GetPageSpeed Extras

cloudflare-warp

View this package for all CentOS/RHEL versions →

How to install cloudflare-warp in CentOS/RHEL 8 (x86_64)

Cloudflare Warp Client

License: unknown https://1.1.1.1

Install

sudo dnf -y install https://extras.getpagespeed.com/release-latest.rpm
sudo dnf -y install cloudflare-warp

Description

Cloudflare Warp Client

Compatibility

This package is compatible with all RHEL-based distributions, including CentOS, AlmaLinux, Oracle Linux, Rocky Linux, etc.

RPMs

Package Size Built Changes
cloudflare-warp-2026.6.836.0-1.el8.x86_64 54.4 MiB 2026-07-02 Shrey Amin
This package is the same release as 2026.6.822.0, with a fix for our RPM package. Previously the repository served a single build to every OS version, so an install could pull a dependency that isn't available on that release. The repository now serves the correct build for each operating system version, so installs automatically pull the dependencies that version requires. Debian and Ubuntu were not affected. · · We recommend refreshing your repository configuration: · ```bash · sudo curl -fsSL https://pkg.cloudflareclient.com/cloudflare-warp-ascii.repo | sudo tee /etc/yum.repos.d/cloudflare-warp.repo · sudo dnf clean all · sudo dnf install cloudflare-warp · ```
cloudflare-warp-2026.6.822.0-1.el8.x86_64 54.4 MiB 2026-06-30 Shrey Amin
This release introduces multiple features from our previous beta release into stable release, including: · · - The client now applies DNS search suffixes configured in your device profile / network policy. Administrators can push a list of DNS search domains that the client appends to single-label queries, alongside any system-configured suffixes. See [DNS search suffixes](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/configure/settings/#dns-search-suffixes) for details. · - Upgraded security of device registration to be hardware-backed. Registration tokens can now be generated in the TPM (with TPM 2.0+) whenever it is available to provide stronger protection against device impersonation. See [Hardware-backed registration](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/deployment/mdm-deployment/hardware-backed-registration/) for details. · - Added a local-file signal source for Emergency Disconnect. In addition to the existing HTTPS polling mechanism, administrators can now configure WARP to monitor for a file on disk; the presence of the file triggers an emergency disconnect even if both Cloudflare and your own infrastructure are unreachable. Either signal being asserted triggers disconnect; both must be cleared for normal operation to resume. · - Added new warp-cli debug commands for interactive connection diagnosis. See [Extra debug logging](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/troubleshooting/diagnostic-logs/#extra-debug-logging) for details. · - The local DNS proxy now supports DNSSEC passthrough. DNSSEC-signed responses are forwarded to the application intact (including DO/AD bits and RRSIG records), so applications that validate DNSSEC locally — including resolvers and the dig/drill tooling — work correctly through the client. · - Added a new MDM format for organization-wide settings, including a cleaner way to configure the compliance environment (e.g. FedRAMP). The previous per-configuration approach still works, but the new format is now recommended. See the updated [Cloudflare One MDM documentation](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/deployment/mdm-deployment/parameters/#organization_configs) for details. · · Additional changes and improvements: · - Cloudflare Mesh functionality using the Cloudflare One Client is now supported on RHEL 9 and 10. · - Cloudflare Mesh now supports hostname-based routing for Cloudflare Tunnel. · - Client Certificate device-posture checks now support template variables (e.g. `${serial_number}`, `${device_uuid}`) in the Subject Alternative Name field. Previously only the Common Name field accepted variables, which broke posture rules that pinned identity to a SAN entry. · - Improved accessibility by using high contrast colors and more defined color boundaries when high contrast is enabled in the system display settings. · - Path MTU Discovery (PMTUD) is now enabled by default. · - Fixed the in-client captive-portal browser rendering a blank "Success" page on some airline Wi-Fi networks. The browser now more consistently loads the airline's real portal page so users can complete sign-in from inside the client instead of having to open a separate browser. · - Fixed an issue in proxy mode where hostnames containing underscores (e.g. ai_app.com) were rejected, breaking apps that depend on such hostnames (notably ChatGPT sandbox apps). The local proxy now accepts underscore-containing hostnames in CONNECT requests. · - Fixed an issue where DNS queries would fail after the connection was idle, requiring users to retry. · - Fixed an issue where some Debian releases experienced inaccurate version reporting for posture checks. · - Users can now register with team names in any case format without errors. · - New UI fixes: · * Fixed an issue where users with invalid MDM configurations were returned to the onboarding screen after successful authentication. · * Added a re-auth button and banner to the home screen so users