Any update on revoking cert.pem for tunnel?

Greetings, everyone! :grinning:
So basically, Cloudflare Tunnel’s cert.pem cannot be revoked. After deleting Origin CA certificate and API token for tunnel, cert.pem is still valid.
Wouldn’t this be a security risk if cert.pem were accidentally leaked?:slightly_frowning_face:

The cert.pem origin certificate is valid for at least 10 years, and the service token it contains is valid until revoked.

Am I missing something?

Hello there, cert.pem is possible to revoke. There is a option to revoke it. Please check the Cloudflare dashboard.

Hi,
May I ask where is this “option”? I can’t find it.

This appears to be an ongoing issues. See the cloudflared repo:

They are not talking about an origin or client certificate. This is a certificate that is created when you are using cloudflared.

2 Likes

Thank you for the info.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.