Site still not secure after enabling SSL - apache2

I’m sorry that this might be a dumb question. There are other threads about this which aren’t answered or haven’t the exact specifications of my problems.
I am trying to make a website. I registered a domain with Cloudflare, set up a raspberry pi at my house and port forwarded it to port 80. It is running Ubuntu server and apache2, all consistently at the newest version. I decided I wanted to get rid of the not secure warning, so tried to set up HTTPS. I changed my virtualhost in apache to port 443 and port forwarded that in addition to port 80 (yes, I reloaded apache2 and even restarted my server). In Cloudflare dashboard under SSL/TLS in Origin Server I created a certificate. I uploaded them to my server. In my virtualhost I added SSLEngine on, SSLCertificateFile (pem thingy from cloudflare), SSLCertificateKeyFile (the secret key from cloudflare) and SSLCertificateChainFile (the Cloudflare Origin CA certificate which is available from their website). I have tried pausing cloudflare. I have run a2enmod ssl on my server. Firefox says it’s not secure without much further information. Now, the site defaults to connecting with HTTP. In chrome it says “not secure”. When I change the address to HTTPS:// I get a security warning in chrome and firefox. Chrome says NET::ERR_CERT_AUTHORITY_INVALID on HTTPS. I have not got any different results with a VPN or TOR.

TLDR I’m a server noob, my site isn’t secure.

Might I add that my DNS is set to DNS only, because proxy messes up the minecraft server I also run on the same address.

Using a Cloudflare origin certificate requires using the proxy as the certificate is only trusted by Cloudflare…

You’ll need to use an SSL certificate from LetsEncrypt or another trusted CA if staying with DNS only. Otherwise you can create a subdomain for the website (www) or game server and proxy the webserver record and leave the game server subdomain as DNS only.


Thank you so much! I was worried it might just be a really dumb and simple thing like this, and that was the case. Thank you for the shockingly speedy reply, that worked perfectly immediately.


This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.