About two months ago, I successfully installed certificate signed by Cloudflare on my origin server according to the instructions Managing Cloudflare Origin CA certificates (step 1-3)
About two days after installation, and satisfied with myself, I watched a green lock in the address bar, confirming the encrypted connection via https
Everything was fine, but one day Site opens with an SSL certificate warning (There is no trust in this root certificate of a certification authority because it was not found in the store of trusted root certificates of certification authorities)
Delete existing certificate from Cloudflare (Edge Certificates & Origin Certificates) and from cPanel → security → SSL / TLS and then create a new one Edge Certificates & Origin Certificates -
a) through Cloudflare with the registration of the certificate (CRT) and private key in the cPanel section → Install a site with SSL encryption
b) through a request for signing an SSL certificate in the corresponding cPanel section, receiving using the received encrypted CSR certificate and installing it in cPanel
Three days of work in search of a problem did not lead me to a solution and I do not see a solution to the problem…
I would be grateful for any help and advice!
Cloudflare Origin Certificates only work when a site is proxied through Cloudflare. Looking at yours, you appear to either have Cloudflare paused or your DNS records set to , the origin cert will therefore not work.
Use their development site. The regular site is still having issues with Cloudflare certs. I’m surprised you could even see any information. My own sites say Failed to obtain certificate and stop there even if I instruct Qualys to ignore the domain mismatch by clicking on Click here to ignore the mismatch and proceed with the tests.
Edit: Question - Why the Let’s Encrypt cert from cpanel?