Universal SSL functionality is not working on my domain, and the edge certificate page shows ‘No certificate’.
What steps have you taken to resolve the issue?
I’ve attempted to toggle the “Universal SSL” switch multiple times, and before posting this thread, I followed the standard procedure outlined in the official guidelines: disabling it for 5 minutes, then re-enabling it and waiting for 15 minutes. However, it still hasn’t taken effect. I also suspected that having too many subdomains might be the issue, so I deleted all domains except for one test record. Unfortunately, even for this remaining test record, the SSL certificate hasn’t been applied to its subdomains. Additionally, I’ve tried toggling other SSL-related settings, including “Always Use HTTPS,” “TLS 1.3,” “Automatic HTTPS Rewrites,” “Certificate Transparency Monitoring,” and adjusting the “SSL/TLS Encryption Mode,” but none of these changes seem to have any effect.
Was the site working with SSL prior to adding it to Cloudflare?
baiyun.work. 172800 IN NS f1g1ns2.dnspod.net.
baiyun.work. 172800 IN NS f1g1ns1.dnspod.net.
;; Received 94 bytes from 2001:dcd:2::10#53(b.nic.work) in 32 ms
Hello, I’m glad you’re participating in my discussion. I noticed that you checked the NS records for my domain. Yes, my domain doesn’t have NS records set to Cloudflare because I connected through the Cloudflare Partner program. This method allows me to set NS records to non-Cloudflare values and use Cloudflare by adding CNAME records pointing to hostname.cdn.cloudflare.net. For additional information, please refer to the screenshot below.
Oh, thank you very much for your suggestion. I find it helpful! I will try to reach out to them and seek assistance in resolving the issue. Thank you so much for your response!
I saw in other posts with similar issues that switching the SSL mode to strict is important, so I did that, but unfortunately, it didn’t work. Additionally, I discovered something new: if I disable Universal SSL and then re-enable it within a few seconds, and refresh the “Edge Certificates” page within a few seconds after re-enabling, the page will show some previously applied certificates (status “Deleted”, which should be expired certificates) and a few records in “Initializing” mode (seemingly trying to apply for certificates, as you can see in my screenshot below), instead of showing “No certificates”. However, if I refresh the page again, or if I fail to refresh the page within a few seconds after re-enabling Universal SSL, the page will directly show “No certificates”. Yes, it doesn’t show the previous certificates, nor does it try to apply for new certificates.
