Possible SSL issue, unsure of DNS settings

cdn

#1

Hello Community!

Thanks for checking out this post. I admit myself a little lost in all of the setups I have to do in order for my site to function properly. Here’s my situation in short:

  • A few weeks ago, I started my website with Bluehost. Their plan entitled me to a free SSL certificate. Being that my Domain Registry is different, I first had to change my DNS settings to Bluehost. Once everything had propagated, they were able to issue my certificate.

  • 2 Days ago, I registered my website on CloudFlare. I did the DNS change as per the instructions but, I must admit that being unsure of which settings to check on or off, I just switched them all on (the orange clouds).

  • Yesterday I tried going onto my website and it returned ERR_TOO_MANY_REDIRECTS (Pretty sure). And when I tried to access my cPanel, I also couldn’t.

  • I contacted the host provider customer support, at which point they explained that it had to do something with my SSL certificate and that I’d have to change my settings in CloudFlare. Upon visiting these forums, I saw someone explaining how CloudFlare gives a free SSL that might clash with the original certificate.

  • Now, in order to just have it working again, I just switched all the DNS settings back off. Which after an hour or so, led it to all work again. (Yay!) But this leads me to understand that something somewhere is indeed clashing.

I honestly don’t care much how my SSL is provided, as long as it works. Can anyone help me out in understanding this a little better? E.g. Which clouds should be switched on or off, how can I deactivate an SSL certificate from my original cPanel, how I make sure this SSL is working properly on my website and whatnot.

I’m happy to provide more details if you see holes that need to be filled to understand better. Again, thank you for helping out.

Best


#2

There is a tutorial on Enabling the 'Orange Cloud' :orange: which explains which records should be set to :orange: and which should be left :grey:.

What is your SSL mode in Cloudflare? Flexible can cause the redirect error (and is not secure). If you have a valid SSL certificate installed on your server, change the SSL mode to Full (strict).


#3

Hi Dom!

Thank you so much for your super fast reply, this does lead me to understand it better. I had switched my SSL settings to Off. So since I already have a valid SSL certificate, I should be switching this to Full (strict) ? And thank you very much for the post about the cloud, it does help a lot. From what I gather, I should switch on all of which are A, AAAA and CNAME except from my mail service. The one I understand a little less is “•If you are trying to validate a service with a record”

I’m not too sure what that would mean, would you have an example?

Again, thank you very much for the help


#4

CNAME_Records

I don’t know if this helps, here’s what my CNAME and A records are that can be changed


#5

Yes, definitely.

This is correct. If you use FTP etc, this should also be set to :grey:

This would be if you were asked to validate your ownership of a domain by a service you are registering for

No problem, happy to help :slight_smile:


#6

You’re amazing, thank you so ■■■■■■■ much, pardon my French.

So I switched everything on except what I saw included the word ‘mail’. Including POP3 and IMAP and whatnot who indicated as an alias of my mail service.

Switched my SSL to Full (strict).

As it stands, everything seems to work quite fine! I’ll be sure to write back should I have another question :smiley:

I do have one final question which I think is really only a standard message. After switching on what I had to, I have this message still showing at the top:

Warning


#7

No problem! I try to help :grin:

The exposing origin IP message is normal and cannot be avoided on shared hosting or where your mail is hosted on the same server as your website.