Wow, it’s being very stubborn! Everything looks good to me, so I don’t know why my browser doesn’t like the certificate presented by Cloudflare. You should contact support: Login & go to https://dash.cloudflare.com/?account=support
in any case I thank you all for trying to help me thank you I hope the staff can solve my problem
If you opened a Support Ticket, please post the ticket number here.
My request ticket is(#1551105)
Well to be honest. It’s like fishing in the dark.
I am following this thread and it drives me nuts
requests via http://ftp.everymusic.net are not redirected. I can acces the page via HTTP even though “Alway redirect to HTTPs” is active. Or isn’t it? IDK. There are two screenshots showing different settings.
> [email protected]:~$ curl -I http://ftp.everymusic.net > HTTP/1.1 200 OK
Then… wrong version number?
> [email protected]:~$ openssl s_client -servername www.everymusic.net -tlsextdebug -tls1_2 -connect www.everymusic.net:443 > CONNECTED(00000003) > 139736956769952:error:1408F10B:SSL routines:SSL3_GET_RECORD:**wrong version number**:s3_pkt.c:340: > --- > no peer certificate available > --- > No client certificate CA names sent > --- > SSL handshake has read 5 bytes and written 7 bytes > --- > New, (NONE), Cipher is (NONE) > Secure Renegotiation IS NOT supported > Compression: NONE > Expansion: NONE > SSL-Session: > Protocol : TLSv1.2 > Cipher : 0000 > Session-ID: > Session-ID-ctx: > Master-Key: > Key-Arg : None > PSK identity: None > PSK identity hint: None > SRP username: None > Start Time: 1531776533 > Timeout : 7200 (sec) > Verify return code: 0 (ok) > ---
[email protected]:~$ openssl s_client -servername www.everymusic.net -tlsextdebug -tls1 -connect www.everymusic.net:443 CONNECTED(00000003) 140104846386848:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1278:SSL alert number 40 140104846386848:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:599: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 0 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1531777670 Timeout : 7200 (sec) Verify return code: 0 (ok)
From my point of view something is messed up here. I’d try the crowbar at this point:
Deactivate Universal SSL and re-enable it after 24 or 48 hours. To make the site accessible I’d set the records to until the cert has been re-issued.
They’ve done the off/on thing and it didn’t issue a valid certificate. I just don’t know why Cloudflare says there’s a certificate, but it’s messed up. I was hoping someone from Cloudflare would jump in. Maybe @Ryan is around today.
I checked and I can see that the certificate for your site has been deployed properly.
$ date; curl -vIs4 https://everymusic.net/ 2>&1 | egrep -i “(connected|* ssl|issuer|subject)”
Tue Jul 17 12:27:07 +08 2018
- Connected to everymusic.net (18.104.22.168) port 443 (#0)
- SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256
- subject: OU=Domain Control Validated; OU=PositiveSSL Multi-Domain; CN=sni246615.Cloudflaressl.com
- subjectAltName: host “everymusic.net” matched cert’s “everymusic.net”
- issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO ECC Domain Validation Secure Server CA 2
- SSL certificate verify ok.
This should resolve issues with accessing your site on HTTPS.
If you still seeing issues, please clear your browser’s cache (or try Incognito/Private Browsing Mode).
Here’s what I see from my Chrome:
I will go ahead and mark this ticket as solved but please do let us know if there is anything else Cloudflare technical support can do to help.
good for the moment I do not settle, I’m waiting tomorrow to put it.
I did not really understand what happened, and how that can be solved. I would have liked to know and understand.
thank you in advance
the problem is still present, I had to disable the certificate this morning and it worked a few hours.
now I have the error again
thank you in advance
Did you try other settings like “Full” (not strict)?
Did I get that right: You disabled Universal SSL and re-enable it? Or did the error occur again while Universal SSL was disabled? (shouldn’t).
If you just disabled an re-enabled universal SSL, and the error occurred again after a few hours, open a support ticket. This is really weird.
yes I disabled the ssl Universal on Cloudflare and got the error again.
Can you both A records, for your root and www and let us know once you did?
This can never work (this cache Cloudflare) because it will never point to my domain server by what I could see is that it is the tsl version of the ssl which is in 1, 2
I testing version certificat
ERR_SSL_VERSION_OR_CIPHER_MISMATCH is not a Cloudflare problem. This is a FireFox problem. You will only see this error in FireFox while Chrome and Safari will show valid https.
There are ways to ‘fix’ it for yourself but visitors to your website who use FireFox will see the same error so the only real solution is for your web host to turn off stapling for your domain.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.