After configuring the panel, the domain does not work for me


Hello, I’m new to domains and their security. After configuring the domain in the cloudflare panel, it is unavailable. All who can know what the problem is, please answer. I can share screenshots of settings in the panel, as someone will ask to be sure about something.


It’s working for me. Sometimes DNS takes a day or two before it fully propagates.


Thanks for your help, I am reminded that the error occurred through my Firefox Focus mobile browser, because when I used Opera Touch, this error did not occur anymore.


I can load the site in a browser too, however I also do get TLS errors via other channels. I cant say yet whether that is TLS configuration issue or a potential (geo) problem with edge servers.

Plain OpenSSL connect

openssl s_client -connect
3073411392:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1399:SSL alert number 40
no peer certificate available
No client certificate CA names sent
SSL handshake has read 7 bytes and written 176 bytes
Verification: OK
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
    Protocol  : TLSv1.2
    Cipher    : 0000
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1539385261
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no



Ok. I do not quite understand what you wrote, but how can I solve it so that everything works properly, as it should?


:wave: @akociszewski,

What is the minimum TLS version set to on the Crypto tab in Cloudflare?




Try lowering the minimum TLS version.

Though I wonder, that value should be zone specific and not server specific. Would that imply the IPs change depending on that value?!


That’s what you meant?


:wave: it works now, I suspect previously you had it set to TLS 1.3 as the minimum, which is only supported on a small(ish) number of browsers. If your site is ecommerce, you may want TLS 1.2 as the minimum, otherwise not sure TLS 1.0 is any real risk.



Okay, so to be all right, I have to stay with the minimum TLS 1.0, and optionally 1.2 agree?


This topic was automatically closed after 31 days. New replies are no longer allowed.