I received an email from cloudflare, informing that my website is able to use this new automatic SSL/TLS mode. my question is suppose it determined that I can use full (strict mode), what if my ssl certificate on the origin server got expired, would it change automatically to full (not strict) mode as well? or does it run on a schedule? can we change this schedule?
You can refer to our blog post below. It seems that, based on my test account and checking the API, as of today, you can’t change the scanning schedule.
Hi there,
Thanks for your questions, we’ll update the documentation accordingly.
Automatic SSL/TLS will never change the setting to a less secure option.
So in the case you’re mentioning, it will not change to Full if your certificate expires.
You’ll need to make sure your origin certificate is valid at all time.