2012 - 2023 Eleven Years of Excellence

Fix cPanel AutoSSL Errors Under Cloudflare Proxy

Facebook
Twitter
LinkedIn
Fix cPanel AutoSSL Errors Under Cloudflare Proxy

In this article, we will discuss Fix cPanel AutoSSL Errors Under Cloudflare Proxy.

The reason is that AutoSSL renewal fails when using Cloudflare, the Cloudflare proxy hides your website’s IP from the Internet.
This is great for keeping your website secure, but when you try to renew your encrypted SSL certificates, the cPanel tool will check which IP address your domain resolves to. It only renews it if it resolves to an address on the cPanel server. However, under Cloudflare, the domain name will resolve to a Cloudflare IP address, so AutoSSL renewal fails.

Unfortunately, there is no way to use AutoSLL with cPanel or encrypt SSL certificates under a Cloudflare proxy. Sooner or later, the renewal will fail. And you can’t stop proxies every three months for every website you have. Instead, the best solution is to use a Cloudflare certificate of origin that is valid for 15 years. This is a permanent solution to the problem. And you can enable full (Strict) encryption mode for your website.

How to Install a Cloudflare Origin Certificate on cPanel

To permanently stop worrying about renewing AutoSSL, here’s how to install a Cloudflare origin certificate.

Step 1: Create a Certificate on the Cloudflare SSL/TLS Tab

  1. First, go to your Cloudflare dashboard and click the “SSL/TLS” tab. And then click the “Origin Server” sub-tab and press “Create Certificate” as shown here:
  1. Set “Generate a private key and CSR with Cloudflare” and “Private key type” to “RSA (2048)“.
  2. Then set “Certificate Validity” to “15 years” (This step should be done by default.). Then, click “Create”.
  1. Now, you will see your “Origin Certificate” and “Private Key”. Copy each of these and save them in two separate text files on your local device. In particular, save the private key in a place where no one else can access it. This key can be used to decrypt communications between your web hosting server and Cloudflare. So keep it safe!

Here, the “Origin Certificate” will be something like this:

				
					-----BEGIN CERTIFICATE-----
........
........
........
-----END CERTIFICATE-----
				
			

And, “Private Key” will be something like:

				
					-----BEGIN PRIVATE KEY-----
........
........
........
-----END PRIVATE KEY-----
				
			

Step 2: Install the Cloudflare Origin Certificate in cPanel

  1. log into your cPanel dashboard and go to the “SSL/TLS” section.
  2. Click on the Certificates section where you can Generate, view, upload, or delete SSL certificates from your server:
  1. On the Certificates screen, scroll down to the “Upload a New Certificate” section. In the box provided below, paste the code (not the private key) for your certificate into the text area.
  2. Cloudflare instantly populates the bottom with a certificate of origin after you paste the certificate code. Ensure the details are correct and save the certificate. 

Step 3: Check to See that the Certificate is Added in cPanel

  1. After saving the certificate, scroll up to see if it has been added to the list. You can see here that the list of SSL certificates now includes the ones from Cloudflare that are uploaded. Now click “Install”.
  1. Paste the private key you obtained in the first step to the input field, then click “Install Certificate”:

Step 3: Check to See that the Certificate is Added in cPanel

  1. For maximum security, go back to the Cloudflare SSL/TLS section and enable the last box that gives you full (strong) security when using Cloudflare:
Editor

Editor

Leave a Replay

Sign up for our Newsletter

Agency Hosting - Singapore Datacenter ( SSD )
Select your billing cycle
1 Year

LKR 12,000/-

You save: LKR 3,000.00

Renew at LKR 15,000.00/Y

2 Years

LKR 24,000/-

You save: LKR 6,000.00

Renew at LKR 15,000.00/Y

3 Years

LKR 36,000/-

You save: LKR 9,000.00

Renew at LKR 15,000.00/Y

If you’re not 100% satisfied with LankaHostMaster, we’ll refund your payment. No hassle, no risk.
Premium Hosting - Singapore Datacenter ( SSD )
Select your billing cycle
1 Year

LKR 10,800/-

You save: LKR 1,200.00

Renew at LKR 12,000.00/Y

2 Year

LKR 21,600/-

You save: LKR 2,400.00

Renew at LKR 12,000.00/Y

3 Year

LKR 32,400/-

You save: LKR 3,600.00

Renew at LKR 12,000.00/Y

If you’re not 100% satisfied with LankaHostMaster, we’ll refund your payment. No hassle, no risk.
Single Hosting - Singapore Datacenter ( SSD )
Select your billing cycle
1 Year

LKR 7,200/-

You save: LKR 800.00

Renew at LKR 8,000.00/Y

2 Years

LKR 14,400/-

You save: LKR 1,600.00

Renew at LKR 8,000.00/Y

3 Years

LKR 21,600/-

You save: LKR 2,400.00

Renew at LKR 8,000.00/Y

If you’re not 100% satisfied with LankaHostMaster, we’ll refund your payment. No hassle, no risk.
Agency Hosting - Germany Datacenter ( NVMe )
Select your billing cycle
1 Year

LKR 12,000/-

You save: LKR 3,000.00

Renew at LKR 15,000.00/Y

2 Years

LKR 24,000/-

You save: LKR 6,000.00

Renew at LKR 15,000.00/Y

3 Years

LKR 36,000/-

You save: LKR 9,000.00

Renew at LKR 15,000.00/Y

If you’re not 100% satisfied with LankaHostMaster, we’ll refund your payment. No hassle, no risk.
Premium Hosting - Germany Datacenter ( NVMe )
Select your billing cycle
1 Year

LKR 10,800/-

You save: LKR 1,200.00

Renew at LKR 12,000.00/Y

2 Year

LKR 21,600/-

You save: LKR 2,400.00

Renew at LKR 12,000.00/Y

3 Year

LKR 32,400/-

You save: LKR 3,600.00

Renew at LKR 12,000.00/Y

If you’re not 100% satisfied with LankaHostMaster, we’ll refund your payment. No hassle, no risk.
Single Hosting - Germany Datacenter ( NVMe )
Select your billing cycle
1 Year

LKR 7,200/-

You save: LKR 800.00

Renew at LKR 8,000.00/Y

2 Years

LKR 14,400/-

You save: LKR 1,600.00

Renew at LKR 8,000.00/Y

3 Years

LKR 21,600/-

You save: LKR 2,400.00

Renew at LKR 8,000.00/Y

If you’re not 100% satisfied with LankaHostMaster, we’ll refund your payment. No hassle, no risk.

What is NVMe

NVMe can deliver a sustained read-write speed of 2000MB per second, way faster than the SATA SSD III, which limits at 600MB per second.

NVMe can deliver a sustained read-write speed of 2000MB per second