Missing Universal SSL certificate

I have a missing Universal SSL certificate on one of the domains on my account.

I have tried the “trick” of clicking “Disable Universal SSL” and then coming back after ten minutes and re-enabling it again. I actually did that on another domain a few weeks ago and it worked. But this time, no luck. I have tried it a couple of times this week but still there is nothing listed under “Edge Certificates” on the SSL/TLS app.

I have a lot of other domains on this account and I think most of them have a free SSL certificate, even if it is not used. As far as I know, there’s nothing different or special about this domain. I think it was set up in the same way - a standard CNAME set-up. In all other respects, it works fine.

Any ideas, anyone?

On the SSL/TLS app of the Dashboard, what does it say in the first panel beside “Universal SSL Status”?

On the last tab of the same tab, what does the button say in the “Disable Universal SSL” panel?

Can you share the host name that is missing a Universal SSL cert?

Thanks for replying.

For most of the domains on my account, including this one, the words “Universal SSL Status” appear for a second and then are replaced with something like (in this case) “This setting was last changed 4 days ago”.

Some of them are different - on some domains, the words “Universal SSL Status” stay on the screen and after a second the words “Active Certificate” appear.

However, I should point out that there are domains which definitely do have an active certificate but this active status message doesn’t appear.

Is this a known bug or other aberration?

The button says “Disable Universal SSL” because I have already disabled and then re-enabled it.

When you say host, do you just mean the domain name? It is speakersco.co.uk.

Thank you again.

The domain you listed (speakersco) is not using Cloudflare.

@jon26, are you using Cloudflare via a partner/partial setup (That’s where you don’t change your name servers)? You are not getting a notification of active certificate on your dashboard and it may be worth contacting the partner to see if they can assist.

Edit - I see the certificate on your origin server and your ssl setting. Perhaps on the SSL/TLS app, disable universal ssl, wait 5 minutes and then re-enable universal ssl? If you get a message on the first panel of the SSL/TLS app like @michael referenced that reads “Active Certificate” then change your ssl setting on that panel from Flexible to Full (Strict).

My hosting provider has verified that there’s nothing wrong with the Cloudflare set-up at the server end to the best of their knowledge.

They found this post which recommends deactivating Cloudflare on the domain for 24 hours and then enabling it again, so I am giving that a try.

Thank you to the people who have responded to my cry for help!

@sdayman Why did you say speakersco.co.uk is not using Cloudflare? I have just now temporarily removed the domain from Cloudflare (see above) but prior to that, when you left your reply, I assure you it was using Cloudflare. But perhaps you spotted something useful that made it look like it wasn’t…?

When I checked, it was not using Cloudflare’s name servers. When I issued a ‘curl’ command to that hostname, it did not hit a Cloudflare server, nor have any Cloudflare HTTP response headers.

These are the commands I issued at that time:

Thanks, @sdayman - you are right - none of my domains use the Cloudflare name servers. They are all set up using CNAME.

Regardless of name servers and CNAMEs, the server responding to that hostname was not Cloudflare.

So…are the CNAMEs pointing to someone who is on Cloudflare? What I saw did not indicate as such.

And now I’m getting dizzy:
speakersco has an IP address (not Cloudflare).
But it forwards to www. And that’s a CNAME to Cloudflare. Which is a CNAME to a subdomain at speakersco. And that’s a CNAME for speakersco.

I’m not entirely sure how this is actually functional.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.