Http is OK but https is not OK


My site is OK in http but not in https
i.e.: is OK is NOT OK
It returns Error 523. I have triple check my DNS and it should be OK.
Now I have no idea what is wrong. I will be very grateful if someone can help.


Sounds like Setting up SSL with Dedicated Cert - Error 523: Origin is unreachable

Whats the domain?



What is the SSL mode you selected under Crypto?


Full (strict)


That would be good.

Does your server IP end in 164? If so, it appears as if your server is not configured for HTTPS. You’d need to make sure your server listens on port 443 and has a valid certificate configured (you can have a free origin certificate issued by Cloudflare).


Yes, my server IP ends in 164. Have already make server listens on port 443 and has a valid certificate.


I wouldnt want to post the full IP but if it is the one with the MD5 hash 82f03bac8b0bfe0d07bacd1cc490bfdc, it would not seem as if it listens on port 443. Check your local firewall. Maybe something is blocking the requests.


Sorry, I don’t understand MD5 hash `82f03bac8b0bfe0d07bacd1cc490bfdc but I have opened port 443 now.


Still does not seem to be reachable I am afraid.


You can check it at Replace the Xes with the remaining bits of your IP address.


It said: “Appears to be down”…




Do you think it is really a DNS problem? Since I think http and https should have the same DNS configuraton(though they use different ports). I don’t know why Cloudflare keep replying me said it is (most probably) a DNS problem.


Did I mention DNS? It is an issue of your server not responding on port 443.


No, you didn’t but the Error 523 said: “Check your DNS Settings. A 523 error means that Cloudflare could not reach your host web server. The most common cause is that your DNS settings are incorrect.”

OK, I try to see if there is any thing wrong on port 443. Thanks!


We have already established that, have we not?


Yes, port 443 is indicated open. But the page still couldn’t loaded…


Where? You posted yourself earlier that it is not. The port simply is not reachable. You need to fix that on your server.


I have checked:
firewall-cmd --list-ports
22/tcp 80/tcp 443/tcp

So it should be open, right?