don't miss it when their session expires. · * Added clear error messaging when the Cloudflare certificate needs to be installed. · * Brought back support for pausing the tunnel when connected to user-specified Wi-Fi networks for consumer users. · * New client UI now surfaces Split tunnel configuration and Local Domain Fallback configuration. · * Added ability to configure proxy mode for consumer users. · * Added back the option to quit for consumer users. · · For RHEL deployments, this release introduces a dependency on the Extra Packages for Enterprise Linux repository (EPEL). The EPEL repository provides packages that support the captive portal detection’s in-app browser authentication and system tray icon. See https://docs.fedoraproject.org/en-US/epel/getting-started/ for instructions on enabling EPEL. · · Known issues · - Registration may hang at "Checking your organization configuration" due to IPC errors. A system reboot should resolve the error, allowing registration to proceed.
cloudflare-warp-2026.4.1390.0-1.el8.x86_64 56.0 MiB 2026-05-27 Yi Huang
This release introduces the new Cloudflare One Client UI for Linux! You can expect a cleaner and more intuitive design as well as easier access to common actions and information. Here are some of the many things we have found our users appreciate: · · - Right click context menu to access the most common client actions quickly · - Built-in captive portal login experience · · Changes and improvements: · - Added a new CLI command: warp-cli mdm refresh. This command executes an immediate refresh of the Mobile Device Management (MDM) configuration file. · - Official support for RHEL 9 has been added for Cloudflare Mesh nodes. To install the RHEL 9 package, the Extra Packages for Enterprise Linux (EPEL) repository must be active, as it contains dependencies required for the tray icon and captive portal webview. · - Fixed a proxy mode connection stall issue. · · Known issues · - Registration may hang at "Checking your organization configuration" due to IPC errors. A system reboot should resolve the error, allowing registration to proceed. · - Split tunnel list configuration is not available in the new UI. Management of split tunnel entries is currently only possible via `warp-cli tunnel ip` and `warp-cli tunnel host`. UI support will be added in a future release.
cloudflare-warp-2026.4.1350.0-1.el8.x86_64 56.0 MiB 2026-05-12 Yi Huang
This release introduces the new Cloudflare One Client UI for Linux! You can expect a cleaner and more intuitive design as well as easier access to common actions and information. Here are some of the many things we have found our users appreciate: · · - Right click context menu to access the most common client actions quickly · - Built-in captive portal login experience · · Changes and improvements: · - Added a new CLI command: warp-cli mdm refresh. This command executes an immediate refresh of the Mobile Device Management (MDM) configuration file. · - Official support for RHEL 9 has been added for Cloudflare Mesh nodes. To install the RHEL 9 package, the Extra Packages for Enterprise Linux (EPEL) repository must be active, as it contains dependencies required for the tray icon and captive portal webview. · · Known issues · - Registration may hang at "Checking your organization configuration" due to IPC errors. A system reboot should resolve the error, allowing registration to proceed.
cloudflare-warp-2026.3.846.0-1.el8.x86_64 39.4 MiB 2026-04-03 Rhett Griggs
This release contains minor fixes and improvements. · · The next stable release for Linux will introduce the new Cloudflare One Client UI, providing a cleaner and more intuitive design as well as easier access to common actions and information. · · - Empty MDM files are now rejected instead of being incorrectly accepted as a single MDM config · - Fixed various connection hangs in proxy mode caused by upstream quiche bugs · - Fixed an issue where the emergency disconnect status of a prior organization persisted after a switch to a different organization. · - Consumer-only CLI commands are now clearly distinguished from Zero Trust commands · - Added detailed QUIC connection metrics to diagnostic logs for better troubleshooting · - Added monitoring for tunnel statistics collection timeouts · - Switched tunnel congestion control algorithm to Cubic for improved reliability across platforms · - Fixed initiating managed network detections checks when no network is available, which caused device profile flapping
cloudflare-warp-2026.1.150.0-1.el8.x86_64 39.6 MiB 2026-02-24 Yi Huang
This release contains minor fixes, improvements, and new features including a new feature to manage WARP client connectivity for all devices in your fleet using an external signal. · · WARP client version 2025.8.779.0 introduced an updated public key for Linux packages. The public key must be updated if it was installed before September 12, 2025 to ensure the repository remains functional after December 4, 2025. Instructions to make this update are available at pkg.cloudflareclient.com. · · - Fixed an issue causing failure of the local network access exclusion feature when configured with a timeout of 0. · - Improvement for more accurate reporting of device colocation information in the Zero Trust dashboard. · - Fixed an issue where misconfigured DEX HTTP tests prevented new registrations. · - Fixed issues causing DNS requests to fail with clients in Traffic and DNS mode or DNS only mode.
