	bucketName := "my-bucket-" + uuid.New().String()
+	var originId, clusterId, accessKeyId, accessKeySecret string
+
+	resource.Test(t, resource.TestCase{
+		ProtoV6ProviderFactories: acctest.GetProviderFactories(),
+		CheckDestroy:             checkOriginsDestroyed(client),
+		Steps: []resource.TestStep{
+			{
+				Config: acctest.Config(objectStoragesDataSourceConfig+`resource "cdn77_origin" "os" {
+					type = "object-storage"
+					label = "some label"
+					note = "some note"
+					acl = "private"
+					cluster_id = local.eu_cluster_id
+					bucket_name = "{bucketName}"
+				}`, "bucketName", bucketName),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttrWith(rsc, "id", func(value string) error {
+						originId = value
+
+						return acctest.NotEqual(value, "")
+					}),
+					resource.TestCheckResourceAttrWith(rsc, "cluster_id", func(value string) error {
+						clusterId = value
+
+						return acctest.NotEqual(value, "")
+					}),
+					resource.TestCheckResourceAttrWith(rsc, "access_key_id", func(value string) error {
+						accessKeyId = value
+
+						return acctest.NotEqual(value, "")
+					}),
+					resource.TestCheckResourceAttrWith(rsc, "access_key_secret", func(value string) error {
+						accessKeySecret = value
+
+						return acctest.NotEqual(value, "")
+					}),
+				),
+			},
+			{
+				ResourceName: rsc,
+				ImportState:  true,
+				ImportStateIdFunc: func(*terraform.State) (string, error) {
+					return fmt.Sprintf(
+						"%s,object-storage,private,%s,%s,%s",
+						originId, clusterId, accessKeyId, accessKeySecret,
+					), nil
+				},
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
 func TestAccOriginResource_Url(t *testing.T) {
 	client := acctest.GetClient(t)
 	var originId string
@@ -821,12 +906,47 @@ func TestAccOriginResource_Url(t *testing.T) {
 	})
 }
 
+func TestAccOriginResourceImport_Url(t *testing.T) {
+	client := acctest.GetClient(t)
+	rsc := "cdn77_origin.url"
+	var originId string
+
+	resource.Test(t, resource.TestCase{
+		ProtoV6ProviderFactories: acctest.GetProviderFactories(),
+		CheckDestroy:             checkOriginsDestroyed(client),
+		Steps: []resource.TestStep{
+			{
+				Config: `resource "cdn77_origin" "url" {
+					type = "url"
+					label = "some label"
+					note = "some note"
+					scheme = "http"
+					host = "my-totally-random-custom-host.com"
+				}`,
+				Check: resource.TestCheckResourceAttrWith(rsc, "id", func(value string) error {
+					originId = value
+
+					return acctest.NotEqual(value, "")
+				}),
+			},
+			{
+				ResourceName: rsc,
+				ImportState:  true,
+				ImportStateIdFunc: func(*terraform.State) (string, error) {
+					return fmt.Sprintf("%s,url", originId), nil
+				},
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
 func checkAwsOrigin(
 	client cdn77.ClientWithResponsesInterface,
 	originId *string,
 	fn func(o *cdn77.S3OriginDetail) error,
 ) func(*terraform.State) error {
-	return func(_ *terraform.State) error {
+	return func(*terraform.State) error {
 		response, err := client.OriginDetailAwsWithResponse(context.Background(), *originId)
 		message := fmt.Sprintf("failed to get Origin[id=%s]: %%s", *originId)
 
@@ -843,7 +963,7 @@ func checkObjectStorageOrigin(
 	originId *string,
 	fn func(o *cdn77.ObjectStorageOriginDetail) error,
 ) func(*terraform.State) error {
-	return func(_ *terraform.State) error {
+	return func(*terraform.State) error {
 		response, err := client.OriginDetailObjectStorageWithResponse(context.Background(), *originId)
 		message := fmt.Sprintf("failed to get Origin[id=%s]: %%s", *originId)
 
