Submissions are now open for the 2026 Adobe Experience Maker Awards.
SSL update in Cloud Manager
Hi @ManjulaKumar ,
Yes, you still need to update in Cloud Manager - Cloudflare only terminates traffic at the CDN edge, but Adobe’s Cloud Manager also needs the valid SSL cert for the domain mapping inside AEMaaCS. Both layers need the cert.
Why status stuck at “Deployed” - “Verified” only shows when the DNS CNAME/alias points correctly to Adobe’s edge and Cloud Manager can validate it. If you only replaced the cert but didn’t touch DNS, Cloud Manager won’t re-check until it can confirm ownership.
Re-upload the cert in Cloud Manager, click Go Live, and make sure the DNS record is still correctly pointing to Adobe’s edge hostname. Once Cloud Manager detects the DNS is good and the new cert is active, it will flip to Verified automatically.
- Cloudflare CDN cert ≠ AEMaaCS cert.
- You must also update in Cloud Manager.
- Status changes to “Verified” only after DNS validation passes with the new cert mapped.
Hrishikesh Kagane
You don’t need to manage the certificate in Cloud Manager since you’re using your own CDN (Cloudflare). This approach is commonly referred to as BYOCDN (Bring Your Own CDN). You just need to make sure the necessary headers described below are passed from Cloudflare to your origin (AEM Publish server: publish-xxx-xxx.adobecloudaem.com).
Please check this out: https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/implementing/con...
Hope this helps
Esteban Bustamante
Hi @ManjulaKumar
1. Since the cert is already updated in Cloudflare, is it not required to update the cert in Cloud Manager?
This is because Cloud Manager acts as the origin server and Cloudflare (when using Full or Full (Strict) SSL mode) still requires a valid SSL certificate at the origin for the connection to be trusted and secure.
So, to maintain a secure end-to-end connection, both Cloudflare (edge) and Cloud Manager (origin) must have valid SSL certificates
2. If it is required to also update the cert in cloud manager, how do I change the status from deployed to verified?
-
Verification may take some time (usually up to 30 minutes) as the platform runs background checks before updating the status.
-
Since this is a certificate renewal (not a new domain mapping) no DNS configuration should be needed.
-
If the status still doesn’t change after some time, it may be due to a backend issue. In that case, we recommend:
-
Double-checking the certificate's validity and domain match.
-
Re-uploading the certificate if needed.
-
https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/implementing/usi...
https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/implementing/usi...
