SSL on my VPS with SSL certificate from CF

How do I automatically renew the certificate issued by CF on my VPS? Does it even need to be the same?
8 Replies
MDev
MDev2mo ago
If it's the edge certificate you're refering to than cloudflare automatically renews those for you. If it's the Origin server certificate you're refering to. The reason cloudflare uses a default of 15 years is exactly that one maybe.. These don't auto renew. However: If you wish to automate the issuance of Origin Certificates, click the CLI or API links to the right of the Help link to see additional instructions. (Probably possible through API)
LukeZ
LukeZOP2mo ago
It's the Origin server certificate Oh okay, well, I gotta see how to retrieve those long lasting ones
MDev
MDev2mo ago
Cloudflare > Website > SSL/TLS > Origin Server 🙂 Than download the secret key (only visible once, during generation) and public certificate to then import and activate them onto your origin 🙂 I also believe you might need the Cloudflare origin root CA as the intermediate certificate: https://developers.cloudflare.com/ssl/origin-configuration/origin-ca/#cloudflare-origin-ca-root-certificate
Cloudflare Docs
Origin CA certificates | Cloudflare SSL/TLS docs
Origin Certificate Authority (CA) certificates allow you to encrypt traffic between Cloudflare and your origin web server, and reduce origin bandwidth consumption.
LukeZ
LukeZOP2mo ago
Ah, I've already read that page 😄 But thank you, I will try this and might create a new post when something isn't working
MDev
MDev2mo ago
Best of luck! 😄
LukeZ
LukeZOP2mo ago
Thanks 👍🏻
Idle
Idle2mo ago
you can create a 15 year origin cert or run a cron job that regulary renews your certificate, for that you need your own csr though https://developers.cloudflare.com/api/operations/origin-ca-create-certificate alternatively if you want a publicly trusted certificate on your vps you can also use certbot, which can handle the renewal for you
LukeZ
LukeZOP2mo ago
Yeah I read this 👍🏻 Thank you ^^
Want results from more Discord servers?
Add your server