Changes to Universal certificates
Cloudflare will stop using DigiCert as an issuing certificate authority (CA) for new Universal certificates. This will not affect existing Universal certificates.
This process will begin for Enterprise zones on October 18, 2022.
The maximum validity period for Universal certificates will also be decreased from 1 year to 90 days.
You do not need to make any updates to the Domain Control Validation (DCV) for your zone.
If your domain is using a Full setup, Cloudflare will automatically complete TXT-based DCV on your behalf.
If your domain is on a Partial setup, Cloudflare will automatically complete HTTP-based DCV on your behalf.
If you are currently pinning your Universal certificate, stop pinning the certificate. This will ensure your certificates are not impacted during the Universal certificate renewal.
If you want to choose the issuing CA for your certificate, order an Advanced certificate. Once that certificate has deployed, disable Universal SSL to prevent Cloudflare from issuing the Universal certificate for you.