Hello, I’ve recently updated the nameservers in GoDaddy and added my DNS records to Cloudflare, but I’m experiencing issues with mpsuae dot com not loading.
Do you have any “Edge Certificates” here?
→ https://dash.cloudflare.com/?to=/:account/:zone/ssl-tls/edge-certificates
On the bottom of the same page linked above, can you try:
-
Disable Universal SSL
-
Wait 15-30 minutes
-
Enable Universal SSL
Then refresh the page, and check if something pops up in the area that currently says “No certificates”?
I did the same, but no pop up appeared or anything and where i check my website i found screenshot attched and server down
I did the same, but no pop up appeared or anything and where i check my website i found screenshot attched and server down
That “Web server is down” message would indicate that Cloudflare is unable to reach the server you’re pointing the AAAA or A record(s) to.
I would check that you’re pointing your record(s) to the right IP address(es) of your server, as well as that you do not have any firewalls or other security solutions that may be blocking or otherwise rate-limiting Cloudflare’s IP addresses.
Alternatively, if you’re renting some webspace through a hosting provider for the website, I would start by verifying the IP address(es) with the hosting provider.
my DNS settings are the same. they were on godaddy and now moved to cloudfkare after i update nameservers from cloudflare on godaddy. The ip address is accessible and it works fine. Here is attached my dns settings
Mind if I ask how exactly are you testing this?
When I am looking, from multiple locations across the world, I’m unable to reach the IP address from your A record, that appears to be the same one your www points to with the “cloudapp.azure.com” CNAME.
2 Likes
Hi @DarkDeviL sorry the IP address was not accessible at the time you were trying to access due to VM was closed due to scheduled shutdown time, if you try now it should
work
What’s your current SSL/TLS encryption mode?
Using the IP address, I see HTTPS doesn’t work at all (ERR_CONNECTION_REFUSED). So it seems you don’t have a TLS certificate installed at the origin at all, which is a requirement to use FULL or FULL(Strict) encryption modes.
And if you still don’t have an Edge certificate issued at all, then you can’t use any of the encryption modes.
So let’s deal with one problem at a time. Let’s first get the domain to work… before we turn on the Cloudflare proxy and attempt to get Universal SSL to work.
Go to your DNS settings screen and temporarily change the zone to DNS-Only mode. This will disable the Cloudflare proxy services, reducing Cloudflare to merely resolve the hostname to the configured IP address.
Please do this and provide feedback.
1 Like
Hi George thanks for your update. I have updated DNS settings to be DNS ONLY and I can see my website is accessible through mpsuaedotcom while www is not working. Kindly refer to attached screenshots for reference
1 Like
Thanks for the update. At least we’re making some progress.
www is still proxied, that’s why it’s still not working. If you disable the proxy for www as well, it should work. But leave the proxy ON and let’s continue with further tests.
Please temporarily disable Universal SSL (ie set your SSL/TLS encryption mode to OFF) and let’s test to be sure www (which is currently proxied) will work. If it works, then the issue is just SSL/TLS… and we can tackle that next.
Standing by.
yes, I have disabled Universal SSL but still www is not working
Thanks for the update.
I can see HTTP is being redirected to HTTPS, but only for www (which is proxied).
Do you have “Always Use HTTPS” enabled in Cloudflare (under Edge Certificates)?
Also, any chance you can get a valid SSL certificate installed at the origin server?
Yes I had always use HTTPS enabled, now after I disabled it www is working
Origin server is VM from ms azure
OK, thanks again for the update.
Now we know 100% the reason the site wasn’t working is SSL. You can turn the proxy back on for the apex domain (the one you set to DNS-only earlier): it should work now, but only with HTTP (ie no HTTPS).
HTTPS will still not work for both the apex domain (https://example.com) and and www subdomain (https://www.example.com). Let’s tackle that next.
OK. Can you install an SSL certificate for your domain on the MS Azure VM? Is that a possibility? (You’ll find a lot of tutorials online on how to install a free LetsEncrypt certificate.)
3 Likes
Hi George thanks again for your update. I have reverted the dns back for record A as proxied. I have a question if i get ssl certificate and install on the vm will this make all requests to my www or subdomain sercure or it will still show as not secure?
@GeorgeAppiah hi George sorry for late reply, I have tried to install sll certificate using ACME on IIS and always receiving below error
“Failed to create order: Error creating new order :: Cannot issue for “*”: Domain name contains an invalid wildcard. A wildcard is only permitted before the first dot in a domain name”