HTTP DCV: “Sectigo” forbids DCV HTTP redirections

I’m still in a bit of the dark on how exactly this ‘should’ work. On Cloudflare’s page, it does recommend using ‘Full (Strict)’, which is what I have done for all of my client websites.

VIEW IMAGE 1 BELOW

On the SSL/TLS page of cPanel it does show that the certificates were generated but with a warning.

VIEW IMAGE 2 BELOW

It appears that Cloudflare has created SSL Certificates but I didn’t purchase them as I’m using the Free Cloudflare CDN service. It looks like Cloudflare has their own SSL Certificates which they generate for websites using the ‘Full (Strict)’ mode.

VIEW IMAGE 3 BELOW

I checked the certificates using several different SSL checkers and they all resolve cleanly / good to the Cloudflare TLS certificates.

VIEW IMAGE 4 BELOW

So should I just simply disregard the error on the SSL/TLS Status page in the cPanel?

AutoSSL Domain Validated

An error occurred the last time AutoSSL ran, on July 1, 2023:

DNS DCV: No local authority:DOMAIN NAME; HTTP DCV: “Sectigo” forbids DCV HTTP redirections.

Much like the conflict that it can cause with the ACME protocol used by Let’s Encrypt, Cloudflare’s Always Use HTTPS setting is disrupting your AutoSSL renewal. I don’t use the Always Use HTTPS option for that reason. I exempt the renewal path from HTTPS redirection and use a separate rule to redirect everything else.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.