Universal Certificate Seems to be Expired

ssl

#1

Hi Guys,

Our entire domain (across 3 different hosting situations) is reporting:

Your connection is not private
Attackers might be trying to steal your information…

The website is effectively down, and unusable.

Our members cannot access the site.

The browser says the certificate has expired.

CloundFlare’s Crypto tab says Universal SSL is Active and Full.

I’ve toggled on and off the orange cloud.

I’ve cleared cache.

What are other troubleshooting things we can do?

Thanks for your help.

Paul

I’ve filed a support ticket this morning - Request #1538269


Universal SSL certificate expired
#2

The browser says the certificate has expired.


#3

CloundFlare’s Crypto tab says Universal SSL is Active and Full.


#4

Update from Kevin in Support:

Thanks for contacting Cloudflare support. Sorry for all your trouble here. There was an issue with your certificate and we have escalated this to engineering.

I will put this ticket on hold and reopen it as soon as we have updates.

In the meantime to keep your site online, I have two options I recommend. If there is a valid certificate at your origin, I suggest you Pause Cloudflare on the zone until this has provisioned:
How do I temporarily deactivate Cloudflare?

Otherwise you can turn SSL off and traffic will automatically redirect over HTTP.

If there is anything else I can help with or you have any other questions in the meantime please don’t hesitate to get in touch. Again our sincere apologies for all the inconvenience.


#5

Update from Keefe in engineering:

After re-ordering the certificate for your domain, the order is completed and deployed in my test.

This should resolve the issue you’re facing.

I reached back out to hear if there’s a way we could have prevented this situation.


#6

One of our hosting platform providers suggested:

create a new cloudflare account and set up the domain there (same domain would work, the one that will actually be active depends on the nameservers you would use for the domain). This would be using a different certificate.

So two CloudFlare accounts…

We didn’t have to use this idea. Just sharing 'cause incase it helps someone else.


#7

Here’s an update from engineering:

Unfortunately there was not much we could do to get it resolved any quicker than the way we did by getting our engineering team to investigate. I’m confident this is a a rare occurrence and should not happen again but if it does there was a workaround available to resolve it, you could have used our dedicated SSL certificates during this incident – Cloudflare Dedicated Certificates. They do come at an extra cost or $5 or $10 dollar a month…

Wish I’d of thought of that yesterday. :slight_smile:


#8

Yeah, but I see 2 issues here:

  1. The second account wont work for long, since after a bit of time the domain is deleted if not used.
  2. Even if you set it up it will take time to propagate the changes, defeating some of the purpose.

#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.