For some time, I’ve hidden my nextclould behind CF zero trust. When refreshing certificates via letsencrypt I would manually disable the tunnel, refresh and re-enable the tunnel. Now that letsencrypt will no longer notify me via email I need a more robust (read automated) way of refreshing certs. Do I have any options other than disabling zero trust? (the advantage would be I no longer need vpn to have the mobile app working).
Behind a cloudflare tunnel you can use a self signed or expired certificate, just check the “no TLS verify” checkbox
Edit: or use DNS based verification, nginx proxy manager can do it automatically using cloudflare api when behind cloudflare tunnels
Thanks for the reply, among all answers I chose this. Just because it works for me.
Are you a bot?