no SSL certificates installed
error in DNS A records
no SSL certificates and error in DNS A records
removed and re-added domain
same error every time
The domain is not using Cloudflare nameservers…
https://cf.sjr.dev/tools/check?578bbc2d03c54f8e964c72e938cd3155#dns
If you have just added the domain to Cloudflare, certificates can’t be issued until the domain becomes active so you need to set the 2 allocated nameservers at your registrar.
This did NOT fix it… I change my name servers to cloudflare and my site went down saying it’s not secure… I still have errors on the dns screen and no universal certificates assigned!
It’s an essential step in getting the certificate, so it wouldn’t work without that being done. At the current time, the nameservers still aren’t set to Cloudflare…
https://cf.sjr.dev/tools/check?57e5193e10484df782aa86202be218bd#whois
You can set your DNS records to “DNS only” or pause Cloudflare so requests go direct to your origin while having the Cloudflare nameservers in use as it can take a little while for the certificate to be issued.
As I said, when I changed my nameservers to cloudflare it BROKE MY SITE.
I obviously changed them back to my true ns so my site will come back up!
As I said, pause Cloudflare (or use “DNS only”) then you can keep the Cloudflare nameservers if you have set the DNS records in Cloudflare.
If you keep changing the nameservers away then any issues can’t be diagnosed. The certificate can’t be generated without the nameservers in place.
Also make sure your SSL/TLS mode is set to “Full (strict)”.
I know you think you’re helping, but I already have sites in cloudflare and I know how to set them up.
I’m not going to leave my site broken! I have thousands of pageviews every day and leaving my site down is not an option.
I’ve had to completely remove it from cloudflare and it is back up and running now.
Something is wrong with the record at cloudflare and it keeps getting errors in red lines at the bottom of my brower.
This is not due to some setup issue on my part.
@dananon, you’re not going to get a lot of help if you keep downvoting accurate responses.
The DNS-Only approach is spot-on correct. You can then use Cloudflare name servers, and your current site’s SSL certificate until Cloudflare can issue its own certificates.
If you’re familiar with Cloudflare then you know you can simply set the DNS recoprd to 
.
Cloudflare won’t issue a certificate for an arbitrary domain added to it’s platform. Imagine what would happen if you could add microsoft.com to Cloudflare and they were able to issue a valid certificate for the domain.
Again, you’re making a lot of assumptions. I have owned this domain for years and it’s working great with a valid SSL certificate right now.
This is not something you can help with, it seems.
I’ve created a support ticket, and I’m hoping for someone who can help with this particular issue instead of trying to insinuate that I just don’t know what I’m doing or that I don’t even own the domain.
I’ve added the NS records as required in my registrar and cloudflare breaks my site as soon as the ns propagation is done, with no certificate assignment in the universal SSL section for my domain.
If someone can help, please let me know.
I’m downvoting replies that do not help…
Pausing does not solve the problem.
That comes across as a lack of appreciation for people who are trying to help. I suggest you re-think that approach.
Your domain still isn’t using Cloudflare name servers. As long as that’s the case, you’re not going to make any progress.
Ok, I hear you. I may be showing my frustration in my replies and I apologize for that. I hope everyone can forgive me.
I have removed this domain from cloudflare because it was causing issues and my site was essentially down.
I’ve added and removed several times. I’ve made sure all of my DNS entries are listed for the domain in cloudflare. I’ve modified my authoritative name servers to point to cloudflare and as soon as cloudflare propagates and begins serving up the site, it crashes on SSL. I have set to strict because I require https on my server, and I’ve tried allowing http on my server and setting cloudflare to flexible with the same result either way.
I think the problem may be duplicate records. I get red errors on my screen with invalid id and things like that. I have two accounts for some reason, with the same login. I’ve removed the domain from both of them, and tried only using the same account that has working domains in cloudflare, but nothing I’ve tried makes any difference.
If you can help, please let me know.
Thanks,
Dan
Ok, I hear you. I may be showing my frustration in my replies and I apologize for that. I hope everyone can forgive me.
I have removed this domain from cloudflare because it was causing issues and my site was essentially down.
I’ve added and removed several times. I’ve made sure all of my DNS entries are listed for the domain in cloudflare. I’ve modified my authoritative name servers to point to cloudflare and as soon as cloudflare propagates and begins serving up the site, it crashes on SSL. I have set to strict because I require https on my server, and I’ve tried allowing http on my server and setting cloudflare to flexible with the same result either way.
I think the problem may be duplicate records. I get red errors on my screen with invalid id and things like that. I have two accounts for some reason, with the same login. I’ve removed the domain from both of them, and tried only using the same account that has working domains in cloudflare, but nothing I’ve tried makes any difference.
If you can help, please let me know.
Thanks,
Dan
That’s the concerning part. Can you post a screenshot of those, or paste in the error messages?
Even if the Community can’t solve this for you, Cloudflare Support won’t be able to, either, unless you’re using Cloudflare name servers.
Those errors you are seeing may be part of the problem.
Ultimately, if the domain is active on Cloudflare (even in DNS-Only mode), just make sure Universal SSL is enabled. Cloudflare should add the necessary TXT records behind the scenes in order to issue SSL Certificates.
Thanks for the reply.
Errors were some “invalid Id” and others I failed to screenshot. Here’s one screenshot from when I could not enable universal ssl after disabling it. I was able to reenable from another domain which affected all of them, including this one.
People were trying to help me reset my password from that error, but I am logging in just fine and don’t have any password reset going on. It’s a bogus error I think…
I understand that cloudflare SHOULD add the universal certs once I have the ns set, but after setting the ns and waiting for propagation my site went essentially down with no ssl and cloudflare never assigned any certs.
Sure. I am making those assumptions based on experience.
I am not insinuating anything about your ownership of a domain, I am explaining why your record needs to be until you demonstrate ownership of your domain by changing your nameservers to the pair in your account. Only when your domain has become active on Cloudflare can it make a request for an SSL certificate on your behalf.
Do you have other issues like invalid DNSSEC or other common issues described by some guy making assumptions? Shmaybe.
It won’t when you have Universal SSL set to disabled.
Thank you, and I understand. That screenshot with the error was when I was troubleshooting and had it disabled, but I was able to turn it back on with another domain and it turned it back on for all domains.
I had it enabled and set my ns and waited for propagation and it never gave me any universal certs.
