Zero Trust's DoH certificate will expire in 2 days
When I inspect the certificate used by https://REDACTED.cloudflare-gateway.com/dns-query (a Zero Trust Gateway DNS over HTTPS address) I see that it will expire in 2 days. I first noticed this issue on Friday. I am escalating this issue because the expiration date is now getting uncomfortably close.
Certificate Common Name: cloudflare-gateway.com
Certificate Thumbprint: 2A556E6EB9FD1082E726768734E0E6C778651566
Note that sometimes I get a newer certificate and sometimes I get this certificate that is about to expire.
4 Replies
I've had monitoring pointed at my DoH address for over 2 years. This is the first time I've seen a certificate within 7 days of expiration, so it seems highly unusual.
I'm not relying on the certificate thumbprint. Just relaying that information in case it helped with troubleshooting.
If there is no reason to worry, that's great. I'll just adjust my alerting threshold.
hm yea I get served one expiring in December
looks like they renewed 2 today as well: https://crt.sh/?q=cloudflare-gateway.com
crt.sh | cloudflare-gateway.com
Free CT Log Certificate Search Tool from Sectigo (formerly Comodo CA)
oh, it looks like the one you're looking at is expiring on the 17th, and same issuer/wildcard as the two they renewed today, interesting