Download origin cert dialog shows only cert, no private key

I generated an origin certificate & tried to download in PEM format. The download dialogue shows only the certificate, no private key. No ability to scroll past the cert, and looking at the page source the 2 divs that should contain the key information are empty. Checked in 2 browsers in case it was a browser incompatibility (Chrome & Firefox), but no joy. Is there a bug on the website?

Hi @seezee,

When you create the origin cert the private key is listed there, but Cloudflare doesn’t store it for retrieval later. You can create a new cert if you need one and use it. In the creation wizard you should see the key listed here.

Copy the contents of your private key below to your web server and set file permissions such that only your http server can access it. Additionally, you can optionally encrypt this file and provide a password to decrypt it during your origin web server startup. The private key data will not be stored at Cloudflare and will no longer be accessible once the creation is complete. Please make sure you have a local copy of this key.

4 Likes

When you create the origin cert the private key is listed there, but Cloudflare doesn’t store it for retrieval later. You can create a new cert if you need one and use it. In the creation wizard you should see the key listed here.

And yet they have this in the instructions:
**Save both the private key and certificate below to your web server.** To save, copy the contents of the boxes below and paste them into different files on your web server, e.g., example.com.pem and example.com.key. After saving, select your web server from the dropdown and click the “Show Instructions” button for an installation guide.

That is stupidly misleading to still add wording that makes it look like you should be able to see both

3 Likes

then why does the page still say Save both the private key and certificate below to your web server. ?

1 Like

Because we’re reusing components I’d imagine. Text should probably be updated, but the behavior is documented and correct during the creation process.

Copy the contents of your private key below to your web server and set file permissions such that only your http server can access it. Additionally, you can optionally encrypt this file and provide a password to decrypt it during your origin web server startup. The private key data will not be stored at Cloudflare and will no longer be accessible once the creation is complete. Please make sure you have a local copy of this key.

1 Like