Looks like my SSL should be active but it's not, heres my issue and what I have tried

#1

My site chriskieran.com is a static site hosted on an aws s3 bucket.

Everything on my cloudflare account indicates the domain is active and secured. Full (strict) SSL, always use HTTPs, certificate has been ‘active’ for well over a day. Im constantly clearing my caches and testing from different.

Troubleshooting this has been really weird. I feel like I have tried all the suggestions from this thread: Why isn't my SSL lock showing in the browser?

The best lead I have so far is from nopadlock test result -my site passes their main five tests:

Force HTTPS  Your webserver is forcing the use of SSL.
Valid Certificate  Your SSL Certificate is installed correctly.
Domain Matching  Your SSL certificate matches your domain name!
Protected Domains:
sni.cloudflaressl.com
chriskieran.com

*.chriskieran.com
Signature Your SSL certificate is using a sha256 signature!
Expiration Date Your SSL certificate is current. Your SSL certificate expires in (x) days.

BUT it throws a ‘mixed content’ error:

The Mixed content tests failed. Please be sure that you can connect to your site over SSL and try again.
Error Returned: Navigation Timeout Exceeded: 30000ms exceeded

I’ve gone back into my code and made sure all instances of HTTP are now HTTPS but it still fails this test. Also, other users mixed content errors seem to appear in the javascript console and mine is not.

Any help is appreciated!

0 Likes

#2

Two minutes after I post this and the site is now DOWN. This is crazy. I submitted a ticket about two days ago but just got an auto response saying because I was not on a paid account I was unlikely to hear back for a while. :frowning:

0 Likes

#3

It looks like you’d have already set this, but just in case some third-party JS is requesting http, make sure you have on Crypto tab:

0 Likes

#4

I have that on but thanks for double checking!

1 Like

#5

The insecure site is now back online after I set up an AWS cloudfront distribution as that was a fix for another user. Cloudfront support wants me to install the certificate file on my web server (apache etc) but its just a static bucket site. ugh.

0 Likes

#6

Hi @chris.kieran, are you using a self-signed certificate on your origin (one generate from the Cloudflare dashboard)? If so, set ssl to full, not Full(Strict).

0 Likes

#7

I don’t believe so? I’l try that setting just in case but if im understanding the docs correctly I want use Strict.

Certificates for chriskieran.com,*.chriskieran.com

The certificates in the pack listed below are managed and auto-renewed by Cloudflare.

Certificate
Expiration
SHA 2 ECDSA
Managed by Cloudflare

0 Likes

closed #8

This topic was automatically closed after 30 days. New replies are no longer allowed.

0 Likes