Hello, I am using Plesk Obsidian 18.x for managing my websites, somewhy after adding new domain and a new SSL certificate (issued from SSL > Origin Server) and Cloudflare CA root certificate as .ca.crt field, after like 30 minutes I’m getting the same error.
Plesk panel identifies SSL as
I have HSTS enabled in both Cloudflare and Plesk panel, and SSL stapling in the panel.
DNS in Cloudflare:
DNS in panel (It keeps saying that domain is not resolvable but it works):
Thanks in advance.
I guess this is the main problem?
As said there, but I don’t know how that’s possible when I’ve specified Origin CA certificate and added Cloudflare root CA
Do you have
flexible set in the overview tab of the SSL/TLS settings?
then the certificate will show as untrusted!
The connection between your visitor and Cloudflare is secured, but the connection between Cloudflare and your server is not. You will not need a certificate on your server for this mode. This option is NOT RECOMMENDED.
Flexible makes your site only partially secure - it encrypts the connection between the visitor and Cloudflare - this means they see the
in their browser and the site leaves the impression to be secure! However the connection between Cloudflare and your origin se…
SSL/TLS Configuration Video:
This tutorial covers basic settings in the SSL/TLS app of the Cloudflare Dashboard, including SSL Mode [Off/Flexible/Full/Full (Strict)], Cloudflare Origin Certificates, ‘Always Use HTTPS’ and ‘Automatic HTTPS Rewrites’.
The settings covered here can all be found by visiting
Cloudflare.com, logging in, selecting the domain and choosing the SSL/TLS app.
The connection between your visitor and Cloudflare and Clou…
Full (strict) currently set.
So is the cert expired?
What Who is the issuer?
No its not expired, I’ve re-issued it today, in the Origin Server section
Then the changes
may take up to 24 hours to fully take effect!
I think that problem is in the certificate file itself, i’ve checked it and it consists of 3 parts
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
First one is key, second is the certificate itself and third is Cloudflare’s root CA i’ve specified
Okay, for first i’ll try waiting without root CA and then with.
It’s working now after I’ve removed Cloudflare’s root CA from the certificate file! Thank you anyways very much!!!
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.