cloudflare-warp-2025.10.186.0-1.el8.x86_64 38.0 MiB 2026-01-13 Rhett Griggs
This release contains minor fixes, improvements, and new features including a new feature to manage WARP client connectivity for all devices in your fleet using an external signal. · · WARP client version 2025.8.779.0 introduced an updated public key for Linux packages. The public key must be updated if it was installed before September 12, 2025 to ensure the repository remains functional after December 4, 2025. Instructions to make this update are available at pkg.cloudflareclient.com. · · - The Local Domain Fallback feature has been fixed for devices running WARP client version 2025.4.929.0 and newer. Previously, these devices could experience failures with Local Domain Fallback unless a fallback server was explicitly configured. This configuration is no longer a requirement for the feature to function correctly. · - Improvement for WARP client posture check. Linux device posture for encrypted drives now also supports non-filesystem encryption types like dm-crypt. · - Improvement for WARP modes, proxy mode now supports transparent HTTP proxying in addition to CONNECT-based proxying. · - Fixed an issue where the GUI becomes unresponsive when the "Re-Authenticate in browser" button is clicked. · - Added a new feature to Manage device connection using an external signal. This feature allows administrators to send a global signal from an on prem HTTPS endpoint that force disconnects or reconnects all WARP clients in an account based on configuration set on the endpoint.
cloudflare-warp-2025.9.558.0-1.el8.x86_64 38.0 MiB 2025-11-12 Shrey Amin
This release contains minor fixes, improvements, and new features including Path Maximum Transmission Unit Discovery (PMTUD). When PMTUD is enabled, the client will dynamically adjust packet sizing to optimize connection performance. There is also a new connection status message in the GUI to inform users that the local network connection may be unstable. This will make it easier to debug connectivity issues. · · WARP client version 2025.8.779.0 introduced an updated public key for Linux packages. The public key must be updated if it was installed before September 12, 2025 to ensure the repository remains functional after December 4, 2025. Instructions to make this update are available at pkg.cloudflareclient.com. · · - The UI now displays the health of the tunnel and DNS connections by showing a connection status message when the network may be unstable. This will make it easier to debug connectivity issues. · - Fixed an issue where deleting a registration was erroneously reported as having failed. · - Path Maximum Transmission Unit Discovery (PMTUD) may now be used to discover the effective MTU of the connection. This allows the WARP client to improve connectivity optimized for each network. PMTUD is disabled by default. To enable it, refer to our developer [documentation](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/warp/deployment/mdm-deployment/path-mtu-discovery/#enable-path-mtu-discovery).
cloudflare-warp-2025.8.779.0-1.el8.x86_64 37.1 MiB 2025-10-08 Logan Praneis
This release contains minor fixes and improvements including including an updated public key for Linux packages. The public key must be updated if it was installed before September 12, 2025 to ensure the repository remains functional after December 4, 2025. Instructions to make this update are available at pkg.cloudflareclient.com. · · This release contains enhancements to Proxy mode for even faster resolution. The MASQUE protocol is now the only protocol that can use Proxy mode. If you previously configured a device profile to use Proxy mode with Wireguard, you will need to select a new WARP mode or all devices matching the profile will lose connectivity.
cloudflare-warp-2025.7.176.0-1.el8.x86_64 37.2 MiB 2025-10-01 Shrey Amin
This release contains minor fixes and improvements including an updated public key for Linux packages. The public key must be updated if it was installed before September 12, 2025 to ensure the repository remains functional after December 4, 2025. Instructions to make this update are available at pkg.cloudflareclient.com . · · - The MASQUE protocol is now the default protocol for all new WARP device profiles. · - Improvement to limit idle connections in DoH mode to avoid unnecessary resource usage that can lead to DoH requests not resolving. · - Improvements to maintain Global WARP Override settings when switching between organization configurations. · - Improvements to maintain client connectivity during network changes.
cloudflare-warp-2025.6.1335.0-1.el8.x86_64 37.4 MiB 2025-08-20 Shrey Amin
This release contains minor fixes and improvements. · · - Fixed an issue preventing devices from reaching split-tunneled traffic even when WARP was disconnected. · - Fix to prevent the firewall being re-enabled after user initiated client disconnection. · - Improvement for faster client connectivity on high-latency captive portal networks. · - Fixed an issue where recursive CNAME records could cause intermittent WARP connectivity issues.

Subscribe