cloudflared
cloudflared copied to clipboard
cloudflare
Error exec docker image
Copying the dockerhub command it comes out
The client did not specify the origincert path
If I add --origincert /etc/cloudflared/cert.pem
Cannot check if the origin certificate exists in the path /etc/cloudflared/cert.pem
Any idea how to solve the problem?
Hi @tomaswarynyca, I tried the command with the latest image and it worked for me. Can you try
docker run -v ~/.cloudflared:/etc/cloudflared cloudflare/cloudflared:2021.2.5 tunnel --no-autoupdate --hostname example.com --url http://localhost:8080
Don't forget to replace example.com with your hostname.
Yes, after sending the message I saw that it was an old version, but when I ran the new version I had the same result.
Error getting origin cert: client didn't specify origincert path
If I add --origincert /etc/cloudflared/cert.pem
Error getting origin cert: cannot check if origin cert exists at path /etc/cloudflared/cert.pem
The command assumes you have a cert.pem file in ~/.cloudflared/cert.pem. If you don't have this file, check out https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/setup.
I don't understand what I am doing wrong for it not to work.
Validating that the cert.pem file is present
➜ ~ ls .cloudflared/
cert.pem
Running the container
docker run --rm -v ~/.cloudflared:/etc/cloudflared cloudflare/cloudflared:2021.2.5 tunnel --no-autoupdate --hostname hidden.com --url http://localhost:8080 --origincert /etc/cloudflared/cert.pem
2021-02-25T00:12:27Z INF Cannot determine default configuration path. No file [config.yml config.yaml] in [~/.cloudflared ~/.cloudflare-warp ~/cloudflare-warp /etc/cloudflared /usr/local/etc/cloudflared]
2021-02-25T00:12:27Z INF Version
2021-02-25T00:12:27Z INF GOOS: linux, GOVersion: go1.15.7, GoArch: amd64
2021-02-25T00:12:27Z INF Settings: map[hostname:hidden.com no-autoupdate:true origincert:/etc/cloudflared/cert.pem url:http://localhost:8080]
2021-02-25T00:12:27Z ERR Cannot check if origin cert exists at path /etc/cloudflared/cert.pem originCertPath=/etc/cloudflared/cert.pem
2021-02-25T00:12:27Z ERR Couldn't start tunnel error="Error getting origin cert: cannot check if origin cert exists at path /etc/cloudflared/cert.pem"
Error getting origin cert: cannot check if origin cert exists at path /etc/cloudflared/cert.pem
~ is equivalent to $HOME, so ~/.cloudflared:/etc/cloudflared is equivalent to $HOME/.cloudflared:/etc/cloudflared. In your case you cert is at .cloudflared/cert.pem, so you can run
docker run --rm -v .cloudflared:/etc/cloudflared cloudflare/cloudflared:2021.2.5 tunnel --no-autoupdate --hostname hidden.com --url http://localhost:8080
It is not possible to mount like this in docker
Can be mounted with $HOME/.cloudflared:/etc/cloudflared, but I get the same result
Even mounting the file directly I get the error that it is not found.
$HOME/.cloudflared/cert.pem:/etc/cloudflared/cert.pem
Have you tried moving .cloudflared to a different directory, for example /etc/cloudflared?
Copy the cert.pem file from ~/.clouflared to /etc/cloudflared Mounting /etc/cloudflared:/etc/cloudflared got the same result :/
docker run --rm -v /etc/cloudflared:/etc/cloudflared cloudflare/cloudflared:2021.2.5 tunnel --no-autoupdate --hostname hidden.com --url http://localhost:8080 --origincert /etc/cloudflared/cert.pem
2021-02-28T16:21:12Z INF Cannot determine default configuration path. No file [config.yml config.yaml] in [~/.cloudflared ~/.cloudflare-warp ~/cloudflare-warp /etc/cloudflared /usr/local/etc/cloudflared] 2021-02-28T16:21:12Z INF Version 2021-02-28T16:21:12Z INF GOOS: linux, GOVersion: go1.15.7, GoArch: amd64 2021-02-28T16:21:12Z INF Settings: map[hostname:hidden.com no-autoupdate:true origincert:/etc/cloudflared/cert.pem url:http://localhost:8080] 2021-02-28T16:21:12Z ERR Cannot check if origin cert exists at path /etc/cloudflared/cert.pem originCertPath=/etc/cloudflared/cert.pem 2021-02-28T16:21:12Z ERR Couldn't start tunnel error="Error getting origin cert: cannot check if origin cert exists at path /etc/cloudflared/cert.pem" Error getting origin cert: cannot check if origin cert exists at path /etc/cloudflared/cert.pem
I'm sorry it's still not working for you. We will provide more robust logging on Cannot check if origin cert exists at path error in the next release.
I have the same problem. After updating to the docker image 2021.3.3 I got a little more information.
2021-03-25T23:49:10Z ERR Cannot check if origin cert exists at path /etc/cloudflared/cert.pem error="open /etc/cloudflared/cert.pem: permission denied" originCertPath=/etc/cloudflared/cert.pem
It seems to me that non-root user is not able to access the file mounted using "-v".
Here is my command:
docker run --rm -v /home/seocam/.cloudflared:/etc/cloudflared cloudflare/cloudflared:2021.3.3 tunnel --no-autoupdate --url http://192.168.49.1:8000 --hostname <mydomain> --origincert /etc/cloudflared/cert.pem
Running without docker works fine for me.
Hi @chungthuang, with the info provided by @seocam you can see if it solves the problem? 25 days have passed and I can't migrate to docker
run
sudo chmod -R 755 .cloudflared
on your .cloudflared folder
User can read, write, and execute; other users can read and execute, but cannot write.
sudo chmod -R 755 .cloudflared
That one doesn't seem to work, had to make it 777, which well, isn't the safest permission to give
For some reason if I gave 766 then I couldn't make tunnel later on following example in here:
https://github.com/cloudflare/worker-template-postgres/
My command: docker run -v ~/.cloudflared:/home/nonroot/.cloudflared cloudflare/cloudflared:2022.5.0 login
And error: error writing cert to /home/nonroot/.cloudflared/cert.pem: open /home/nonroot/.cloudflared/cert.pem: permission denied
Would be cool if there's a way to run it with root or pipe output to certfile manually
@McSneaky I'd say it's very unsafe to give the permission 777. The user and group ID that is used to run the command in docker is 65532, so change all the files that needed by cloudflare to 65532:65532 works for me:
chown 65532:65532 cert.pem
