Validate a Let’s encrypt certificates on CloudFlare-enabled websites

In this quick tutorials, I will mention a method to Auto-Renew / Validate a Let’s encrypt certificates on CloudFlare-enabled websites.

As you may know, if you use CloudFlare for DNS/CDN purposes, then you cannot access to several server ports for Let’s Encrypt to validate the certification request. So in this case, we need to use Webroot method as per guided in the Let’s Encrypt website: https://letsencrypt.readthedocs.io/en/latest/using.html#webroot

So in quick, steps will be as follows:

  • To auto renew, you can create a crontab to run the following command:
    certbot renew --webroot --webroot-path /YOUR_ROOT_PUBLIC_WEB_PATH/ --renew-by-default --agree-tos --quiet
  • Run it, and if it is ok, can setup the above cron. Remember that you will need to restart the web server so that the new certificate files can be taken into place:
    service nginx restart

Leave a Reply