Certificate Renewal through a Cloudflare Proxy

Hello,
We're hosting a website built in Webflow on Cloudflare. We have seen the site go down when the SSL certificate is renewed. We fix it by turning off Proxy Status of that DNS record temporarily. However, now we see an SSL Handshake error for the root domain on a site and that same step isn't fixing it. Is it possible that the proxy-ssl.webflow.com certificate we're using is incompatible with Cloudflare? We would leave the CNAME record as DNS only permanently but it conflicts with other security features.

Is it possible that the proxy-ssl.webflow.com certificate we're using is incompatible with Cloudflare?

I've never used webflow, but I doubt that is possible. By default, Cloudflare does not care about the validity of origin/source certificates – they can be expired, revoked, mismatched, etc – unless you specifically tell Cloudflare to do otherwise, they will grab the origin content and upgrade it to their own SSL.

Most likely your host is incompatible with Cloudflare and is breaking something when renewal happens. Webflows' own hosting, which I assume you're using, is incompatible. See Connecting a custom domain | Cloudflare - Webflow University Documentation

5 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.