Http / https not reachable!?

https

#1

Hey,

I switched to cloudflare, everything looks right, the domain “fiduciashop.de” points to right nameservers of cloudflare, in cloudflare I have also correct “A” entry for the server where is it hosted, but everywhere its writing no connection to http/https.

If I modify my hosts file local and point the domain above to the same IP, it is working without problems…

I have no idea what to do? Somebody have an idea for me?

best wishes


#2

https://www actually works, only your naked domain does not work as your certificate is explicitly for www and HTTP does not work at all as you only have HTTPS enabled.

The other question is if you want to tunnel requests through Cloudflare or not. Right now you dont, as your DNS records are set to :grey: instead of :orange:. Thats would not necessarily fix your TLS issues though and tunnelling is not a necessity either.


#3

If I check through : https://downforeveryoneorjustme.com/ , it shows its down. I renew certificate now for with www and non-www … on my browser its working but on other machines not. Its really confusing.

Here I checked SSL : https://www.ssllabs.com/ssltest/analyze.html?d=fiduciashop.de&latest

Its look ok for me? naked domain and with www


#4

Thats because they dont support HTTPS

There is a much better site out there, which does support HTTPS :wink:
http://sitemeer.com#https://fiduciashop.de - its a shamless plug to be honest :man_shrugging:

First question, do you want to tunnel requests through Cloudflare or only use it for DNS?


#5

I want to use just for DNS, without tunneling


#6

Alright, next question, do you want it to work on HTTP too or not?


#7

No, it should be https only and http request redirect directly to https. I did it with nginx following config :

server {
    listen 80 http2;
    listen [::]:80 http2;
    server_name www.fiduciashop.de fiduciashop.de;

    ssl_certificate /etc/letsencrypt/live/www.fiduciashop.de/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/www.fiduciashop.de/privkey.pem; # managed by Certbot

    return 301 https://www.fiduciashop.de$request_uri;

}


#8

Thats the point. Right now it doesnt listen on HTTP at all, so no redirects either. Unfortunately I am not familiar enough with nginx to say if there is something missing.

But if you dont want to tunnel through Cloudflare, I’d say your setup looks pretty good and you only miss the HTTP listener.


#9

I figured out, I had a redirect nginx conf wich was pointing http to other domain. Anyway :

https://mxtoolbox.com/domain/fiduciashop.de/

say under “http” : The server committed a protocol violation. Section=ResponseStatusLine (http://fiduciashop.de)