Issue with SSL certificate and subdomain

Website, Application, Performance Security
1

Hi,
I am very new to this ecosystem and would really appreciate if the answer is toned down to my level.

My situation looks unique:
Domain purchased at Godaddy
Nameservers and SSL: Cloudflare (recently transferred from Godaddy)
Webhosting: Google Cloud Program (Static hosting using buckets)

I have a 2 part situation:

  1. When I type, “www.dname.ca”, it is loading the website with “Not secure” as SSL status
  2. When I type, “dname.ca”, it is not loading anything (blank white, no error, nothing) with secured lock as SSL status. When I tried this in Incognito mode, it is showing a page with a message saying, “Our domain broker service may be able to get it for you. Find out how”.

Suggested:

  1. I want both the variations to load the whole website,
  2. I want both the versions to have SSL as secured

Current settings:

  1. SSL is set as “Flexible” to avoid the 525 handshake error
  2. “A” DNS record added (Name: dname.ca, content: IP Address) in Cloudflare with IP address of the Cloudflare name server(I guess)
  3. A “CNAME” record added (Name: www, content: c.storage.googleapis.com) with my Google hosting record. This I have added in Godaddy before the transfer to Cloudflare.
  4. Tried to add a new CNAME record with www and IP address, error 1004 pops up.
  5. In Google Cloud Platform, the website is created with the bucket name, “www.dname.ca”, and not “dname.ca”.

My idea (Not sure where to find it: If somehow dname.ca redirects to www.dname.ca and with an SSL certificate as secure). Godaddy has these settings, but when I switched my nameserver to Cloudflare, I am not able to find these nor add a new CNAME.

Please do help me with this situation.

Thank you,
Hari Kishan

2

That’s not an error but because you do not have a certificate on your server. You need to install that first.

3

Hi Sandro,

Where can I do that? On Cloudflare? Can you point me to a link where I can know the procedure to do that?

Thank you.

4

Found one link online, trying it out now.

5

On your server. You need to configure the certificate there. You best talk to your host about that.

The steps you should do

  • Switch to “Full strict” on Cloudflare
  • Pause Cloudflare for the time being (bottom right on the Overview screen)
  • Talk to your host and make sure you have a valid certificate
  • Ensure your site is loading without Cloudflare on HTTPS
  • Only then unpause Cloudflare
1 Like
6

Hi Sandro, I followed the steps as you mentioned. Also, created a key and pem file and stored it on host. But the site is not loading on HTTPS (without cloudflare). Same issue.
Should I take it up with Google Cloud (my hosting partner)?

7

Created? How? Is that a valid certificate, trusted by browsers?

What’s the domain?

8

Used the option of “Create Certificates” in “origin server” section of cloudflare.
Then a key file and a pem file are generated.

Copied the keyfile content and pasted in a sublime text document titled, “dname.ca.key” and did the same thing with the pem file, “dname.ca.pem”.

Then copied these two files onto the Google Cloud Platform bucket (All my html, css files are here).

9

So an Origin certificate? Yes, that won’t be trusted by browser, but will be trusted by Cloudflare.

If you are on “Full strict” you should now try to unpause Cloudflare and the connection should work and be secure.

1 Like
10

Create certificate
Create certificate1033×192 8.29 KB

11

Yeah, that should be all right.

1 Like
12

I did unpause and rechecked it on my browsers, same issue (except Firefox).
Checked it on my friend’s machine (3 browsers), Working well.
Maybe my machine has cache of old pages.

Thank you so much Sandro. You have been really helpful! Kudos.

Thank you, Cloudflare community.

13

On your machine that will just be a DNS propagation issue. Just wait a couple of hours.

1 Like
14

This topic was automatically closed after 30 days. New replies are no longer allowed.