Let's SSL Validation Failing Due to CNAME Flattening

I am managing my Server via RunCloud (RC) and managing my DNS via Cloudflare.

I am using Cloudfront CDN (AWS) for full page caching my website. To do this, I am using CNAME Flattening in Cloudflare and pointing my root domain to Cloudfront CDN address.

This all working perfectly, but Lets SSL is failing to validate my domain at the time of automatic renewal. I asked the RC guys for support and they told I have to point my root domain to the Server IP address. Which I can’t because CDN will not work.

So my question is, is there anyway to allow Lets SSL validate my domain without losing the full page caching functionality? I mean I can keep the CNAME Flattening and can validate my domain.

Hi there,

If RunCloud have specific requirements that your root/apex hostname resolves to their IP in order to issue a certificate then unfortunately there is nothing that can be done on Cloudflare side.

You would need to speak to RunCloud to ask if there is any other way they offer to do this validation that does not require DNS resolving to their IP. Perhaps they support TXT record or Email validation as an alternative.

regards,

1 Like

Hi Damian,
Thanks for the reply.
I will talk to RC team. And will update here.

Regards,

Ok.
I have conversion with them and they don’t have any other method to validate domain name.
I will have to find some other solution.

I use RunCloud, but use the Cloudflare API key for their Let’s Encrypt validation process. But most of the time, I use Cloudflare’s Origin CA cert.

https://developers.cloudflare.com/ssl/origin-configuration/origin-ca

I’m just sure what RunCloud really has to do with this:

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.