16 replies

Cloudflare CA deprecated?

We've got multiple domains under different plans (one partial enterprise, most business, the rest free) that are proxied.

Many/most of our domains were looking like

CN=sni.cloudflaressl.com, CA=Cloudflare Inc

CN=sni.cloudflaressl.com, CA=Cloudflare Inc

- but nowadays we're getting a lot of Google and Let's Encrypt issuances with hostnames as CN.

Are the:

Issuer: CN=Cloudflare Inc ECC CA-3,O=Cloudflare\, Inc.,C=US
Issuer: CN=Cloudflare Inc RSA CA-2,O=Cloudflare\, Inc.,C=US

Issuer: CN=Cloudflare Inc ECC CA-3,O=Cloudflare\, Inc.,C=US
Issuer: CN=Cloudflare Inc RSA CA-2,O=Cloudflare\, Inc.,C=US

CAs being deprecated? If they're sticking around, we're missing an injected CAA record for it, should we have something?

Cloudflare Developers•3y ago•

16 replies

lee

Cloudflare CA deprecated?

We've got multiple domains under different plans (one partial enterprise, most business, the rest free) that are proxied.

Many/most of our domains were looking like

CN=sni.cloudflaressl.com, CA=Cloudflare Inc

CN=sni.cloudflaressl.com, CA=Cloudflare Inc

- but nowadays we're getting a lot of Google and Let's Encrypt issuances with hostnames as CN.

Are the:

Issuer: CN=Cloudflare Inc ECC CA-3,O=Cloudflare\, Inc.,C=US
Issuer: CN=Cloudflare Inc RSA CA-2,O=Cloudflare\, Inc.,C=US

Issuer: CN=Cloudflare Inc ECC CA-3,O=Cloudflare\, Inc.,C=US
Issuer: CN=Cloudflare Inc RSA CA-2,O=Cloudflare\, Inc.,C=US

CAs being deprecated? If they're sticking around, we're missing an injected CAA record for it, should we have something?

Cloudflare CA deprecated?

Similar Threads

Cloudflare CA deprecated?

Similar Threads

Similar Threads

Similar Threads