Cloudflare R2 Access Key
Manage and use Cloudflare R2 Access Keys in AutoSSL.
Overview
A Cloudflare R2 Access Key is required to authenticate requests from AutoSSL to Cloudflare R2 object storage. By adding an R2 API Token, you authorize AutoSSL to upload certificate files to your R2 bucket on your behalf.
Configuration Parameters
| Parameter | Description |
|---|---|
| Access Key ID | The Access Key ID generated from your Cloudflare R2 API Token. |
| Secret Access Key | The corresponding Secret Access Key. This value is securely encrypted before being stored in AutoSSL. |
Important
If you need to modify the Secret Access Key field later, you must provide the full secret again.
How to Get an R2 API Token
- Log in to the Cloudflare Dashboard.
- In the left sidebar, navigate to R2 Object Storage.
- Click Manage R2 API Tokens.
- Click Create API token.
- Set Permissions to Object Read & Write.
- (Optional) Restrict the token to a specific bucket by choosing Specify bucket(s) and entering your target bucket name.
- Click Create API Token.
- Copy the Access Key ID and Secret Access Key and paste them into AutoSSL.
The Secret Access Key is only shown once. Make sure to copy it before closing the page.
For more information, refer to the Cloudflare R2 API Token documentation.
Security Recommendations
- Principle of Least Privilege: Restrict the API Token to only the specific bucket(s) that AutoSSL needs to write to. Avoid granting access to all buckets unless necessary.
- Regular Rotation: Periodically rotate your API tokens to minimize the risk of leaked credentials.
Supported Deployment Targets
The Cloudflare R2 Access Key is used by the following deployment providers in AutoSSL:
- Cloudflare R2: Uploads certificate files to a Cloudflare R2 bucket.