Expired SSL error?

I have a Citrix Netscaler with a Digicert certificate installed on which which acts as the gateway for Citrix XenApp. When Cloudflare is set to DNS everything works fine. However, when proxying the published application list page load fines, but when trying to actually launch an published application Citrix errors with “SSL Error 70: The server sent an expired security certificate. The certificate “R3” is valid from 07 October 2020 to 29 September 2021.”

I suspect this issue is because of the Let’s Encrypt certificate which expired on September 30, since the certificate name and expiration date match, and it’s my understanding Cloudflare uses Let’s Encrypt certificates pretty heavily:

We use Digicert certificates exclusively, so this wouldn’t be caused by one of our certificates.

I’ve already opened a ticket for this, but any suggestions on next steps or other things I could try?

If your account here is using Let’s Encrypt, you can switch it to Digicert:

Changing to Digicert fixed the certificate issue for me. However, if you’re using the Windows CLI then it needs to be formatted like this:

curl -X PATCH "https://api.cloudflare.com/client/v4/zones/[zone-id]/ssl/universal/settings" -H "Content-Type: application/json" -H "X-Auth-Email: [email-address]" -H "X-Auth-Key: [Global-API-key]" --data "{\"certificate_authority\": \"digicert\"}"

Sorry for the deleted posts. The forum software kept chaning the formating of the JSON above.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.