Issues setting up SSL for my website

Security
#1

Hello, Sorry if this is a stupid question, I am new to SSL stuff (networking in general)

I am trying to get my website an SSL certificate using CloudFlare’s free flexible certificate.

Once I switch to the flexible SSL my website is no longer accessible, returning a 521 Origin Down Error
You might be thinking, oh well he didn’t change his origin. I listed everything I’ve done below.

Just for the record the origin is an Ubuntu 18.04 Server box running a Node.js ExpressJS app

  1. I made sure the port (443) is open on the router
    – I checked this with one of those online port checkers, the port is definitely open.
  2. I ensured that the Express application was running on port 443
  3. I ensured the origin is running (just in case)
  4. I made sure to allow 443 through ufw

At this point, I’m at a loss as what to do to get SSL/https enabled on my website

I’m sure I’m doing something wrong, so please let me know and thanks in advance!

Edit: I fixed this

Now I’m just wondering how to get the end to end enabled.

I made a certificate here

image
image1321×516 27.2 KB

And made the files on my server image

Added an https configuration

image
image853×246 9.48 KB

But now I’m getting a 525 error. Does anybody know how to fix this?

#3

Switch to Full strict and it is likely to work. Flexible should never be chosen, unfortunately Cloudflare does not make that clear enough :wink:

#4

Switching to full strict gives me the 525 error. I followed the instructions I listed above. Am I doing something wrong

#5

Then the certificate on your server is not correctly configured. Pause Cloudflare to send requests directly to your server and sort the certificate issue out first. Once that is working unpause Cloudflare.

#6

I’ll see lol. I have no idea how to properly set up the certificate so I’m gonna have to look that up. I just downloaded the certificate from the origin server category but I’m not sure how to set everything up lol

#7

If you downloaded both parts (the certificate and its key) you should be all set. It probably is not properly configured on your application’s side. Look into any errors it prints. Stackoverflow might also help.

#8

Thanks! I’ll ask on there lol.
I tried using https to create a server but that hasn’t seemed to work

#9

This topic was automatically closed after 30 days. New replies are no longer allowed.