Https stopped working all of a sudden


#1

My website has been online for the past 3 months but today it shows up as non-secure. What could be the problem?


#2

Could you give me the website so that I can look at it? From the time period you mentioned; I’m assuming you had a Let’s Encrypt certificate that has expired.


#3

To temporarily get your site back online. Under the Crypto tab change the SSL option.
If it is currently set to Full SSL (strict) set it to Full SSL. if not set it to Flexible SSL. Then renew the certificate and than you can change the setting back to Full SSL (strict). Certificate renewal should be done automatically via a cron job every 2-3 months to avoid this problem in the future. Normally all letsencrypt clients do this by default.

What SSL setting should I use?

This setting controls how Cloudflare’s servers connect to your origin for HTTPS requests. We recommend enabling the Full SSL (Strict) setting if possible. Common use cases for each are:

Off: No visitors will be able to view your site over HTTPS; they will be redirected to HTTP.

Flexible SSL: You cannot configure HTTPS support on your origin, even with a certificate that is not valid for your site. Visitors will be able to access your site over HTTPS, but connections to your origin will be made over HTTP. Note: You may encounter a redirect loop with some origin configurations.

Full SSL: Your origin supports HTTPS, but the certificate installed does not match your domain or is self-signed. Cloudflare will connect to your origin over HTTPS, but will not validate the certificate.

Full SSL (strict): Your origin has a valid certificate (not expired and signed by a trusted CA or Cloudflare Origin CA) installed. Cloudflare will connect over HTTPS and verify the cert on each request.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.