Cannot renew with https only


#1

How can I auto renew my https website when I am using cloudflare with automatic https re-writes & https full (strict) settings enabled? I seem to be only able to renew my certificates if I disable https. Any solution, or should renewal work with https only?

This is when using the build-in webserver (option 2) with certbot certonly -d example.com


#2

Hi @0xC1A551C,

Probably the built-in webserver (with --standalone) is listening on port 80, but CloudFlare never sends you any traffic on that port. Since Let’s Encrypt doesn’t like you choose which port will be used for validation, this is a problem. :slight_smile:

The most straightforward options would be to switch to a different method like --webroot (if you have a directory where you can create static files in order to have them appear on your site) or to use the DNS-01 authentication method instead of the HTTP-01 method. If CloudFlare is also your DNS provider, there’s some CloudFlare DNS API support now available for Certbot for this case.


#3

Thanks for the help, this makes sense.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.