Kaspersky flags Cloudflare certificate as "incomplete"

If I try to access my site carolinagospel.com using https, it’s flagged by Kaspersky as “untrustworthy.” The certificate is from Cloudflare and set to “full.” I’ve attached a couple of screenshots. I’m looking for help on how to resolve this conflict.

Origin certificates aren’t meant for public connections. Only for sites :orange: Proxied by Cloudflare.

The domain you mentioned is not using Cloudflare name servers, though the ‘www’ subdomain is aliased to a Cloudflare hostname. That’s a strange configuration. And ‘www’ redirects to non-www, so it’s not going to work.

Why isn’t that domain using Cloudflare name servers?

1 Like

Cloudflare was set up through my host Media Temple.

I’m getting to the point where I’m out of my depth on owning a website, I suppose. I don’t understand half of any of it any more.

Also, the Wordpress site carolinagospel.com was installed using Media Temple’s installer.

I’m not a fan of using third party Cloudflare setups. It makes it difficult to overcome shortcomings.

Unless MediaTemple can issue a regular SSL/TLS certificate (Let’s Encrypt/Comodo/etc), I suggest you undo their Cloudflare setup and start from scratch through dash.cloudflare.com (+Add Site). It’s much more workable this way.

OK…thanks for the help.

I may have found a workaround. In my DNS Zone file at Media Temple, there was a CNAME for www.carolinagospel.com pointing to www.carolinagospel.com.cdn.cloudflare.net but there was not one for carolinagospel.com.

So I added a CNAME line for carolinagospel.com matching the CNAME line for the www. version.

I’m not getting the Kaspersky warning now. Fingers crossed…

If it comes back again, I can refer back to this thread, and try the steps you suggested.

1 Like

This usually doesn’t work unless the DNS system is clever enough to flatten that CNAME. (it’s technically not “legal” to have CNAMEs for the apex domain)

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.