I have installed orgin certificate but shows different ssl

Answer these questions to help the Community help you with Security questions.

What is the domain name? https://abgas.org.uk/

Have you searched for an answer? NO

Please share your search results url:

When you tested your domain using the Cloudflare Diagnostic Center, what were the results?
no_dnssec_found
not_found_ds_record

Describe the issue you are having:

I have installed Cloudflare origin certificate but my website displays lets-encrypt certificate.

What error message or number are you receiving?

What steps have you taken to resolve the issue?

  1. deleting and reinstalling certificates

Was the site working with SSL prior to adding it to Cloudflare?

What are the steps to reproduce the error:

  1. Yes i checked with ssl checker online and it was Cloudflare and later it was letsencrypt

Have you tried from another browser and/or incognito mode?

Please attach a screenshot of the error:

The Let’s Encrypt cert that you see is coming from Cloudflare edge.

The visitors will not see the Origin Certificate which is installed in your server, because visitors are not supposed to connect to your server directly but have to go through Cloudflare first for SSL termination. The Origin Certificate is valid for encryption between Cloudflare and your origin server only, which means only Cloudflare can see your origin certificate but not end-users/visitors.

Cloudflare can issue Edge SSL certificate from multiple certificate authorities, which includes DigiCert and Let’s Encrypt.

3 Likes

All sites I have shows verified by Cloudflare but this very one shows verified by LetsEncrypt. Secondly, I was confused with the certificate expiring date. In my Cloudflare accounts certificate shows expiring 2037 but the lock on the said domain (abgas.org.uk) shows something october 2022. Can you please help me understand that? Thanks

This is your origin certificate.

This is your edge certificate.

Edge certificate is presented to the user by Cloudflare and the origin certificate is used so that Cloudflare and your origin can communicate over HTTPS (encrypted).

1 Like

Please does it mean that the edge certificate will expire on 2022 rather than the 2037?

Yes.

It’s impossible for a publicly trusted certificate to have a validity period of more than 1 year.

To add onto this, Cloudflare will automatically renew your Edge Certificate, you don’t have to worry about it expiring.

3 Likes

Thanks sir…I’m ok now because I was worried about the renewal because of my previous experience with Cloudflare Origin Certificate. Thanks

My site is not showing the wordpress and the designed files but now showing a default hosting page. Please what could be the problem?


Please anything wrong here? I need help. My website not show the files but a default page.

The site works fine for me. Did you get it sorted out?

Please do you see the site is in the picture below? This is my actual design but im seeing a default coming soon page from my host panel.

Yes, I see your site… but there are still some problems with the theme (I guess). For example, that background image doesn’t load; you’re loading it from another server, i0.wp.com, which returns a canonical link header to the image on your server. If I replace the i0.wp.com link with the one from your server, it works.

So yes, the site loads but you have some problems with your Wordpress setup that are beyond the scope of what Cloudflare can help you with.

The site works fine some few hours ago, and I don’t know what is actually happening. I will correct the issue.

I have deleted the site from Cloudflare and it works fine without the ssl…every design shows with no error. What probably maybe the error?

It doesn’t work at all for me now.

Maybe its propagating but it may show insecure site because the ssl is off for now. I’m even working to remove some bad links then reinstall orgin certificate back.

The i0.wp.com, its the header i will work on it

As far as I can see cPanel from the screenshot, and you’re using Cloudflare Origin CA Certificate, may I ask if you’re using an e-mail too via that cPanel account/hosting? :thinking:

Cloudflare Origin CA certificate cannot be used for e-mail related hostname.
It works only for web traffic (HTTP / HTTPS).

Meaning, you cannot use both AutoSSL for “mail” hostname and Cloudflare Origin CA certificate for “domain.com www sub, etc.”, as far as cPanel unfortunately installs that Cloudflare Origin CA certificate for all sub-domains automatically, therefore no way to use AutoSSL only for e-mail.

Furthermore, cPanel will always say “expired” or “not valid” certificate warning for Cloudflare Origin CA certificate if you’ll be checking this, just as a side note.

I got error SSL_ERROR_RX_RECORD_TOO_LONG.
Your website is not working for me.
Also, Malwarebytes throws me one warning once I try to open it - maybe some malware script or SSL issue? :thinking:

As I checked, you’re using Namecheap private e-mail, so the above question from me about using cPanel e-mail → all good, ignore.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.