The domain was removed from Cloudflare. I guess the op used cached DNS entries when he saw the SSL error, while Cloudflare had already deleted the certificate.
spencerridleyvoiceover.com. 172800 IN NS ns1.dreamhost.com.
spencerridleyvoiceover.com. 172800 IN NS ns2.dreamhost.com.
spencerridleyvoiceover.com. 172800 IN NS ns3.dreamhost.com.
;; Received 167 bytes from 2001:501:b1f9::30#53(m.gtld-servers.net) in 28 ms
spencerridleyvoiceover.com. 300 IN A 22.214.171.124
;; Received 71 bytes from 126.96.36.199#53(ns3.dreamhost.com) in 120 ms
@ridley.eric , if you did not remove the site from Cloudflare yourself, you should probably find out who did.
It’s loading because I’m bypassing cloudflare until I solve this problem. If I turn CF back on the site immediately fails to resolve again.
What’s odd is that I had no trouble at all with this site until yesterday. Then without making any changes at all, this happened. It’s not occurring to any of my other sites which are loading through Cloudflare.
Thanks, that’s a really good look at it. It was me who removed it from cloudflare to try to diagnose the problem. If I put it back in, the problem immediately reappears. The only thing I can come up with is that I can’t get a universal certificate to show up, the button to accept cloud flowers universal cert is grayed out, and dream hosts lets encrypt cert is not propagating out to cloudflare.
The certificate on your origin server never will “propagate out” to the Cloudflare edge. That’s not how it works. Your origin certificates are used to encrypt communication between your origin server and Cloudflare when proxied, or your origin server and your vistors when they are directly accessing your origin server.
As long as your nameservers are with another provider, there isn’t anything to be done. If you move your domain back to Cloudflare and encounter issues, you don’t need to change your nameservers to bypass the Cloudflare proxy. You can set the relevant records to DNS Only or pause Cloudflare.
Thanks, that helps me understand a bit, but I’m still confused.
So cloudflare is paused because I haven’t been able to diagnose the SSL issue which popped up. The universal cert is not displaying on my cloudflare control panel, and the option to add it is greyed out.
Not exactly, paused is a setting on the overview page of the cloudflare dashboard. Your site is no longer using cloudflare. Oh, and I just checked, it looks like you also did pause cloudflare prior to changing the nameservers away.
Thank you, that helps. You’re on a partial partner setup. In that type of setup, nameservers are not changed to cloudflare. If you unpause the site from your cloudflare dashboard, is that when the cypher overlap error happens?