Hi,

We have disabled Universal SSL Certificates for some of our domains a few months ago. At the same time we have enabled Certificate Transparency Monitoring and we can see that there is still being created universal SSL certificates for these domains.

Why are our domains still included in the universal certificates ?

How did you disable it?

Whats the domain?

I disabled under the Disable Universal SSL section under SSL/TLS -> Edge Certificates in the dash.
The domains are dccenergi.dk and nemfyringsolie.dk

That should be the right place (assuming you mean the disable button at the bottom of the page).
When exactly did you disable it?

The last certificate was issued for the former domain on September 9th, for the latter on August 11th.

I am not 100% sure of the date, but it was mid august.
I received a certificate transparency notice yesterday for at universal certificate that includes both domains:

Log date: 2019-09-25 22:31:20 UTC
Issuer: CN=COMODO ECC Domain Validation Secure Server CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
Validity: 2019-05-24 00:00:00 UTC - 2019-11-30 23:59:59 UTC
DNS Names: ssl378479.cloudflaressl.com, …

Hmm, I couldnt find any issued certificates for ssl378479.cloudflaressl.com in September.

The last one was two weeks ago - https://crt.sh/?id=1946170033 - but does not seem to include your domains.

If you disabled it mid August, I wouldnt have expected that certificate request for your first domain in September. You might want to clarify this with support.

This topic was automatically closed after 30 days. New replies are no longer allowed.