Hi,
I am a total noob and really don’t know what I am doing. I wanted to use cloudflares free SSL with my ionos hosting. I have set up the Cloudflare plugin on wordpress and connected the Cloudflare API key. Now I am trying add cloudflares nameserver on ionos, but I don’t know which entries I should replace.
This is what I see on ionos:
TYP HOSTNAME WERT
A @ 217.160.233.227
AAAA @ 2001:8d8:1000:30f5:27cf:b8f5:4a19:700b MX @ mx00.kundenserver.de MX @ mx01.kundenserver.de CNAME _domainconnect _domainconnect.1and1.com CNAME autodiscover adsredir.1and1.info
A ftp 217.160.233.227
AAAA ftp 2001:8d8:1000:30f5:27cf:b8f5:4a19:700b
A www 217.160.233.227
AAAA www 2001:8d8:1000:30f5:27cf:b8f5:4a19:700b
That is the usual misinformation I am afraid. Cloudflare does not offer certificates apart from Origin certificates, which are only valid in a proxied context however. You do need a proper certificate on your server to begin with.
That’s not how you put SSL on Ionos. It has to be done at Ionos, either with a certificate they provide, or an Origin CA certificate downloaded from Cloudlfare for proxy use.
As mentioned earlier, make sure your site works fine on HTTPS without Cloudflare. Only then start adding your domain to Cloudflare using the tutorial at support.cloudflare.com and you should also make sure your encryption mode is “Full strict”, as otherwise your site would be still on HTTP and insecure.
thank you for the information. it seems like I will have to buy an ssl certificate at ionos. they only offer one for free and I have used that one already.
Yep, currently not working on HTTPS, you’d need to fix that first. However take a look at the Origin certificate, if you can import that with your host, you won’t necessarily have to buy one. Alternatively you can also have a Lets Encrypt certificate issued, they are free as well and even work in any browser context and not just when proxied.
Origin certificates might be easier then, as they have a longer validitity and can be issued with a few clicks.The only disadvantage, they only work when you proxy through Cloudflare. Regular browsers will show a warning.
Have an Origin certificate issued, import that to your host, make sure your site is on “Full strict” and “Full strict” only, and you should be good to go and have a secure site, which is additionally proxied through Cloudflare and its cache.