Let's Encrypt SSL auto renew blocked by CloudFlare

Hi there, How do I create a Cloudflare rule to prevent the CF server from blocking the siteground.com hosting .well-known/ server request? This is the reply from SG tech support: “In order to be able to get the subdomains covered by a Let’s Encrypt SSL once more, the Cloudflare should be bypassed or at least make sure that the .well-known/ request are not being blocked by a rule in the Cloudflare control panel.” Thank you for your urgent help. Kent

Request for .well-known shouldnt be generally blocked, however it can depend on your settings. Do your firewall events list the request?

Unless you need the certificate to be a publicly recognised one you could also go for an origin certificate. They are equally free and directly issued from within the Cloudflare control panel.

You’d have to :grey: that domain and then jump over to Siteground to renew and then :orange: it again once the cert has been renewed.

Why do you think that request wouldnt go through Cloudflare? Either the OP needs to remove the custom rule that prevents that connection, if he has set one up, or whitelist that particular request. I wouldnt assume deproxying should be really necessary.

I’ve seen third party LE renewals fail because the Public IP address didn’t match the local IP address. Plesk gets upset when localhoat is IPv4, but DNS shows both IPv4 and IPv6. :grey: temporarily fixes both of these issues.

This topic was automatically closed after 30 days. New replies are no longer allowed.