Prevent loading the origin certificate for remotely-managed tunnels

2025-11-03 15:42:53 +09:00 · 2025-11-03 15:42:53 +09:00 · 4b50aca214
parent e9f0628555
commit 4b50aca214
1 changed files with 3 additions and 2 deletions
--- a/cmd/cloudflared/tunnel/cmd.go
+++ b/cmd/cloudflared/tunnel/cmd.go
@ -459,9 +459,10 @@ func StartServer(
 		}
 	}

-	userCreds, err := credentials.Read(c.String(cfdflags.OriginCert), log)
 	var isFEDEndpoint bool
-	if err != nil {
+	if c.String(TunnelTokenFlag) != "" || c.String(TunnelTokenFileFlag) != "" {
+		isFEDEndpoint = false
+	} else if userCreds, err := credentials.Read(c.String(cfdflags.OriginCert), log); err != nil {
 		isFEDEndpoint = false
 	} else {
 		isFEDEndpoint = userCreds.IsFEDEndpoint()