CF SSL Edge Certificate for multi-level domain not showing at Siteground site

Hi,
Maybe someone has run into this before and can possibly advise.

I have my regular website at https://www.ellespark.com
Hosted at Siteground.

I created a Cloudflare account and applied their Universal SSL certificate to
*.ellespark.com
ellespark.com
with Full (Strict) setting.

Created a staging site in Siteground. Of course it has to be on the www. https://www.staging6.ellespark.com.

SG support told me to to purchase an Edge Certificate with Cloudflare to cover the staging site. I did this and set it to apply to
*.ellespark.com
ellespark.com
*.staging6.ellespark.com
staging6.ellespark.com

Had to turn on Siteground’s “Let’s Encryt” SSL certificate for BOTH sites for them to resolve on https://

However - main site shows Cloudflare SSL cert (got a Cloudflare 526 Error when I deleted SG “Let’s Encrypt”)
Staging site shows Siteground’s “Let’s Encrypt” (got a browser non-private connection error without the “Let’s Encrypt”)

I’ve done 6 chats with Siteground support, deleted and reinstalled “Let’s Encrypt” certs, checked on private windows, other computers, waited more than a week, emailed Cloudflare (no support), and spent close to 6 hours trying to deal with this. SG support says it’s “interesting” but can’t advise me further and says I need to keep “Let’s Encrypt” SSL certs installed on their side because it’s the only way both sites resolve.

Shouldn’t BOTH sites be showing the valid Cloudflare certificates? (I think this is ideal since Cloudflare cert is better than the basic Siteground one…?)
Perhaps I have a setting wrong in Cloudflare?


Thanks!

Why is that?

Hi sdayman,
Because the main website is on the www.

Siteground support said that the staging site needs to also utilize the www so that all the links will function when pushed live through their staging platform.

So the staging site is on www. I just need the Cloudflare SSL to work properly on it…

Well…that’s less than impressive.

Since you have ACM that covers all hostname combinations, you can scroll way down and disable Universal SSL so you have just that one cert that covers everything.

Beyond that, it’s up to SiteGround to provide functioning SSL for whatever they host.

1 Like

Ah OK, thank you for the tip about the Cloudflare Universal SSL, I disabled it.
So it sounds like it’s Siteground’s settings that are overriding the Cloudflare SSL for the staging site.

Is there a place to export the Cloudflare Edge SSL information like CRT, KEY, and CABUNDLE ?

There is a place to import into Siteground but I cannot find where to locate those keys in Cloudflare.

You can’t get copies of the edge certs, but you can generate your own origin certs:

https://developers.cloudflare.com/ssl/origin-configuration/origin-ca

Thank you sdayman, I really appreciate your help and responses!

Have a wonderful day!

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.