SSL Problems?

Hey, I’m sure this is a common problem or there’s a simple solution to it that I haven’t heard about yet.

I’m using LiquidWeb to run a dedicated server with multiple websites on Cloudflare.

Anyway, I keep getting these emails that say…

====

AutoSSL has successfully renewed the Domain Validated (DV) SSL certificate for “commitmentconnection.com”. The new certificate lacks the following domains that the previous certificate secured:

⛔ webdisk.commitmentconnection.com (checked on Aug 10, 2021 at 8:43:19 PM UTC)

There is no recorded error on the system for “webdisk.commitmentconnection.com”. This might mean that this domain failed DCV (Domain Control Validation) when the system requested the new certificate, but the domain has since passed DCV.

⛔ cpcontacts.commitmentconnection.com (checked on Aug 10, 2021 at 8:43:19 PM UTC)

There is no recorded error on the system for “cpcontacts.commitmentconnection.com”. This might mean that this domain failed DCV (Domain Control Validation) when the system requested the new certificate, but the domain has since passed DCV.

⛔ cpcalendars.commitmentconnection.com (checked on Aug 10, 2021 at 8:43:19 PM UTC)

There is no recorded error on the system for “cpcalendars.commitmentconnection.com”. This might mean that this domain failed DCV (Domain Control Validation) when the system requested the new certificate, but the domain has since passed DCV.

If these domains do not need valid SSL, then you do not need to take any further action. However, if you want AutoSSL to secure these domains, you must resolve the above problems.

The certificate is now active on the website for the following domain names:

NOTE: “⛔” marks domains that the newly-installed certificate does not include or secure. Visitors who access these domain names will see web browser security warnings.

The certificate has the following properties:

Expiration: Monday, November 8, 2021 at 7:43:12 PM UTC
Domain Names: commitmentconnection.com
cpanel.commitmentconnection.com
mail.commitmentconnection.com
webmail.commitmentconnection.com
www.commitmentconnection.com
Subject: commonName webmail.commitmentconnection.com
Issuer: countryName US


organizationName Let’s Encrypt
commonName R3

The certificate’s PEM representation is attached to this message.

Navigate to the “SSL/TLS Manager” interface if you require the private key for this certificate. The key ID for the private key is “bc560_e2921_8c6622dc495a07a0cf3876975c119a62”.

====

I was ignoring them for awhile but apparently it shut down my website yesterday for an hour and the tech said that something switch the site over with the SSL cert. I showed him these emails and he said that because I use cloudflare that I have to remove the proxy once a month and let it renew and then turn it back on.

He said that there’s another way but I’ll need to still turn off the proxy once a year in order for the cert to work.

What are people doing about this? How do I get around this? Am I missing something here?

Thanks,

  • Matt

Hi @matt81,

You do need to make sure there is a valid certificate on the server. Ideally their automatic renewal would work with Cloudflare enabled but if they can’t do that, there’s not a lot you can do.

If they let you install your own certs, you could use a Cloudflare Origin Certificate, which can be valid for up to 15 years but only works when your site is proxied through Cloudflare.

https://developers.cloudflare.com/ssl/origin-configuration/origin-ca

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.