No SSL Certificate nor HTTPS Redirect after setup of Cloudflare on my Website

Hello!

Im the Owner of a Cloud Discussion Forum called cloudforum.tk

Today, i set up Cloudflare to secure the connection to https instead of http.
However although the configuration is correct and it shows in my dashboard that the certificate is active. it isnt shown on my website.

I also have the Page Rule set that it always uses HTTPS but it does nothing of that.

Do you have any solutions about this Problem?

If yes please let me know as quickly as possible, all help i get here is highly appreciated for me as im not a beginner anymore and i already set up cloudflare on many old websites i used to own and it worked without any problems.

That’s not how it works I am afraid. Your site needs to be on HTTPS before you even consider Cloudflare.

Make sure it has a valid certificate and loads fine on HTTPS and only then add it to Cloudflare.

It seems it took a bit of time to apply the changes. but it works now.

You still need a certificate on your server.

I use the SSL Certificate from Cloudflare

As I said, that won’t work and will still be insecure

How exactly do you mean that?

Also how do you even setup a ssl certificate on my server if im hosting on 000webhost?

How could I mean that? Your server needs to be configured for SSL and has a proper certificate.

If i view my Websites Certificate it says it uses the Certificate that Cloudflare offers,
so i dont get your point here.

That’s the proxy certificate

Also, check your encryption mode on Cloudflare, that should be “Full strict”.

its not on full strict.
Should i set it to it? if so,
what does this even bring me

Proper encryption and a secure site. Right now it is insecure and puts your visitors at risk.

How is it insecure if it literally is using https and is using cloudflare’s certificate

Can you explain to me how your site should be secure if you not have a certificate on your server?

It literally has a certificate from Cloudflare on it,
wtf dude

$ curl -I --resolve cloudforum.tk:443:145.14.144.64 https://cloudforum.tk
curl: (60) SSL: no alternative certificate subject name matches target host name 'cloudforum.tk'
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

My Website is hosted on 000webhost, so please explain to me how i can install a certificate on it?

You need to talk to your host about that. I’d also suggest to use the search as that topic has been covered more than once.

Bottom line, you need a certificate and “Full strict” otherwise your site is not secure and your logins are in plain text and expose your users’ passwords.

Alright i will enable Full Strict then, does it completely encrypt the account data of my users then?

Yes, “Full strict” will make sure everything that is sent on HTTPS is properly secured. Do not forget the certificate itself of course.

1 Like