Skip to main content

AutoSSL & Cloudflare - What's the Deal?

Comments

5 comments

  • cPRex Jurassic Moderator
    Hey hey! That all sounds right to me - you'd have to either change the SSL plan, or disable the redirection as AutoSSL doesn't support any type of redirection in order for it to verify the cert properly. The common name field issue is known as well, but with the way the certificates are issued there isn't really a good way around it.
    0
  • vatra
    So we're talking about HTTPS redirection defined anywhere: Edge or Origin (Apache Includes, WHM, cPanel, .htaccess, website scripts)? Any redirection would interfere with AutoSSL's issuing and renewing? Don't forget that AutoSSL's DV process depends on DNS resolving to the server's IP address, so proxying of any kind is also a no-no.
    0
  • If Cloufflare, Then Disable AutoSSL. Save.
    0
  • vatra
    The fact that AutoSSL won't issue/renew SSL if you have an HTTP to HTTPS redirect is a serious problem. Isn't this a bad practice on multiple levels to let people access your site through both?
    0
  • vatra
    I'm giving up on AutoSSL for now in favor of Cloudflare Origin certificates. These are the reasons:
    • Incompatible with HTTP to HTTPS redirect
    • Incompatible with Cloudflare proxy
    • CN and wildcard domain stew
    0

Please sign in to leave a comment.