Anyone here got a Godaddy site using Joomla and Cloudflare SSL Certs to work, using nameservers and new domain in Cloudflare?

Subject explains my question.

That’s oddly specific. Is something not working?

I am a Godaddy website manager of the site called “thepassionofdesign.com” for my wife.

I saw a technote on the internet which stated that I could use your free Cloudflare SSL certificate generator and use it on the Godaddy site.

I have access to Cpanel on Godaddy and followed the instructions to remove the Godaddy nameservers and replace them with the Cloudflare nameserver names.

I created a Domain name on Cloudflare which is exactly the same name as before: thepassionofdesign.com

I’ve been trying all the Certificate options in Cloudflare to install any of them on my Godaddy website. I used one certificate option in Cloudflare which successfully installed in CPanel.

When I go to my Godaddy CPanel to review my SSL/TLS Status. it tells me that the Cloudflare SSL Cert is Unknown Certificate Type
Expires on October 2, 2036, with green pad lock in front.

The dns was updated after a day or two , and when I ping -a 107.180.2.120 I get the following:

pinging ip-107-180-2-120.ip.secureserver.net [107.180.2.120] with 32 bytes of data:
Reply from 107.180.2.120: bytes=32 time=17ms TTL=48
Reply from 107.180.2.120: bytes=32 time=18ms TTL=48
Reply from 107.180.2.120: bytes=32 time=18ms TTL=48
Reply from 107.180.2.120: bytes=32 time=17ms TTL=48

Ping statistics for 107.180.2.120:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 18ms, Average = 17ms

I can not get to thepassionofdesign.com without getting a browser error, any browser

This page isn’t working
www.thepassionofdesign.com is currently unable to handle this request.
HTTP ERROR 500.

If I use the IP address, I get there, but up pops a default Storefront web page which is useless to me. Not my Jooma Content Web Page Storefront that has worked for many years…

https://dash.cloudflare.com/6b1d9fd37d7efdf7c5499d39423e6f26/thepassionofdesign.com/dns

Can you send me a ZIP file containing a text equivalent of the Private Key and Certificate Text for thepassionofdesign.com that I can copy and paste into CPanel menu of my site regarding CloudFlarre SSL?

Any help would be greatly appreciated.

Stephen

This is normal, as the cert is only valid when proxied by Cloudflare. You’re good here.

I get a 500 with and without ‘www’ for that domain name.

In this situation, I’d go with this (with a caveat below):

I suggest you use the “Pause Cloudflare on Site” option from the Overview tab for your domain at dash.cloudflare.com. The link is in the lower right corner of that page. Give it five minutes to take effect, then make sure site is working as expected with HTTPS. Only then should you un-pause Cloudflare and double-check your SSL/TLS setting to make sure it’s Full (Strict).

Caveat: We’ve already established that the Origin Cert isn’t publicly recognized, but if you tell your browser to ignore the warning (I know, normally a bad idea, but this is your website), you should make some headway in diagnosing the problem before you un-pause Cloudflare.

Thank you I will give it shot, and of course, let you know. Thanks.

1 Like

Well, technically ignoring a certificate warning on your own site is equally bad, but in this case the OP knows that he has a certificate which is not trusted by browsers, so in this particular case (as long as it is not proxied) it can be ignored.

Given, of course, that it is the actual certificate and not some other Origin certificate.

1 Like

I was trying to be brief and left out the “be sure to take a look at the presented certificate and make sure it matches the origin cert you just generated so that you know that nobody is trying to trick you with a MITM attack on your site using a fake cert.”

My my . . . the plot thickens. I will admit that I am not too savy to understand all this stuff/jargon. But I have tried to implement all the anti-hacking parameters on the site that have been recommended to me by a third party and Joomla help. https://sitecheck.sucuri.net/ Heck, what have I got to lose? Also, this site is based on a third party Joomla vendor template which, my wife, she really liked. For her small business, and yest for years she has has never provided me updates concerning here business model or practices for years. It’s eye candy for here ego. Marriage, you got to love it!

1 Like

Just a quick follow-up here:
Before I go to tinkering with the suggested settings . .
Can you tell which type of Free SSL Category should I be using from Cloudflare for Godaddy?

Is it Edge (probably not), Client CERT or Origin Server. How long can the certificate be selected for? 1 year - 2 years - 3 years etc…

And if provided a level of encryption as an option, which should I choose for example:

RSA (2014)
ECC

DER
PKS
PEM

I also tried to clean up prior created certs by revoking them, but one out 3 previous still says revocation pending after 24 hours.

Thanks again.

I’ve never done anything fancy with my origin certs for my servers. I use the default settings. As for revoking older certs, it’s a nice idea, but unless someone has manage to steal them from you, revoking is probably unnecessary (but still it’s better to revoke).