In my principal domain, boleinf3a.com, the SSL works just fine thanks to Cloudflare but in the subdomain art.boleinf3a.com it says ERR_SSL_VERSION_OR_CIPHER_MISMATCH and I don’t know what to do. I’m writing https:// before the URL and as I say in the principal domain works just fine but I get the error in the subdomain.
What can I do for fixing this?
Our standard SSL does not support more than one subdomain. In your current setup you have www and art as subdomains. If you take the WWW out it should work fine.
I don’t understand what you mean, I only have one subdomain: one is for the site and the other is for WordPress. Can you explain me please?
The page you are referring to is loading via www.art.boleinf3a.com. In that example both “www” and “art” are subdomains for bolenf3a.com. You need to check the A records in your account and make sure that the “art” record is just “art” and not a combination of “www” and “art”. That will result in your page loading instead at art.bolenf3a.com and the SSL should work (now that the 2nd subdomain is gone).
I have tried what you suggested and I lost the access to my subdomain: DNS_PROBE_FINISHED_NXDOMAIN
What can I do? Can you guide me please?
Looks like you set your settings back and the page is loading again from the “www.art” subdomains again. After some further checking there appears to be a redirect happening at your origin that is adding the WWW back even after you changed your A record. Which is causing the problem. Since you are using WordPress that could be a settings change in the ADMIN area. Otherwise, there is a redirect occurring at the server (before we are involved).
Long story short, if you want your site accessible via SSL at art. you will need to disable the redirect at your origin adding www. Once that is disabled you would want to have the A record of art. without www included.
Or
If you want to have the two level subdomain with www and art you would need to add-on the Dedicated SSL with Custom Hostnames feature ($10/month) to get the SSL working with the two level subdomain.
If this still isn’t making sense, please submit a support ticket and share the ticket number with me. We might need to get into more detail than is ok in a public forum.
Sorry for any confusion. Even if you remove Cloudflare from everything and go straight to the server where your site is hosted, there is a redirect setup that is adding WWW. You will probably want to get that turned off (could be a WordPress setting).
That is why even when you fixed your DNS with us, the page wasn’t working properly.
Please let me know the ticket number you get back from emailing support so I can put this in front of the right people.
supportATcloudflareDOTcom from your account email address.
hi ryan need some help… we are also using subdomain and SSL not working… we redirect http to https then www to non www… is that the issue? can i just use http to https and only non www, so that cloud be fixed?
What is the domain and subdomain? Typically, the Cloudflare certificate is valid for example.com and *.example.com
That will handle www.example.com as well as sub1.example.com, sub2.example.com, etc.
If you’re using HTTPS, then you don’t need to set specific redirects. The “Always Use HTTPS” option on the Crypto page will do this for you. Though if your subdomain’s SSL is broken, that will probably cause a problem.
No need to be rude.
Here’s an example as to how Cloudflare SSL works:
I have a domain, example.com. Cloudflare issues an SSL certificate for example.com. They add *.example.com to that certificate.
Now I have SSL for example.com and www.example.com.
I also have a mobile redirect to m.example.com. It’s covered by the same certificate (I just checked).
What Ryan means is it doesn’t support a sub-subdomain, as mentioned by Ryan two posts below the one you quoted. In my example, if I tried www.m.example.com, it isn’t covered by the *.example.com wildcard. It would need *.*.example.com, which is why he recommended a Dedicated SSL certificate with custom hostnames later in the discussion.
My reply is a request that you show more respect to the other members of this community. Even if you think his answer was wrong or off topic (not true in either case), there’s no need to be rude to those who are trying to help.
If you can respond with some of the clarification @sdayman requested we should be able to help more.