Pending validation for certificate

Edit: I’ve backed out my DNS settings that pointed to Cloudflare and am not currently using Cloudflare. I’ve left the posts though, in case anyone else runs into the same thing I did.

----- Original Post -----

I’m stuck on Pending Validation for the Universal SSL Edge Certificate for several days.

Cloudflare tells me that I haven’t set my name servers, but I have set the NS records to:

brad.ns.cloudflare.com
elinore.ns.cloudflare.com

My site is at divmino.x10host.com. I can’t change x10host.com as that is the domain for the hosting service, not my own site. I can and have changed the NS records for divmino.x10host.com through DirectAdmin at x10hosting.com. This can be seen when looking for NS records on DNS propagation checker sites.

I opened request 1818411, but have only gotten a bot response about the name servers.

I’ve tried turning off and on the Universal SSL certificate setting just to see if that would kick off the certificate creation, but after several days it has not.

Any ideas?

1 Like

Hi @gitdivmino,

If your website is on a subdomain of x10host.com, you can’t add the subdomain to Cloudflare. You could only add the whole of x10host.com (which I presume you don’t control), unless you were to use a partner/CNAME setup.

Are you sure? I don’t understand why not, because all the http (non-SSL) traffic is working just fine.

Cloudflare has cached it and the browser is showing the content from Cloudflare when using either www.divmino.x10host.com or divmino.x10host.com.

It seems to me that this is just some kind of bug in issuing the certificate.

I see this in Chrome:

Request URL: http://divmino.x10host.com/
Request Method: GET
Status Code: 304 Not Modified
Remote Address: 104.24.108.174:80
Referrer Policy: no-referrer-when-downgrade

Request URL: http://www.divmino.x10host.com/
Request Method: GET
Status Code: 304 Not Modified
Remote Address: 104.24.109.174:80
Referrer Policy: strict-origin-when-cross-origin

Those are Cloudflare addresses.

Hmm… You can’t normally add a subdomain. Did you enable it through X10, or directly with Cloudflare?

Can you post a screenshot of the overview page in Cloudflare for that domain.

1 Like

Here’s the overview page at Cloudflare:

Here’s the DNS page at Cloudflare:

Here’s the DNS page at x10hosting.com:

Thanks!

I forgot to answer the first question. I enabled it directly in Cloudflare and changed the DNS settings per Cloudflare’s instructions.

Haven’t seen that before! You could try disabling and re-enabling Universal SSL and other tips in Community Tip - Best Practices For Certificate Provisioning

1 Like

I already did all that stuff.

Oh gee. I see it right there:

  1. Cloudflare’s Universal SSL certificates only cover example.com and .example.com . It won’t cover www.subdomain.example.com . If you need a deeper subdomain with HTTPS, such as www.subdomain.example.com , then you’ll need the Dedicated Certificate with Custom Hostnames option.

I don’t understand why that is though.

I did consider that for the issue, but this is an unusual setup that I haven’t seen before and I am not really sure how SSL works in that case!

I suspect the bot possibly got confused with the setup, as I did! If you reply to that auto-response, you should get through to an engineer.

1 Like

Thanks! I did reply to the bot and sent them a screen shot of the DNS settings from x10hosting.com.

I’m trying to go all free here and not to have to purchase a domain since I’m not going to do all that much with the site.

1 Like

Edit: Okay, don’t follow these directions. This had worked for me and I had a valid SSL certificate, but now my site is broken with an invalid SSL certificate and I can’t access SSL settings anymore. My site is now locked to redirect to SSL (the checkbox to disable this is gone) and is completely broken.

Guess I got caught up in between some changes made at x10hosting.

---- Original Post ----

I was trying to use Cloudflare as a workaround for a lack of SSL certificates at x10hosting for my account type. The community at x10hosting had said that that SSL certificates weren’t available for the free accounts, but I found them buried in DirectAdmin. x10hosting recently switched from cPanel to DirectAdmin.

If you are trying to find SSL in x10hosting for the free account, you currently won’t find it in any of the menus, but you can just type SSL in the search bar under Account Manager. That’ll create a drop down with an item called SSL Certificates. Choose this item and then you can create an auto renewing Let’s Encrypt certificate.

I’ve deleted my site from Cloudflare and reset my DNS settings at x10hosting so that I can use SSL. I’ve also closed my ticket since @domjh kindly pointed me to the documentation that says Cloudflare doesn’t support sub domains.

I’m still confused as to why Cloudflare doesn’t support this, but I’ve got to get my site up.

That’s two of us, then! Normally you can only add domains to Cloudflare, not subdomains as yours is. I wonder if this is expected and just an unusual setup that I haven’t seen before, or if it’s not intended and that’s what’s breaking things! Really, support are the only people who can clarify that!

1 Like

Sorry, I meant to reply to myself in case anybody wandered into this post and started replying that my DNS wasn’t set up to point to Cloudflare. I’ve backed out the Cloudflare stuff for now. I probably should put a note in the first post so people don’t waste their time.

Thanks again, take care.

1 Like

No problem, please just let us know if you decide to try again and have any questions!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.