@@ -860,7 +980,7 @@ func checkUrlOrigin(
 	originId *string,
 	fn func(o *cdn77.UrlOriginDetail) error,
 ) func(*terraform.State) error {
-	return func(_ *terraform.State) error {
+	return func(*terraform.State) error {
 		response, err := client.OriginDetailUrlWithResponse(context.Background(), *originId)
 		message := fmt.Sprintf("failed to get Origin[id=%s]: %%s", *originId)
 
diff --git a/internal/provider/ssl_resource.go b/internal/provider/ssl_resource.go
index 9dcb898..5824922 100644
--- a/internal/provider/ssl_resource.go
+++ b/internal/provider/ssl_resource.go
@@ -2,14 +2,21 @@ package provider
 
 import (
 	"context"
+	"encoding/base64"
+	"fmt"
+	"strings"
 
 	"github.com/cdn77/cdn77-client-go"
 	"github.com/cdn77/terraform-provider-cdn77/internal/util"
+	"github.com/hashicorp/terraform-plugin-framework/path"
 	"github.com/hashicorp/terraform-plugin-framework/resource"
 	"github.com/hashicorp/terraform-plugin-framework/types"
 )
 
-var _ resource.ResourceWithConfigure = &SslResource{}
+var (
+	_ resource.ResourceWithConfigure   = &SslResource{}
+	_ resource.ResourceWithImportState = &SslResource{}
+)
 
 func NewSslResource() resource.Resource {
 	return &SslResource{}
@@ -132,3 +139,38 @@ func (r *SslResource) Delete(ctx context.Context, req resource.DeleteRequest, re
 		return
 	}
 }
+
+func (*SslResource) ImportState(
+	ctx context.Context,
+	req resource.ImportStateRequest,
+	resp *resource.ImportStateResponse,
+) {
+	idParts := strings.Split(req.ID, ",")
+
+	if len(idParts) != 2 || idParts[0] == "" || idParts[1] == "" {
+		resp.Diagnostics.AddError(
+			"Unexpected Import Identifier",
+			fmt.Sprintf(
+				"Expected import identifier with format: <id>,<privateKey>. "+
+					"<privateKey> must be the whole PEM file (including headers) encoded via base64. Got: %q",
+				req.ID,
+			),
+		)
+
+		return
+	}
+
+	id, privateKeyBase64 := idParts[0], idParts[1]
+
+	privateKey, err := base64.StdEncoding.DecodeString(privateKeyBase64)
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Invalid Private Key",
+			"Private Key must be base64 encoded key (including the PEM headers)")
+
+		return
+	}
+
+	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("id"), id)...)
+	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("private_key"), string(privateKey))...)
+}
diff --git a/internal/provider/ssl_resource_test.go b/internal/provider/ssl_resource_test.go
index 71b086c..0da8e74 100644
--- a/internal/provider/ssl_resource_test.go
+++ b/internal/provider/ssl_resource_test.go
@@ -2,6 +2,7 @@ package provider_test
 
 import (
 	"context"
+	"encoding/base64"
 	"errors"
 	"fmt"
 	"sort"
@@ -91,12 +92,41 @@ func TestAccSslResource(t *testing.T) {
 	})
 }
 
+func TestAccSslResourceImport(t *testing.T) {
+	client := acctest.GetClient(t)
+	rsc := "cdn77_ssl.crt"
+	var sslId string
+
+	resource.Test(t, resource.TestCase{
+		ProtoV6ProviderFactories: acctest.GetProviderFactories(),
+		CheckDestroy:             checkSslsDestroyed(client),
+		Steps: []resource.TestStep{
+			{
+				Config: acctest.Config(SslResourceConfig, "cert", sslTestCert1, "key", sslTestKey),
+				Check: resource.TestCheckResourceAttrWith(rsc, "id", func(value string) error {
+					sslId = value
+
+					return acctest.NotEqual(value, "")
+				}),
+			},
+			{
+				ResourceName:      rsc,
+				ImportState:       true,
+				ImportStateVerify: true,
+				ImportStateIdFunc: func(*terraform.State) (string, error) {
+					return fmt.Sprintf("%s,%s", sslId, base64.StdEncoding.EncodeToString([]byte(sslTestKey))), nil
+				},
+			},
+		},
+	})
+}
+
 func checkSsl(
 	client cdn77.ClientWithResponsesInterface,
 	sslId *string,
 	fn func(o *cdn77.Ssl) error,
 ) func(*terraform.State) error {
-	return func(_ *terraform.State) error {
+	return func(*terraform.State) error {
 		response, err := client.SslSniDetailWithResponse(context.Background(), *sslId)
 		message := fmt.Sprintf("failed to get SSL[id=%s]: %%s", *sslId)