DNS Checker - shows error

I have set up my A record and CNAME and site is working fine, however on checking with
https://dnschecker.org/ > it appears that the IP is totally different for the A-record and CNAME showing error in every geolocation.

I’ve gone around in circles with this and read all the various community support, but still can’t figure out how to change to show correct info.

What error is it showing? Can you post the domain name and a screenshot?

ok, thank you for your reply.
The A-record IP address that I have entered into cloudflare is;

Here is just one of the domains for you to look at in https://dnschecker.org/
and you’ll see that when checking CNAME, all locations are showing an error, and all A-records have the wrong IP address…

This same error appears with every cloudflare domain in my dashboard that I’ve tested.

Ehm, yes, that is exactly what the linked article refers to. :confused:

The actual issue here is that your server only has a self-signed certificate, hence your site cannot be secure.

You should install a proper certificate on your server.

As soon as I try to disable the proxy on either A-record or CNAME, the site no longer loads!

cloudflare wafflemania.app settings|690x305

Because you don’t have a valid certificate. You don’t need to disable anything, just make sure your certificate is valid.

ok that kinda makes sense - i uploaded the certificates from cloudflare, but i guess you’re telling me that’s not good enough & i need to pay for ‘proper certificate’ - where would I get that?

You uploaded them where? You can only be talking about an Origin certificate here, however there is nowhere such configured.

All you need to do is install a valid certificate on your server, that can be a paid one, a Lets Encrypt one, or a Cloudflare Origin certificate. Once you have a valid certificate the connection should be secure.

Only thing to keep in mind, should you not want the connection to be proxied you cannot use an Origin certificate but only one of the others.

brilliant thank you.
so i uploaded them to where the sites are being hosted.
They are supposed to allow converting to PWAs once they accept the certs, but they are getting upset with me as the https://dnschecker.org/ results are showing an error and they want me to fix this before they accept the certs.
But I guess from what you’re saying here, is that they need to actually accept and install the certs first and then it will show no errors in dnschecker.org ?
So do i diable the clouadflare proxy at any time? (before they accept & upload the certs will disable my site meanwhile)

You might have uploaded them, but your host did not place them in production. You only have a self-signed certificate.

But the first question here is, do you want to proxy through Cloudflare or not?

well it seems that if i disable the cloudflare proxy, the site no longer shows…

That is a different issue.

I repeat the question, do you want to proxy or only use DNS?

i don’t know is the easy answer - i simply want the site to work, and the hosting are supposed to be converting to PWA in addition - so i guess that question should be for them to confirm.

Alright, let’s try a different angle. Why did you sign up for Cloudflare?

i purchased domains thru namecheap, and was simply using cloudflare to convert to https

Cloudflare does not convert anything to HTTPS. You still need a certificate on your server.

If it was only for HTTPS, you could simply remove the domain from Cloudflare and install a Lets Encrypt certificate. Done :slight_smile:

ok i’ll try that today - and then revert to namecheap default nameservers i guess
thank you again

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.