cloudflare api dns

interdomeFebruary 13, 2025February 14, 2025

Alright lets auto renew those certs

Bash

sudo apt update
sudo apt install certbot python3-certbot-dns-cloudflare

or

Bash

sudo yum install epel-release
sudo yum install certbot python3-certbot-dns-cloudflare

Create a new API token with the following permissions:
Zone:Zone:Read
Zone:DNS:Edit
Save the API token securely.

Bash

sudo mkdir -p /etc/letsencrypt/secrets
sudo nano /etc/letsencrypt/secrets/cloudflare.ini

Add the following to the cloudflare.ini

Bash

dns_cloudflare_api_token = YOUR_CLOUDFLARE_API_TOKEN

Secure that shit

Bash

sudo chmod 600 /etc/letsencrypt/secrets/cloudflare.ini

Lets gooooo

Bash

sudo certbot certonly \
  --dns-cloudflare \
  --dns-cloudflare-credentials /etc/letsencrypt/secrets/cloudflare.ini \
  -d example.com \
  -d *.example.com

Scenario 2: Domains in Different Cloudflare Accounts

If you have 2 separate accounts, you can share access in the user panel. You will want to AT LEAST share the DNS so that the main user can certify your domain as well.

After you add the rights, you can use the main accounts API key to certify both domains! EZ.

Leave a Reply Cancel reply

UAT-5918 Targets Taiwan's Critical Infrastructure Using Web Shells and Open-Source Tools
March 21, 2025
Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023. "UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination […]
Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates
March 21, 2025
The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD) attack designed to disable anti-malware tools. Elastic Security Labs said it observed a […]
China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families
March 21, 2025
The China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been linked to a "global espionage campaign" that took place in 2022 targeting seven organizations. These entities include governments, catholic charities, non-governmental organizations (NGOs), and think tanks across Taiwan, […]
10 Critical Network Pentest Findings IT Teams Overlook
March 21, 2025
After conducting over 10,000 automated internal network penetration tests last year, vPenTest has uncovered a troubling reality that many businesses still have critical security gaps that attackers can easily exploit. Organizations often assume that firewalls, endpoint protection, and SIEMs are enough […]
Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers
March 21, 2025
Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal. "Head Mare relied heavily on tools previously associated with Twelve. Additionally, Head Mare attacks utilized command-and-control (C2) servers […]

©️ interdo.me