Remove AAAA record

Hi there,

I am trying to add a Lets Encrypt SSL certificate to my site through CPanel as WHMCS/PayPal doesn’t seem to like my CloudFlare SSL. However, I am unable to issue a certificate through LE due to an AAAA record for

Please could you remove this record,


These are different issues you are talking about here.

For starters, you will need a certificate on your server anyhow, if you don’t have that your site is still insecure.

Second, if Paypal doesn’t “like” the proxy certificate, that won’t change with you rolling out a server certificate. You’d need to unproxy for that.

Third, you can disable IPv6 only on paid plans and only via the API, Cloudflare API v4 Documentation

Thanks for the response - I will try without proxying

You do have an Origin certificate, and if your encryption mode is “Full strict” you should be good. Don’t change the certificate.

Thing is, your naked domain is not proxied. Try proxying it and then the connections should be fine.

What you meant by “does not like” was most likely that you tried to connect via the naked domain with the Origin certificate and that one won’t be trusted by Paypal. Make sure your records are proxied in that case.

If not, change it to “Full strict”.

I have been tweaking things. It was proxied previously but have set it unproxied to see if that was stopping the LE SSL certificate from being applied

I will test without proxying

Without proxying won’t work as you have an Origin certificate which is only trusted by Cloudflare.

Do you have a reason for Lets Encrypt? Otherwise keep the Origin certificate and make sure you are proxied. Not because LE is not good, but Origin certificates are easier to manage.

Ahh okay, makes sense with the Proxying and SSL.

Only reason I wanted to try LE was because PayPal through WHMCS thought it wasn’t using an SSL certificate

That was for aforementioned reason. On the proxies you have a “proper” certificate and that should work just fine for Paypal.

What I’d do

  1. Check if you are on “Full strict” and if not set it.
  2. Make sure your records are proxied.
  3. Try Paypal again :slight_smile:

You might have to wait a bit for DNS to propagate, though shouldn’t be longer than an hour or so.

1 Like

It’s propagated and am still getting PayPal security errors

Ahh… I believe I have found the culprit. Nothing to do with CloudFlare or SSL… the WHMCS system url was http://*

So, my idiocy! Thank you for assisting regardless!

No worries, that would have been my next suggestion based on the error message :slight_smile:

Just to stress it one more time, make sure Full Strict is selected as that’s important.

Enabled and working well for all sub-domains too

Thanks again, you are an asset to the CloudFlare Community!

1 Like

Great, then you should be good to go :slight_smile:

My pleasure :bowing_man:t2:

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.