Validating Let's Encrypt SSL certificate through nameservers

Since May 8th, my hosting provider sends me a daily email saying action is needed to validate my ssl certificate. Through my hosting provider (TransIp.nl btw) I have a Let’s Encrypt ssl certificate. I’m not sure what triggered the email, as I installed Cloudflare on April 14th already, using the free subscription.

The instructions in the email are I have to add a DNS record to my nameservers:
Name
_acme-challenge

Type
CNAME

Value (I guess this is same as Target?)
<string of a-z and 0-9>.transip-validation.com.

I’ve added this to my nameservers in Cloudflare, but I still receive the daily emails that I need to take action to validate my ssl certificate. (I’ve also tried the value without the last dot, but that makes no difference)

The strange thing is also that the email says I need to take action within 20 hours, otherwise validation stops, but I’m still getting the emails every day.

When I access my website (https://www.skeelerenenskaten.nl), I still have a secure connection through a ssl provided by cloudflare.

Would be great if someone could help me out here. Is my site in trouble of going offline at one point? Should I validate the Let’s Encrypt certificate in another way?

If you need more info, please let me know.

Your help is much appreciated, thanks!

Hi @stlars,

It may be that if you pause Cloudflare (overview tab, bottom right) when the certificate needs to renew, it will go through.

There is some information here, but it may not apply to you.

If your site is always proxied through Cloudflare, you could instead set up a Cloudflare Origin Certificate which can be valid for up to 15 years and you wouldn’t need to worry about renewing. This would not be suitable if you ever moved your site off Cloudflare or unproxied it.

1 Like

Thanks @domjh! I’ll check that article and try if it works. Thanks for your advice. I’ll let you know the result.

1 Like

Update: I’ve paused it and haven’t received the ‘action required’ email for over 24 hours. Enabled cloudflare again, so curious what happens next. So far pausing cloudflare worked great for getting the certificate verified. As the site had been running with cloudflare for some time, I expect it to be solved for now. In the future might have to repeat this. Such an easy fix if you know it, ofcourse. Thanks again @domjh!

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.