SSL turns off after a couple of days


#1

Hi there,
I don’t have SSL enabled on my sites (I have three on CF), instead opting to use Flexible. However, after a couple of days the orange cloud goes grey and I have to go to the DNS setting for each site and re-click on the cloud to turn it orange again.

For each site I have

both pointing to the same IP address.

Under the Crypto section it says ‘Universal SSL Status: Active’ and then ‘last changed 3 months ago’.

Can anyone give me a pointer as to what I’m doing wrong? Should I just set up an SSL certificate on my NGINX server and do it that way instead?

Thanks in advance


#2

The cloud should never go grey on its own - you should make sure your API key isn’t compromised by

  1. go to https://dash.cloudflare.com/profile
  2. Scroll down to API Keys and click “Change” on the “Global API key” field
  3. enter password and make sure the API key change worked

It turning grey might be the cause of some DDNS client changing it, or in the worst case an attacker doing it.

Also try going to your dashboard and clicking “audit log” this will show what happens to the domain and the origin of the action.


#3

Hi @tcorballis, that is not normal behavior and I don’t know how an origin certificate will change this. If it’s happened often (1 time is too many), you should let support AT cloudflare DOT com know.

I’d suggest you login to cloudflare, from the upper right, select My Profile, page down to API Keys and click change on your keys. If you’ve shared the keys with anyone, you’ll need to let them know you’ve changed it. If not, then this is just a good precaution to ensure your key is secure.