Site down, need help!

Hello,

We have our site hosted at GoDaddy, we are slowly transitioning away from them, but are not ready to make a fun switch.

So, we have our domain at Go Daddy with a website and an SSL Cert. It turns out our GoDaddy cert was renewed two days ago, and at the same time our CloudFlare cert had expired.

I spoke to a salesperson at CloudFlare and they told me that our site is down because the CloudFlare Cert had expired. He told me that if I upgraded our account and got a new cert everything would start working.

He felt that we were receiving a secutrlity warning on our site because the cert expired. We went ahead an paid CloudFlare and received a new cert but our site still has the security error and still reports the certs is expired.

The is causing us a lot of issue with our customers so is there anyone that can help me understand what is wrong with our setup?

ANY help would be greatly appreciated!!!

Best

What’s the domain?

Oh so sorry, right, I should have out the domain!!!

The Domain is https://www.streamlistapp.com

Thank you !!

Sorry the domain is: https://www.streamlistapp.com

Your domain does not appear to be proxied (:orange:) through Cloudflare, the certificate that expired is the one at GoDaddy.

image

1 Like

Well, GoDaddy tells me it is not expired, plus, if I go to my GoDaddy account I see that is was renewed one the 29th of this year (Yesterday) and is good for 1 year. I can send you a screenshot for verification if you would like to see it.

Where did you see the info you sent?

It’s in the certificate presented by your site. Chrome’s Dev Tools (Security tab) helps with tracking this issue. Or the Advanced button on the big warning screen.

1 Like

Hmmmm, YES, I agree and know exactly what you are talking about, BUT, why does the cert show valid on the GoDaddy Site. I have checked it several times myself and spoke with them 3 times… each time they were adamant that the cert is renewed and valid.

Given that the site isn’t proxied by Cloudflare at the moment, all the issues are on GoDaddy’s side and Cloudflare shouldn’t be involved. Perhaps share the screenshot of the cert presented with them and ask them to explain it, if they say the cert is valid.

1 Like

What is the impact if i Proxy the site?

Maybe I am not sure what you mean by proxied? We do have our Nameservers pointing to Cloudflare. The cloud flare sales guy, when he informed me about purchasing an account, explained it would give us a new cert and that may fix it. He indicated that GoDaddy works fine with Cloudflare until the cert needs to be renewed, he said they block that or something. From our conversation I thought he was saying that our GoDaddy Cert is renewed but on the Cloudflare free plan when the cert expires GoDaddy has an issue. So we went ahead a purchased Cloudflare to get a new cert.

I know this is confusing, but I appreciate your help with this. We need to get this fixed, so thank you again for you help!!!

If you proxy the site, you enable Cloudflare’s services and their SSL on the site.

With an invalid certificate on the server as you currently have, you can use Cloudflare’s Full SSL mode so the user will see the valid Cloudflare certificate.

1 Like

You could somewhat cover up the invalid certificate because, at that point, Cloudflare would front your site, however it would not fix the actual issue of an expired certificate on your server. Because of this you would have to use a less secure “Full” instead of “Full strict” on Cloudflare.

The best approach really would be to get your host to fix their certificate as they claimed they did.

2 Likes

Ok, so after the conversation with you I reached out to GoDaddy again, but this time I switched the name servers back to GoDaddy then they would have no excuse.

So changing them back did show that GoDqaddy is the issue and they have the cert wrong. I finally got them to see it and they made some changes because they had something messed up.

Anyway, the site did come up after a bit when the made some changes.

I just changed the name servers back to point to CLouFlare so once that starts to happen I will look into it agin. I am also a bit pissed off because Cloudflare suggested I make a purchase that I most likely do not need … YET!!!

Than k you for your help and if I still have an issue after the name servers take effect I will reach out again.

Best

2 Likes

Thats a different issue though.

I’d seriously suggest to switch to another host, as the entire issue started with Godaddy and they have proven their - well, I dont want to use the word “incompetence” :smile:

As for the Cloudflare certificate, I guess this was bad advice from their support. In most cases dedicated certificates are not necessary any longer these days. I’d contact them for a refund, which IMHO should be in order here. @cloonan

1 Like

Hi @tscamurra, can you share your ticket number with support? I’ll follow up and investigate. Sorry for the troubles.

2 Likes

Hello,

I do not have a ticket because I could not figure out how to reach out to Cloudflare Support. I could only find links to the cloudflare community on their site.

So YES, I agree with you. I can tell you now that I changed the name servers back to point to Cloudflare our site is down again. However, with a different error. I think this is due to the fact that he FREE cert was deleted and the dedicated one is in place. Could this be true?

1 Like

Ehm, you are using Cloudflare’s nameservers, but you are still not proxying but instead hitting your host’s servers directly, where there is still an expired certificate.

So far not a Cloudflare issue, Godaddy still hasnt fixed it.

1 Like

LOL, ok, I do agree. Couple questions:

  1. When the NameServers point to GoDaddy the cert was bad but it does appear to be valid now. So because it was working and showing good, I changed the NameServers back, BUT, do I need to remove the expired one from GoDaddy?
  2. If I enable proxy will that correct the problem? At least until we get off of GoDaddy?

Thanks for the help!!

Check if your DNS configuration on Cloudflare matches the actual IP addresses. You actually have two IP addresses configured on Cloudflare. Is that right? If you point to the wrong addresses, it wouldnt be much of a surprise that you get incorrect certificates.

If you downgrade from “Full strict” to “Full”, though I really wouldnt advise that, as that setting is less secure and vulnerable to MITM attacks. If you use it, please really use it only for a few days until you migrated and can switch back to Full strict.