Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

cloudflare-ca-bot

Package Overview
Dependencies
Maintainers
1
Versions
5
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cloudflare-ca-bot

Command-line application to make it easy to provision and automatically renew Cloudflare CA certificates

  • 1.0.1
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
0
decreased by-100%
Maintainers
1
Weekly downloads
 
Created
Source

Cloudflare Origin CA Bot

cfcabot

This is a client, inspired by Let's Encrypt's certbot, which makes it easy to request and automatically renew Cloudflare Origin CA certificates.

This only works on Linux.

Installation

Install Node.js v6 or later. Then install it via npm:

$ sudo npm install -g --unsafe-perm true cloudflare-ca-bot

The --unsafe-perm true argument is required so that the install script can run as root, which is required to create directories in /etc.

Finally, run it (as any user):

$ cfcabot

Command syntax:

$ cfcabot <command> [flags]

Available commands:

  • apikey: Set or update your Cloudflare CA API key (you will need to do this first)
  • list: List all certificates known to this machine (all these certs will be renewed when you use "renew")
  • new: Interactively get a new certificate (you will want to start here once you set your API key)
    • The output of this command will tell you where on the file system you can find your private key and certificate
  • renew: Non-interactively renew all certificates that need renewal (all certs that expire in 14 or fewer days)
    • Use --force flag to force renewal of all certificates regardless of whether renewal is needed
    • It is completely safe (and recommended) to use this command more frequently than needed. It will only make requests to Cloudflare if the certificate will imminently expire (it checks the local disk to know when it expires). It would be a good idea to run renew daily on a cronjob.
  • revoke: Interactively revoke a certificate

Security

This application is designed assuming that you fully control the operating system on which you use it. All certificates and private keys are stored in /etc/cfcabot which is accessible to any user on the system (so that you can run cfcabot as an unprivileged user and still have the keys accessible to your webserver). Your Cloudflare Origin CA API key is stored in your user's home directory, however.

FAQs

Package last updated on 18 Sep 2017

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc