We’ve been having some issues with a CloudFlare SSL certificate and Microsoft Azure’s Front Door service which also has been set to fully strict SSL mode within CloudFlare and a .pfx file has been generated using the private key and origin certificate. that has been supplied by the account admin.
Azure support advises that this due to the certificate having an incomplete chain, They are now insisting on a full certificate chain rather than leaf certificates as that will always ensure SSL connections succeed on all sorts of clients. All the CRIs lately have been due to customers using leaf certificates.
is it possible for CloudFlare to generate a SSL certificate with a full chain?