New universal certificate issued but site still shows not secure

My certificate expired, Cloudflare deployed a new universal certificate but my site ( which is free) is still showing as not secure. I am unable to access my site through Wordpress to update any pages. Can someone please help me to fix this. I have read all the tutorials and searched the community and nothing seems to work. I am not tech savvy and am learning as I go along. My site is jonathanpanetta.com.

Any assistance is greatly appreciated. Thank you.

Your domain isn’t proxied by Cloudflare at the moment. jonathanpanetta.com points to an Oracle IP address and it is that origin where the LetsEncrypt certificate expired on 10 October. You need to fix that first, then in the Cloudflare DNS set the A record so it is proxied.

3 Likes

Thank you for your reply. I received an email from Cloudflare stating they created a certificate through google trust services. Does this make a difference? I logged into Oracle and when I go to create a certificate it says there is no data available. This is very confusing and frustrating.

When you use Cloudflare you need a certificate on your server to protect the data that travels between your site and Cloudflare. The certificate that Cloudflare creates for you is used to protect the information as it travels between Cloudflare and your visitors.

Renewing the free Let’s Encrypt certificate on your server is one way to solve that immediate problem. You could alternately switch to using a free Cloudflare Origin CA certificate on your server. It still require that you enable :orange: the Cloudflare proxy.

Unfortunately I have no idea how to do this. I found this and I don’t know what to do from my end. I did not create my website. I cannot even access Wordpress to install anything either. Any suggestions is greatly appreciated.
: [

Let’s Debug

](https://letsdebug.net/)

Test result for jonathanpanetta.com using http-01

ANotWorking

ERROR

jonathanpanetta.com has an A (IPv4) record (129.153.54.177) but a request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address.

A timeout was experienced while communicating with jonathanpanetta.com/129.153.54.177: Get “http://jonathanpanetta.com/.well-known/acme-challenge/letsdebug-test”: dial tcp 129.153.54.177:80: i/o timeout

Trace:
@0ms: Making a request to http://jonathanpanetta.com/.well-known/acme-challenge/letsdebug-test (using initial IP 129.153.54.177)
@0ms: Dialing 129.153.54.177
@10001ms: Experienced error: dial tcp 129.153.54.177:80: i/o timeout

IssueFromLetsEncrypt

ERROR

A test authorization for jonathanpanetta.com to the Let’s Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.

129.153.54.177: Fetching http://jonathanpanetta.com/.well-known/acme-challenge/6P5jz7Hhz-wttdpUYd51vkx2duYdA8DdfUYaKkImHWk: Timeout during connect (likely firewall problem)

You may want to see if the Let’s Encrypt Community can help you identify why your ACME HTTP-01 is failing.

My September recommendation to hire a trusted technical advisor is still likely to be your best course of action.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.