Expired Universal Edge Certificate and not auto-renewed


Universal certificate was not automatically renewed for my 2 domains.
It was working for many years and now stopped.

The Universal SSL certificate managed by Cloudflare 2022-07-12 and expired on 2022-07-13.

I tried disabling (waiting more than 24hrs before re-enabling) and re-enabling Universal SSL in hopes that it would trigger the re-creation of the edge ssl certificate but a new certificate was never created.

I changed encryption mode from Full (strict) to Full - same issue.

So for the time being, I left Proxy status DNS only on those two domains to keep them working.

The support ticket number is 2502089.

For starters, that’s a mistake. You should never use Full, only Full Strict. Change that back immediately.

Then, is that a .ru domain?

1 Like

I saw similar advice in another thread related to the universal certificate and its non-renewal.
Of course, for the rest of the domains I only use Full Strict.
That is .dn.ua domains.

Not sure where you read that, but that information is wrong. The encryption mode is not related to the certificate and should be Full Strict.

With an .ua domain it is the same issue as Universal SSL expired on Free account - #4 by sandro

Try switching to Let’s Encrypt.

1 Like

Thank You.
For others who encounter a similar problem, I add here your comment from another thread on changing the proxy certificate to Let’s Encrypt

curl -X PATCH "https://api.cloudflare.com/client/v4/zones/ZONE_ID/ssl/universal/settings" \
     -H "X-Auth-Email: EMAIL_ADDRESS" \
     -H "X-Auth-Key: API_KEY" \
     -H "Content-Type: application/json" \
     --data '{ "certificate_authority": "lets_encrypt" }'
1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.