Cloudflare and Lets Encrypt

I registered my site on cloudflare with https mode to “full”. I already had a Lets Encrypt certificate before I did that. Now when I open my site at first the certificate shows from lets encrypt, but when I refresh or browse other links, it becomes Google Trust Services LLC. My concern is, what should I do so that it sticks either to Lets Encrypt or Google Trust.

  1. Full is an insecure legacy mode and does not provide proper security. Always use Full Strict.
  2. The Google certificate is the proxy certificate, which is unrelated to your server certificate. Being a new CA, there are occasional issues with devices running unsupported software. In that case you could disable Universal SSL and re-enable it after 30 minutes, which should issue an LE certificate.

Generally, it doesn’t really mattter though.

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.