Using My Own SSL With Cloudflare: Need Advice

I have some questions related to using our own SSL certs + Cloudflare for our clients.

Many of our clients are using WHM with the autoSSL feature. In normal circumstances without Cloudflare, every 3 months the SSL certs will automatically renew without issue. The challenge though is that when we add Cloudflare to a client’s website, then the certificates don’t auto renew / install and we have to do them manually.

The work around I have been using is:

  1. Add SSL expiration date to calendar.
  2. On that date (or just before preferably), I login to client’s CF account and temporarily pause CF for their website.
  3. I then go into the client’s server about 10 minutes later, run the autoSSL renewal, and its done.
  4. Go back into CF and reactivate CF for that website.

This has become very time consuming and was wondering what other methods would you suggest, or some tool I am missing within CF to avoid the need for this?

Thanks everyone in advance for your advice.

It definitely sounds like way too much work when compared to the alternatives. If the site traffic will always be proxied through Cloudflare, using a Cloudflare Origin certificate would be a far less demanding option.

If you prefer to have a certificate that will validate even with the Cloudflare proxy disabled, you can turn off the global Always Use HTTPS option for the site and create a Page Rule that sets SSL to Off for the relevant *example.com/.well-known/ path used by AutoSSL.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.