How should I get a Public CA cert from Cloudflare

During the arrangement for API integration with one of our tech partner, we are required to share the Public CA cert hosted on our domain. Self-Signed certificates are not accepted. My domain is currently using a Universal Certificate provided by Cloudflare, is it possible for us to obtain the Public CA cert and share with them? Or are we expected to sign up for Advanced Certificate Manager and get a dedicated cert for our domain?

You can easily download the intermediate certificate if you scan your domain using
https://www.ssllabs.com/ssltest/

However, without a dedicated or ACM cert, the CA May change without notice.

Thanks michael for the quick response, so it is recommended to get the ACM cert from Cloudflare in order to make reduce any future integration failure due to a change in the universal CA, am i right?

You should ask your tech partner exactly what they are trying to do, and what happens if the CA changes. They can tell you for sure, I’m just guessing.

Even if you get a Cloudflare cert issued by a named CA, the certificate chain will eventually change as elements of the chain come close to their expiry date. For example, the current Let’s Encrypt X3 root certificate will expire in about 15 months, so will have to change before then. Your tech partner will be able to advise how they will deal with such changes.

This topic was automatically closed after 30 days. New replies are no longer allowed.