SSL certificates are not renewing

Problem statement

The SSL certificates have a close date to expiry and are not renewing themselves.


Cloudflare has made a change to their allowed Certificate Authorities, and will no longer support DigiCert. Starting November 1, 2022, certificate renewals may occur with a different CA. As long as you are not pinning certificates, no action is required.

If you are currently using AWS Cognito, it requires updating the thumbprint information in Cognito identity provider configurations. This must be updated with all of the following thumbprints to ensure that the replacement certificate is accepted:


Regarding Cloudflare, our team is still working on this. Once we have more information, we will update and send notifications.