My ssl-cert expire after a 7 days. I cant find in documentation information “When Lets Encrypt start a renewal process???”
Can you tell me about this process
It’s not mentioned in any documentation I’ve seen, and it’s an internal process that could change at any time. The renewal is automatic so you wont have any issues unless you’re interfering with the renewal.
The most common way that happens is when people use Cloudflare’s DNS, with proxying turned on.
It’s not mentioned in any documentation I’ve seen, and it’s an internal process that could change at any time. The renewal is automatic so you wont have any issues unless you’re interfering with the renewal.
The re-release process must be observable, controlled and understandable.You can fully control the date of renewal and reissue of the certificate. And I want to know how Webflow is configured so I can have an understanding and not “Be sure everything will be fine.”
The most common way that happens is when people use Cloudflare’s DNS, with proxying turned on.
What do you mean?
Could you be clearer?
The most common way that happens is when people use Cloudflare’s DNS, with proxying turned on.
I have no problems proxying DNS records through Cloudflare. On the contrary, if it were enabled, I would not worry, because I know that Cloudflare provides its own certificate for the domain in this case.
But I have absolutely no knowledge about Webflow certificate management
Webflow does not give you any options in the way of cert management. If you’re on an Enterprise plan, you can supply your own cert which would give you the control you’re requesting.
If you’re wanting to request a feature change from Webflow, search through the Webflow wishlist, I’m sure you’ll find this one.
If you were using Cloudflare’s DNS and had proxying enabled, Webflow’s certificate renewal would fail.
If you disable SSL on your Webflow site, that’s irrelevant- however SSL is required for several services such as Webflow ECom and User Accounts, and it cannot be disabled when a site has those services.
So many words, but no answer - “What is Webflow’s certificate renewal policy? HTTP or DNS challenges, where i can see __acme.challenge request order?”
No need for the rudeness in the community. You can try asking Webflow via support.
Just to chime in here, we noticed that the certificates for our website were close to expiry too.
What we’ve noticed from historical renewals (See crt.sh) is that WebFlow tends to renews certificates around 12 days before expiry.
We asked WebFlow for some clarification and this is what they told us:
SSL certificates for Webflow sites renew automatically, and do not require any manual effort from your team. The SSL renewal process is automated and Let’s Encrypt will attempt to renew and validate your new certificate 4-10 days before it is due to expire.
And one more response after a second follow up:
Thanks for getting back to me. Here are some additional details regarding SSL certificate renewal on Webflow:
Webflow uses Let’s Encrypt for SSL certificates, which are automatically renewed 4-10 days before expiration. As long as your DNS records point to Webflow and your site is published, the renewal process is automatic. If automatic renewal fails, Let’s Encrypt will retry the renewal process. Ensure your DNS settings are correct to avoid issues.
We hope this helps you configure your monitoring systems appropriately. If you have any further questions or experiencing issues with their SSL certificate renewal, please let us know.
We asked them to publish this information publicly in the documentation so that others can also see it. From our prospective we don’t feel confident if a certificate is renewed so close to the expiration date. We will configure our monitors for an expiration window of 7 days (So it matches our historical records and close to their provided renewal period), if that fails we would consider the certificate renewal process to have potential issues and will start actively reaching out to support for a second opinion to avoid downtimes.