Clouflare serves the incorrect certificate

I just set up free CloudFlare plan along with 000WebHost on the Flexible setting.

On my CF dashboard I see the existing certificate for, however the connection is not secure because a certificate for * is served instead. How can I fix this?

You are not using Cloudflare at all.

Change this nameservers


to those assigned to you by Cloudflare.

My nameserver is definitely Cloudflare, see screenshot.


You have correctly added your NS
I can see that from WhatsMyDNS

However, your website still points at your origin server’s IP.
Did you follow all the process to add your domain’s IPs to CloudFlare?
Did you check the little orange Cloud to activate CloudFlare service?

This tutorial covers what records can be set to :orange: and what should be left at :grey:

You’re right. My bad, i missed the ‘in’ in my whois :sweat_smile: follow @StefanoWP advice and you should be fine.

@StefanoWP please don’t post IP addresses without the users consent. This one is most likely a shared one, nevertheless…

1 Like

With Flexible? I doubt it :wink:

1 Like

Pure resignation :sweat_smile:

1 Like

I know, I know, I understand :+1:t2: :smile:

Usually I hit “skip” when the Fl word is mentioned :man_shrugging:t2:

@markettrading2017, I am just leaving this here -> Why flexible SSL mode is not the best choice

1 Like

I am really sorry @MarkMeyer , I edited the answer, hopefully this will disappear. If not I can delete my answer and reply back with the correct one!

1 Like

No worries, it’s gone. Only you and mods can still see it in the edit history.

Thanks! :slight_smile:

@markettrading2017, not sure if there is much point, but lets address it anyhow as you seem to be switching back and forth without responding here any longer.

Your “host” is famous for not providing proper SSL setups. Apparently they have “improved” their offer from no-certificate-at-all to common-certificate-for-all, which is slightly better than what they offered before but still wont make your site properly secure.

As mentioned earlier you seem to be switching back and forth between proxying and direct and consequently between a redirection loop and an invalid certificate. None of that will make your site actually secure.
My advice would be to switch to a proper host where you get a proper certificate for your domain and then switch to “Full strict” on Cloudflare and enjoy a properly secure site.

Should you refuse to do so, then you should at least switch to “Full”. That will still leave your site vulnerable to certain attacks but will be more secure than your original choice of Flexible, which should never be chosen in the first place and only provides the appearance of security.

This topic was automatically closed after 31 days. New replies are no longer allowed.