SSL on my VPS with SSL certificate from CF
How do I automatically renew the certificate issued by CF on my VPS?
Does it even need to be the same?
8 Replies
If it's the edge certificate you're refering to than cloudflare automatically renews those for you. If it's the Origin server certificate you're refering to. The reason cloudflare uses a default of 15 years is exactly that one maybe.. These don't auto renew. However:
If you wish to automate the issuance of Origin Certificates, click the CLI or API links to the right of the Help link to see additional instructions. (Probably possible through API)
It's the Origin server certificate
Oh okay, well, I gotta see how to retrieve those long lasting ones
Cloudflare > Website > SSL/TLS > Origin Server 🙂 Than download the secret key (only visible once, during generation) and public certificate to then import and activate them onto your origin 🙂 I also believe you might need the Cloudflare origin root CA as the intermediate certificate: https://developers.cloudflare.com/ssl/origin-configuration/origin-ca/#cloudflare-origin-ca-root-certificate
Cloudflare Docs
Origin CA certificates | Cloudflare SSL/TLS docs
Origin Certificate Authority (CA) certificates allow you to encrypt traffic between Cloudflare and your origin web server, and reduce origin bandwidth consumption.
Ah, I've already read that page 😄
But thank you, I will try this and might create a new post when something isn't working
Best of luck! 😄
Thanks 👍🏻
you can create a 15 year origin cert or run a cron job that regulary renews your certificate, for that you need your own csr though https://developers.cloudflare.com/api/operations/origin-ca-create-certificate
alternatively if you want a publicly trusted certificate on your vps you can also use certbot, which can handle the renewal for you
Yeah I read this 👍🏻
Thank you ^^