Full (strict) SSL

I am trying to install Full (strict) SSL on cloudflare.

For this I:

  1. created a certificate in cloudflare and connected it to nginx
  2. enabled Authenticated Origin Pulls in cloudflare
  3. enabled Full (strict) SSL

The nginx “Welcome to nginx” base page began to open on the site. As soon as I change ssl to flexible, everything immediately works correctly

nginx error logs are empty What could be the problem?

my default nginx conf:

server {
  listen 443 ssl;
  listen [::]:443 ssl http2;

  server_name site.com;

  ssl_certificate /etc/ssl/cert.pem;
  ssl_certificate_key /etc/ssl/privkey.pem;
  ssl_client_certificate /etc/ssl/cloudflare.crt;
  ssl_verify_client on;
}

Welcome to the Cloudflare Community. :logodrop:

I commend you making the effort to properly secure your site. I reccomend that you get the Full (Strict) portion working before you add Authenticated Origin Pull. Start by pausing Cloudflare and getting HTTPS working without Cloudflare. You will see an “Unknown Certificate Authority” warning when you connect directly to your origin when you use the Cloudflare Origin CA certificate.

There is an Nginx community forum that may be able to help if your origin server is not loading over HTTPS.

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.