Issues with hosted site showing expired cert, but only on internal network

What is the name of the domain?

What is the error message?

SSL Cert expired due to date

What is the issue you’re encountering

Internally we’re getting a SSL expired notification for our website. Externally from our network we do not get this. The cert shows different expiration times externally as well, and the cert is set to auto renew via Let’s Encrypt.

What is the current SSL/TLS setting?

Off

Sounds like cPanel or some other workaround for renewing :thinking:

Since Cloudflare’s Universal SSL also uses the LE’s CA, might be if your DNS records anre proxied :orange: and behind Cloudflare, the origin SSL certificate cannot renew as it sees the “hidden” DNS records for Cloudflare’s Universal SSL :orange: certificate.

I’d suggest you to temporary Pause Cloudflare for your site. Wait few minutes. Double-check the origin SSL certificate. Renew it. After the Website works okay over HTTPS, un-pause and all good.

Usually, when it’s the time to renew them, I do it pretty fast with my script and Cloudflare API for a domain which I enter into a input text field (or textarea if there are multiple domains to renew) via my Worker, however manually you would have to:

  1. Use the “Pause Cloudflare on Site” option from the Overview tab for your domain at dash.cloudflare.com .
  2. The link is in the lower right corner of that page.
  3. Give it five minutes to take effect, then make sure site is working as expected with HTTPS without any error
  4. Check with your hosting provider / cPanel AutoSSL / Let’s Encrypt / ACME / Certbot and manually click to renew it
  5. Only then, when your website responds over HTTPS, you should un-pause Cloudflare and double-check your SSL/TLS setting to make sure it’s Full (Strict).