How are SSL certificates handled for subdomains after a recent switch to Cloudflare

Since switching to Cloudflare: I’ve been getting a warning which I’ve copy and pasted below. I’ve asked my host what to do and they referred me to Cloudflare. Can anyone advise?

The “cPanel” AutoSSL provider could not renew the SSL certificate without a reduction of coverage because of the following problems:

:no_entry: www.store.askthedogguy.com (checked on Sep 2, 2021 at 5:31:10 AM UTC)

DNS DCV: No local authority: “www.store.askthedogguy.com”; HTTP DCV: “www.store.askthedogguy.com” does not resolve to any IP addresses on the internet.

:no_entry: store.askthedogguy.com (checked on Sep 2, 2021 at 5:31:10 AM UTC)

DNS DCV: No local authority: “store.askthedogguy.com”; HTTP DCV: The system queried for a temporary file at “https://store.askthedogguy.com/.well-known/pki-validation/5A16C313B973E385270A6F4BCF91E378.txt”, which was redirected from “http://store.askthedogguy.com/.well-known/pki-validation/5A16C313B973E385270A6F4BCF91E378.txt”. The web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist. The domain “store.askthedogguy.com” resolved to an IP address “104.21.2.149” that does not exist on this server.

The following domains will lose SSL coverage when the certificate expires:

The certificate that is installed on this website contains the following properties:

  1. For cPanel, it’s much easier to install a Cloudflare Origin CA certifcate so you don’t have to jump through the cPanel hoops:
    https://developers.cloudflare.com/ssl/origin-configuration/origin-ca
  2. Cloudlare’s edge servers don’t have a default configuration that supports ‘www’ below a subdomain:
    Subdomain too deep
1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.