How to renew origin certificate of proxied hostname

I have a question :
if we want full, we need to set ssl on orignal server, but with proxied dns we can’t do it so we must desactive cloudflare and add ssl on server and after set reactivate cloudflare. But for the renew of ssl, it will not work ?? we need again to set cloudflare off to add again ssl on server… it’s not very good, and it make many out of website

I’m not sure if you are using your web host to get the certificate, or doing it yourself and how.

Personally I use LetsEncrypt with certbot, a DNS-01 challenge and the certbot-dns-cloudflare plugin which avoids all the problems around HTTP challenges for servers behind Cloudflare.

Alternatively, you can use a Cloudflare origin certificate and set it for a long expiry time (up to 15 years). Note that this certificate is only trusted by Cloudflare so does require use of the proxy.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.