How to get free Edge Certificate (Universal Certificate) for 1 Year instead 3 Months?

Hello folks,

Hope everyone is safe and sound!
I need your help, folks. I got stuck here. Man, I can’t make it right.
So, can anyone tell me how I can get Edge Certificate for
1 Year?

You see, I already have 1 Year Validity Period Universal Certificate for this particular domain that I have on Cloudflare for like 7 Years now but… when I’m tryna Add a new site, I’m getting 3 Months validity period Let’s Encrypt SSL only. And it’s driving me nuts. Because some Chrome Browsers fail to load site with “https” that has 3 months validity period Let’s Encrypt SSL.

Man, I ain’t kidding about this. It’s a big deal now. And I gotta fix it ASAP.
So, can anyone help me out, please?

Thanks!

Requirement1533×647 110 KB

What browsers fail if a cert expires in less than 3 months?

Which part of the certificate chain of Let’s Encrypt doesn’t it like?

Cloudflare is in the process of phasing out DigiCert and hence also phasing out 1-year certificates

As of yesterday I was still able to toggle the issuer of Universal SSL for my domains to DigiCert using the API, however, this probably won’t work for much longer. Meaning even if you do this you’ll likely get switched back to LetsEncrypt next time the certificate needs to renew.

That I don’t know actually. But when there’s a 3 Months Let’s Encrypt… Chrome is Failing.
That’s why I need 1 Year validity period Edge Certificate like my previous one.

Please lemme know if you know the process.
Thanks!

Oh dear! That’s gonna be a problem then. Cuz I noticed a lotta Chrome browsers fail to load https when there’s 3 months validity period SSL.
And this ain’t just happening with Let’s Encrypt SSL but with some other SSL as well when there’s 3 Months validity.

It’s really confusing. Cuz Chrome ain’t working but Firefox works just fine.
Do you have any idea buddy, like why it’s happening with Chrome?

Take a picture of the certificate it’s saying is an unknown authority within Chrome.

Yeah, that’s right. I have noticed that. It’s only happening when I use Cloudflare let’s encrypt.

Is the date/time on your computer correct?

Yep, they are all correct.

And it’s not happening with my site only, happening with other site as well when there’s Let’s Encrypt for 3 Months validity.

Do this.

Hold on a sec… lemme give you something

You see,my browser is Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36

And I can’t visit other site as well that has 3 months validity period. For example geeksforgeeks

That’s actually not a Cloudflare issue. You are running Windows 7 and Microsoft is not updating the root certificates any more, hence you are running into that issue

You can either update the root certificates manually or use a different browser which does not use the system certificates.

Overall this is not a Cloudflare issue and you will have that on all sites using Let’s Encrypt. On Cloudflare you could only switch to Digicert. Problem with installing full CloudFlare SSL has more on that.

But again, you will have that issues across all Let’s Encrypt sites, so you either manually update the certificates or switch to a supported operating system.

Might be ok, but they’re deprecating this soon?
I see GTS already in a dropdown at least for the ACM

• DigiCert update · Cloudflare SSL/TLS docs

Maybe already stated somewhere in above posted or I misread it …

There’s a Google option on the undocumented ssl/universal/settings API endpoint as well, however when I messed around with it yesterday it didn’t seem to work properly. It looked okay in the dashboard & I got notification e-mails saying it was deployed successfully, but browsers kept seeing the old Digicert certificate even hours later so I switched it back. Plus it looked like it was a 3-month certificate anyway, same as LetsEncrypt.

Why does this matter? Cloudflare auto-renews universal SSL certificates. To you, it doesn’t make a difference if it 1 week, 1 month, or 1 year.