I have Wordpress site, and set up free Let’s Encrypt certificate from hosting.
Site has been working for 1.5 years, all this time Let’s Encrypt certificate has been re-issuing and applying automatically every 3 month.
I set up Cloudflare free account and few days ago got this message from my hosting:
“Error reissuing Let’s Encrypt free certificate
Unfortunately, there was an error when issuing your free Let’s Encrypt certificate.
To try again, you will need to point the A-entries to the following domains:
18.104.22.168 for techbear.ru.
Certificate will expire 29.08.2019. In case it will not be reissued, HTTPS connection to the domains will not be accessible.”
This is my settings on DNS page,
And Crypto page:
(sorry, new users can post only 1 picture)
The issue here is that when you add Cloudflare, their IP addresses show, not the IP of your server. Ideally, your host may be able to offer some alternative way to get the certificate issues, like DNS validation.
Alternatively, you may have to switch from to while the cert renews.
I found out thats true.
Hosting recommended me to stop using Lets Encrypt certificate, and start using Cloudflare SSL certificate instead.
Switching orange cloud to grey cloud means doing it constantly every 3 month during certificate re-issuances.
Could you suggest me please how to order SSL certificate on Cloudflare correctly?
Is this right:
SSL/TLS - SSL - Flexible.
After issuinf certificate check the checkbox SSL/TLS - Always Use HTTPS is on.
Finally I understand how it works.
The thing is my website is on shared hosting, and hosting company probably wont install CF certificate on server.
So I have only the last option left, which is Flexible.