SSL Edge Cert - Can i Delete it and error 1214 when uploading new!

Hi - can anyone advise if we must have an Edge cert within Cloudflare?

we have websites in Azure however it seems as though CF has sucked them in as Edge certs and now we’re having to upload to CF which is failing with code 1214 failed to parse private key.

My question is what would happen if i simply delete the old cert? Will CF suck in the new one or must it be manually uploaded each time? With time of SSL certs becoming shorter and having to renew each year - i can see this becoming a pain especially as you have to play around with OpenSSL etc.

Is this a Business or Enterprise plan? I’m not aware of Cloudflare ever importing an Edge certificate. I’m pretty sure that’s impossible because the private key should not be readable by anybody outside the server.

thanks - we’re on a business plan, the thing is no one recalls uploading certs to CF last year when we renewed with Globalsign so its really strange how we’ve had to do it this there. Issue resolved with the Error1214, we didnt remove the PEM password.

Any ideas if you can have full end to end encryption without having to upload the certs to CF?

You certainly can. I don’t upload certs to my Biz plans because it’s a bit of a hassle. I just use the default “Universal SSL” certs provided by Cloudflare. Just make sure you have SSL set to Full (Strict) and Edge Certs shows as Active. The bottom of the Edge Certs page has a Enable/Disable toggle for Universal SSL.

Thats great! and i can see our org has universal ssl enabled - but we have custom certs uploaded too…i take it that or we simply do it remove the certs and the Universal SSL will kick in after that by itself or would be click on the ‘order advanced cert’ button?

I’d remove those uploaded certs. There should be a Universal cert showing as well that will take over once the custom cert is removed.

ah yes i can see that universal one which states active - we’ll give i a try out of hours, many thanks for your help!

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.