Configuring Cloudflare HTTPS with Auto-SSL issued to domain by cPanel

Hi,

Earlier, we used Cloudflare with our domain name over HTTP protocol. It worked correctly. Our site is based on WordPress.

Recently, we installed Auto-SSL on our domain name (provided by host on cPanel). We installed the Really Simple SSL plugin in our WordPress for HTTPS and everything worked correctly.

We had paused Cloudflare on our domain while we were setting up Auto-SSL and after we confirmed https:// was working correctly we tried enabling Cloudflare again but after we enabled Cloudflare our site started showing 502 error. Our site now works only when Cloudflare is paused. We tried everything with the Flexible SSL option in Cloudflare by looking at different support topics in this forum but nothing seems to work.

We read in some topics that Cloudflare free edition doesn’t support Auto-SSL and that it needs to be uninstalled for Flexible SSL to work in Cloudflare. We also tried uninstalling the Auto-SSL in cPanel and then configuring Flexible SSL in Cloudflare but still the issue exists.

Kindly guide us in a detailed way as to how we can correctly configure Cloudflare to work with the https:// on our domain.

1 Like

If you were able to get Auto-SSL to create a certificate for your site, you should use SSL in Full (Strict) mode here. And you’re better off not using Really Simple SSL now that you have a proper SSL setup.

If you’re using cPanel that may have problems with AutoSSL running while using Cloudflare, you would be better off using cPanel to install one of Cloudflare’s Origin CA certificates:

Hi,

Thanks for your reply.

Can you please guide me further with specific step-by-step instructions as to how I can get Cloudflare to work with my domain with SSL?

My domain is https://www.saamana.com

That article has step-by-step directions, with a link to cPanel instructions that also have step-by-step instructions.

Hi,

Thank you for providing the guidelines.

First, I tried the following;

  1. Enabled AutoSSL certificate on cPanel.
  2. Configured SSL in Cloudflare to Full (Strict) mode
  3. Enabled Cloudflare

I got the same issue (502 bad gateway) as before.

Second, I tried the following;

  1. Generated Cloudflare origin CA certificate
  2. Installed the same certificate on cPanel server (followed instructions mentioned here: https://www.digitalcandy.agency/website-tips/Cloudflare-origin-ca-free-ssl-installation-on-godaddy/)
  3. Configured SSL in Cloudflare to Full (Strict) mode
  4. Enabled Cloudlfare

When I did the above initially I got the following error screen on the site (check certificate details)

After sometime I started getting the following error screen on the site (check the certificate is different this time despite doing nothing)

I tried all settings in Cloudflare SSL but I could not get the site to work properly. It continuously showed the 502 error.

Finally I had to pause Cloudflare again to get the site to work normally.

What should I do next?

You have certainly been thorough. And all the certificates look correct.

Is your Really Simple SSL plugin enabled? It should be turned off.

In your WordPress Settings->General, does it show site URLs with HTTPS?

Do you still have SSL here set to Full (Strict)?

p.s. The reason the 502 error screen changed is that it was first coming from your Host before DNS updated to route you through Cloudflare. The second screen is Cloudflare’s reporting of the 502 error from your host.

As a last resort, I suggest that you Pause Cloudflare and turn on AutoSSL again.

Once that’s working, unPause Cloudflare and confirm you’re still getting the 502. Then you can Pause Cloudflare again and open a Support Ticket. They can simulate running your site on Cloudflare and can hopefully figure out why there’s a 502 error.

Login to Cloudflare and then contact Cloudflare Support by clicking on the Get More Help button.

I’m seeing some weird information, it’s almost like the site isn’t quite going through Cloudflare.
It’s showing a Cloudflare Origin Certificate, and the one and only IP address doesn’t start with 104.

I also think the settings are changing as we investigate, so it’s difficult to figure out what’s going on.

Yes I have completely disabled the Really Simple SSL plugin from WordPress now.

In WordPress Settings --> General,

  1. Default (after removing Really Simple SSL) is set to http:// (domain shows as below)

  1. If I change it to https:// then the 502 from Cloudflare continues.

No matter what settings I try, once I enable Cloudflare I start getting the 502 error from Cloudflare

Yes you are correct. The IP does end with 45.

Currently the status is as below;

  1. Installed Cloudflare origin CA certificate in cPanel
  2. WordPress settings > http:// (Removed Really Simple SSL plugin)
  3. Cloudflare SSL set to Full (strict) mode

Now if I enable Cloudflare, I get 502 error.

If I disable Cloudflare, site works but with https:// showing as below

Yes, the IP is 103.xx.xxx.45

Current status is as below mentioned in my last reply. I am not changing the settings any further now without your instructions.

Open a Support Ticket and have them test it out the way it is right now. They can manually put Cloudflare in front of your site for internal testing. Provide them a link to this thread for more information.

Login to Cloudflare and then contact Cloudflare Support by clicking on the Get More Help button.

1 Like

Hi,

I have raised a ticket now. But in the meanwhile, can you suggest me how can I best configure the site now so that I won’t have any issues tomorrow? Its a high traffic (100K+ daily visitors) news site and we cannot afford to have the https:// issue ongoing.

Thanks.

Go back to using AutoSSL. That should allow direct HTTPS access to your server while you’re not using Cloudflare.

If we restore AutoSSL certificate, should we again install the Really Simple SSL plugin? Without that plugin the WordPress setting is http://

What do we do about that?

Go ahead and do that. It’s easy enough to deactivate the plugin if it’s not working well.

This is what I have done now;

  1. Enabled AutoSSL certificate in cPanel
  2. Really Simple SSL plugin is not installed
  3. WordPress general setting is set to http://
  4. Cloudflare SSL set to Full (Strict) mode

Now, if I enable Cloudflare it shows the 502 error page (Cloudflare’s)

If I disable Cloudflare the site works fine but shows the URL bar as below;

What should I do next to get the URL bar to restore to a normal padlock icon and secure https:// connection?

That’s probably a Mixed Content error. Really Simple SSL is supposed to fix that.

Hi,

I am able to get the secure padlock icon with https:// if I install the Really Simple SSL plugin with the AutoSSL certification generated in cPanel.

Somehow, I am just not able to get Cloudflare to work with this. I’ve tried all sorts of combinations with the Cloudflare SSL settings and also in WordPress settings but nothing seems to work. Every single time I enable Cloudflare, I get the 502 error.

I’ve referred the following resources and tried every step but nothing seems to work correctly.

https://really-simple-ssl.com/knowledge-base/ssl-Cloudflare-really-simple-ssl/

I am now fedup and not sure what to do. I’ve already raised a support ticket but just got an automated response to it.

Why on earth is this SSL so hard to configure? I never imagined it would be so difficult.

Any further suggestions?

What’s the Ticket #? Maybe @cloonan can see what’s going on.

1 Like