Problems setting up Cloudflare on rasp pi


I have a headless rasp pi on my home network that I want to use Cloudflare with so that I can host some simple websites using the pi.

I have spent all yesterday trying to get cloudflare going - via the usual route, I get to the point where I input

‘cloudflare login’

which generates a URL. I put the URL into a browser on the pi (via VNC) and select the website I have registered with Cloudflare. I get the pop-up for authenticate, hit the button and get the message that a certificate has been installed.

Trying to create a tunnel doesn’t work as the certificate can’t be found.
I can’t find the certificate on the pi manually either.

I have followed the instructions in the Cloudflare documentation to manually create a certificate. This generates a certificate, but if I then try to create a tunnel, I get the message that there is missing token in the certificate (I filled in all the fields requested).

I’ve been trying to get ChatGPT to help, but that takes me round in circles - I suspect Cloudflare has updated its procedures since ChatGPT got a look in.

Stumped! Can anyone suggest a way forward?


Actually, my problem is very similar to the one here

I followed that poster’s suggesting to change the pi’s DNS server address to but it hasn’t fixed the problem.

Does the user you are running Cloudflared as have the required permissions to create the certificate file?

Thanks. That was worth a shot.

I did

sudo rm -rf /etc/cloudflared


sudo mkdir /etc/cloudflared
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/cloudflared/cert.pem -out /etc/cloudflared/cert.pem
sudo chmod 644 /etc/cloudflared/cert.pem

The output of this looked OK:

echo “tunnel: treeTunnel” | sudo tee /etc/cloudflared/config.yml
echo “credentials-file: /etc/cloudflared/cert.pem” | sudo tee -a /etc/cloudflared/config.yml


sudo cloudflared tunnel run

still results in:

error parsing tunnel ID: Error decoding origin cert: Missing token in the certificate

So, I always get the missing token error when I generate my own certificate, and the certificate doesn’t get installed onto the pi when I try to install a certificate via the website, even though when I click ‘Validate’ I get a message a few seconds later that a certificate has been installed and I can go ahead and run the tunnel.