Search the Community
Showing results for tags 'lets encrypt'.
Hello, Is it possible to disable the browser check mechanism for /.well-known/acme-challenge/* URLs? These addresses are used by the Let's Encrypt domain verification bot, which obviously would not solve the js/cookie challenge. To prevent potential abuse, the exemption could only be granted for static plaintext files under 200 bytes and/or rate-limited.
Currently all pages are self-signed by default, and useless to say that Cloudflare doesn't quite works well with reseller hosting accounts. So, if each account is by default made secure through Let's Encrypt free SSL then it would really help the reseller admins. Best Regards, Shouvik Mitra.