July 15, 2023
8:53 p.m.
We were notified that some validators were unable to pull our cert which is hosted behind Cloudflare. I believe the fix is to create a WAF rule to match when the User Agent contains "Java/1.8.0" and then choose the Skip action. Please share if anyone has any better tips for WAF rules for this scenario. I was seeing Bandwidth, TransUnion, and Level3 getting blocked. TransUnion gave me the heads up and mentioned they saw it with other carriers lately also.