| 29 | |
| 30 | == Using https with CloudFlare == |
| 31 | |
| 32 | Some members have elected to use CloudFlare - a content distribution network/caching system - with their web sites, and have shared their experience using it here. Current CloudFlare documentation should always be referenced before making changes you do not understand. We can not directly support CloudFlare, but you may find these instructions to be helpful when using it in combination with the automatic https offered by the control panel. This is due to how these services may conflict with each other: LetsEncrypt attempts to issue updated certificates using a method called the "webroot" authentication method. This method places a specially named file in the `.well-known` folder in the root of your web site. Then the LetsEncrypt service looks for this file on your server (to validate the certificate request is legitimate), however CloudFlare may respond to request inaccurately, preventing certificate renewal from occurring. Adjusting configuration on CloudFlare to specifically prevent the service from interfering with or modifying these verification responses can corrrect this situation: |
| 33 | |
| 34 | * Log into your CloudFlare account and go to the Page Rules settings for your domain. |
| 35 | * Add a page rule, ahead of any possible redirects (i.e. potentially just make this the very first rule). |
| 36 | * Configure the rule as necessary. The important part, is that it ignores any requests for the `.well-known/` folder. For example: `*.workingdirectory.net/.well-known/*` for the URL, and the settings set the "Cache level" set to "Bypass". |