Fix SiteGround SSL Expired Issue with Cloudflare

SiteGround earlier offered Cloudflare CDN which you can setup from their hosting account or by setting up on Cloudflare site. Recent days, SiteGround guys ramped up their internal setup by introducing their own CDN. Due to this, they discontinued Cloudflare support in favor of their own CDN. If you are using Cloudflare for your SiteGround site, it will create a problem in renewing wildcard SSL. Here is how you can change the setup and fix the problem.

Using Wildcard SSL in SiteGround

First thing, the problem comes only when you are using wildcard SSL. This is normally the case when you have lot of subdomains or using Cloud account. For using wildcard SSL, SiteGround needs the domain to be pointed to their nameservers. Unfortunately, this is not the case with Cloudflare as you need to change the namerservers for using their WAF and CDN.

On the side note, SiteGround CDN is not up to the mark both from performance as well as from support perspectives. So, be aware the wildcard SSL will not work if you plan to change the nameservers of your SiteGround hosted domain. The problem is that you will not get any notification email even after the SSL is expired. That’s absurd, and your site will go down with SSL mismatch error till the time you notice and manually fix the problem.

Checking SSL Status in SiteGround

• Login to your SiteGround hosting account and go to “Websites” menu.
• Under “Websites” tab, click the “Site Tools” button for the site you want to check the SSL status.

• When you are in the Site Tools section, go to “Security > SSL Manager” section.
• Under “Manage SSL” heading, you will find all your Let’s Encrypt and other existing SSL certificates with the subdomain details.
• As you can see in the below screenshot, the status of one of the subdomains is in expired status.

As explained, the reason was that the site was using Cloudflare in the meantime and hence SiteGround guys did not renew the SSL. The solution is to delete your wildcard SSL certificates and add individual SSL for domain and subdomains separately.

Deleting Expired and Other Wildcard SSL

• Click the three vertical showing on each item and select “Delete” option.

• Confirm the prompt that appears to permanently delete the SSL certificate.

• You will see a success message “Let’s Encrypt Wildcard Deleted”.

Remember, you should delete the wildcard for all subdomains (if you have added) and the primary domain which you have selected. The list should become empty in that case.

Adding New Let’s Encrypt SSL

• After deleting all the items, scroll up and select your domain or subdomain under “Install New SSL” section. Make sure to select “Let’s Encrypt” option (not the wildcard) and click “Get” button.

• It will take few seconds to process your request and you will see success message that the SSL is installed on the selected domain/subdomain.

Make sure to add Let’s Encrypt SSL for all your subdomains separately in the same manner.

Testing SSL Certificate in Browser

Wait for a while and open your site in your favorite browser. Click on the padlock icon in the address bar and select “Connection is secure” option (this is Chrome).

You should see the certificate is valid and click on that link.

It will show a pop-up and go to “General” tan and check under “Validity Period” section. This should show the valid dates for your SSL and your site may use the certificate from Cloudflare or Google (this one from SiteGround) depending upon your setup.

It will take some time for the new SSL certificates to work on your site. Good thing is that your site will be up and using the old certificates even you purge the cache in Cloudflare. If you are setting up WordPress on subdomain, make sure to force HTTPS by changing the site address settings in admin panel to avoid SSL or privacy error.