New Certificate Support

Workers VPC now supports Cloudflare Origin CA certificates when connecting to your private services over HTTPS. This expands the types of TLS certificates that Workers VPC trusts beyond publicly issued certificates.

Previous Limitations

Prior to this update, Workers VPC only trusted certificates issued by publicly trusted certificate authorities such as Let's Encrypt and DigiCert. This required developers to provision certificates from external public CAs even for internal, private network connections.

Key Benefits

• Cost savings: Use free Cloudflare Origin CA certificates instead of provisioning from public CAs
• Simplified setup: Encrypt traffic between the tunnel and your service without external CA dependencies
• Enhanced security: Maintain HTTPS encryption for internal connections within private networks
• Native integration: Leverage Cloudflare's certificate infrastructure already available to your account

How to Use

Deploy Cloudflare Origin CA certificates on your origin servers within private networks and connect to them from Workers VPC using the standard https scheme. For detailed configuration instructions, refer to the Supported TLS certificates documentation.