Certificate Not Autorenewing

We have an edge certificate (https://crt.sh/?q=assets.jci.cc) that for some reason didn’t renew yesterday. It shows up still

on our account as active, but shows that it expires yesterday. Our CAA record allows DigiCert, so that doesn’t seem to be the issue there.

The certificate log shows you got a new one today. Is it working now?

I went in and created a new certificate. The old one is still there showing active.

I created the new one as it was causing all sorts of issues with images not showing up. I have another certificate that expires tomorrow, that is setup identically. I’ll watch that one to see if it renews or doesn’t renew. I’ve not had a CF certificate not renew before.

My 14 day certs renew a few days early, and any renewal issues I’ve had on CF domains have resulted in lots of email warnings (hourly or so)

It sounds like a bug, and I’d open a ticket. Post the ticket number here if you can.

1 Like

By pure coincidence, I just received such an email:

Hello,

Certificate issuance has failed for the certificate with the ID redactedGUID belonging to Zone ID abcdefgh with the following error messages:

caa_error: example.com,*.example.com

Any errors will need to be corrected before the certificate can be issued.

Regards,
Cloudflare

I took no action, and the cert appears to have been issued.

1 Like

Yeah. The one for tomorrow hasn’t renewed yet. I did create a Ticket (2181294) in the system, but figured I managed to screw something up as all of our previous tickets had renewed just fine.

I’ve not gotten any error emails about a cert failing to renew.