Line
IT Knowledgebase
< All Topics
Print

SSL certificate renewals issue for Cloudflare-enabled domains – Potential reduced AutoSSL coverage

When you try to renew an SSL certificate on a Cloudflare-enabled domain, the renewal fails. Specifically, when you go to the SSL/TLS page in the SECURITY section of the cPanel home screen, you see the following message:

DNS DCV: No local authority: “example.com”; HTTP DCV: “cPanel (powered by Sectigo)” forbids DCV HTTP redirections.

Similarly, if you have a reseller hosting account, when you go to the Manage AutoSSL page of the SSL/TLS section of WebHost Manager (WHM), you see the following message:

WARN Local HTTP DCV error (example.com): “cPanel (powered by Sectigo)” forbids DCV HTTP redirections.
To resolve this problem, you must disable forced HTTPS connections in the Cloudflare settings for the domain. If SSL renewals still fail, there are a few other Cloudflare settings you can check.

You do not need to disable Cloudflare entirely for SSL certificate renewals. Cloudflare only needs to be temporarily disabled when an SSL certificate is installed for the first time.

To fix SSL certificate renewals for a Cloudflare-enabled domain, follow these steps:

Log in to the Cloudflare account associated with the domain

  1. Log in to the Cloudflare account associated with the domain
  2. On the Home tab, click the domain:
  3. Click the SSL/TLS icon, and then click the Edge Certificates tab:
  4. Click the slider to disable the Always Use HTTPS option:
  5. SSL certificate renewals should now complete successfully. However, if they still fail, check the following settings in Cloudflare:
    • Automatic HTTPS Rewrites: This option is located on the Edge Certificates tab of the SSL/TLS section in Cloudflare. If it is enabled, disable it temporarily for SSL renewals.
    • SSL/TLS encryption mode: This option is located on the Overview tab of the SSL/TLS section in Cloudflare. If Full (strict) mode is enabled, set it instead to Full mode temporarily for SSL renewals.


Messenger