CloudFlare preventing Let's Encrypt subscription



Are all DreamHost customers who have a free CloudFlare subscription being blocked from adding free SSL signed certificates from Let’s Encrypt to their account?

I read the article in the January 2016 Newsletter from DreamHost that recommends we all sign up for the FREE signed SSL certificates from Let’s Encrypt. It sounded like a good idea so I signed in to the DreamHost control panel and immediately found a link that took me to right location. I had to choose my domain name from a drop down menu and clicked a little box to create a check mark to turn on the Let’s Encrypt service. Suddenly I was stuck! A CloudFlare Subscription paragraph popped up on my screen and would not let me proceed. Trying to click on the Add now! submit button did nothing. Here is what it said on the screen:

Add Secure Hosting
Domain: [drop down menu listing my two domains]

Signed Certificate:
DreamHost is proud to offer FREE signed SSL certificates from Let’s Encrypt. By checking this option you agree to the Let’s Encrypt Terms of Service. [check mark toggle on/off button]

CloudFlare Subscription:
You will need to subscribe to a paid CloudFlare plan before you can add secure hosting to a domain that has CloudFlare enabled. [drop down menu with two lines:
Pick a plan:
CloudFlare Plus ($9.95/month)]

Unique IP:
A unique IP is not required for secure hosting, but having one will improve your site’s compatibility with some older web browsers and devices. (More information…)

Add now! [a submit button]

Are all DreamHost customers who have a free CloudFlare subscription being blocked from adding free SSL signed certificates from Let’s Encrypt to their account?



Nope. As far as the DreamHost panel knows, I don’t have Cloudflare. None of my domains have the checkbox for “Enable Cloudflare.” I did the setup manually a year ago.

I mostly use a paid Cloudflare plan, but I have one domain that’s on the free plan and that has a Let’s Encrypt certificate. In fact, that was probably the first one I tested with Let’s Encrypt and it worked fine without a hitch.

Again, I don’t have Enable Cloudflare checked for any of my domains. I just switched my WHOIS info to use Cloudflare for my DNS servers after I added my domain(s) to my Cloudflare account.


Thank you sdayman (Scott) for your reply.

I have submitted a ticket to DreamHost support and received a reply asking me to please be patient. Apparently they are forwarding my request for assistance to their best qualified staff member for this type of issue.

I only have two hobby websites. I do not see this issue as being a life versus death or riches versus poverty situation so I will have plenty of patience. I am already in poverty and sometimes feel more dead than alive anyways. Growing old is not fun!

In the meantime I was searching around and found the following statement in CloudFlare’s support section of their website.

Title: Can I use the free Universal SSL option if I signed up through a CloudFlare hosting partner?

By: Damon

June 29, 2015 18:16

At this time the Universal SSL option is not available to CloudFlare customers that signed up through a hosting partner. We are, however, trying to work on the technical limitations to open up the offering to domains that have been signed up through a hosting partner.

If you signed up through a hosting partner and still need SSL, then please look at adding SSL support through one of our paid plans.

I think I recognize Damon’s name as being very active on this forum when CloudFlare was first offered to DreamHost customers and I signed up.

My guess is that there may have been lots of DreamHost customers who signed up through DreamHost for CloudFlare’s free security plan. Therefore my recent experience of being blocked when trying to sign up for Let’s Encrypt free certificates may be quite common. I hope someone is finding a solution.




I started this thread by asking the question:

Are all DreamHost customers who have a free CloudFlare subscription being blocked from adding free SSL signed certificates from Let’s Encrypt to their account?

After much research on DreamHost’s and CloudFlares’s websites I have come to the conclusion that the answer to my questions is:

YES if they signed up for CloudFlare’s services through the DreamHost control panel.

CloudFlare claims they put a lot of effort into working individually with many web hosting companies to add the option of signing up for CloudFlare services through the web hosting company’s customer control panel. For many but not all of those web hosting companies there is now some sort of technical glitch or conflict that prevents customers from having both a free CloudFlare account and a signed SSL certificate. DreamHost is one of the web hosting companies affected by the problem.

Advice on the CloudFlare website support pages seems to range from “be patient, we are trying to fix the problem” to “it is impossible, this problem will never be fixed”.

The solution for DreamHost customers is to cancel your free CloudFlare service in the DreamHost control panel (remove the checkmark from the little box). Then sign up for the free CloudFlare service directly on the CloudFlare website.

You will need to use a different email account on the CloudFlare website to create your new login and password. The whole process of signing up on the CloudFlare website and then changing your whois nameservers on the DreamHost website will be scary because of all of the warnings you will see.

Both DreamHost and CloudFlare offer free SSL certificates from other companies. From what I read on the CloudFlare website the best choice is to sign up for the free signed SSL certificates from Let’s Encrypt in the DreamHost control panel. Any certificate offered by DreamHost will encrypt the full communication path from DreamHost’s servers to CloudFlare’s servers to the computer of the visitor to your website. The Universal SSL certificates offered by CloudFlare do not encrypt the link between DreamHost and CloudFlare. They only encrypt the link from CloudFlare’s servers to the computer of the visitor to your website.

In post #3 of this thread I mentioned that I submitted a ticket to DreamHost support. I waited a full day after I started this forum thread before submitting the support ticket. I received an initial reply from DreamHost support saying that my request for assistance was being forwarded to the best qualified person for this issue. Well I guess the best qualified DreamHost staff member does not exist, is on vacation, or too busy. I never received any further communications from DreamHost support.

On the DreamHost control panel under the topic of support was my ticket with a digital clock and a little checkbox. I watched the digital clock count up to 5 days and at least 5 hours before I finally clicked the little checkbox to withdraw my request for assistance. I was expecting the digital clock would probably stop or disappear and the status of my support ticket request would change from waiting (or pending) to cancelled (or withdrawn). Instead I was caught totally by surprise when my support ticket was purged from the system. It completely disappeared! There was no evidence left anywhere that I had requested assistance from DreamHost support.

I am currently waiting out the 72 hours recommended by CloudFlare. I do not know if I did everything right but hopefully this thread might help other DreamHost customers.

Iceberg ~ My main website for which I have tried implementing the above changes. ~ A new website I just started applying the above suggestions.