SSL Active but site still not secured (I followed all the steps)

I have a site, still under construction: delamazonas.com
I followed every single installation step (changed dns records, installed flexible ssl plugin changed the ssl from full to flexible, made rule to force ssl for the entire domain.) But site is still showing the not secure message.

Please help!

Why would you do this? You just made your site insecure. It should be “Full strict”.

Ok, I changed again to full strict, still not working.

What should I do next?

Because you dont seem to have valid certificate on your server. Make sure you have that.

Then check out support.cloudflare.com and #Tutorials.

That doesnt seems to be a solution, I’ve installed ssl certificates with you before and there werent any problems, could you tell me exactly what do I have to do?

It does not? You need a certificate on your server and that error suggest you do not. So the solution is to configure a certificate on your server.

but still not secure

how do you explain this?

That site seems to check the certificate on Cloudflare, which is valid, but Cloudflare cant connect because you dont have a valid certificate.

Please, use the search. All of this has been discussed a million times.

For starters and the third time, make sure you have a valid certificate on your server. Once that is in place you can continue with any other issues.

Are you from cloudflare Customer Service? because you dont seem to be helping, if you know the issue, why dont you send a link to a tutorial or to a real solution?

What the … do you mean with “That site seems to check the certificate on Cloudflare, which is valid, but Cloudflare cant connect because you dont have a valid certificate.” this have no sense, you are saying my Cloudflare certificate is valid but it is not? Explain this please.

If you had typed “526 #communitytip” in the search - as I suggested - you’d have immediately found the tutorial in question

https://community.cloudflare.com/search?q=526%20%23communitytip

No, I am not saying your Cloudflare certificate is not valid and I never was. I said your very own server certificate is not valid. That is what you need to fix.

Unclear as to what the issue is. The site renders securely for me…

1 Like

Wow! good news… it doesnt show like that from here… Thx!

Did you configure that certificate on your server?

Could you explain me how to run a CURL?? do I have to do that from godaddy, from my computer or from elsewhere? …regarding the recommendation made in the link you sent:
curl -svo /dev/null --resolve example.com:443:123.123.123.123 https://example.com/

Assuming your server IP address ends in 166, it appears you did not install a valid certificate.

no that’s not my ip address

I followed these steps for installing the ssl

https://co.godaddy.com/help/instalar-manualmente-un-certificado-ssl-en-mi-hosting-cpanel-12027

That address does seem to return the same content as the screenshot posted by @cscharff though.

Anyhow, if you installed a proper certificate and your mode is “strict” you’ll have a secure site. Considering it now loads fine everything seems to be in place.

Thanks! Now I really don’t know what’s happening, yesterday a person in USA told me they saw the site protected, when I still was seeing the “Site is not secure” message, then, later at night I finally saw the padlock and went to sleep like a bird. This morning I’m checking my site and it is unprotected again… not safe… the encription mode was set to Full… now that I read your last message I change it to Full-strict… I’ll wait until something magic happen again… anyway…

PS: another think I did was to create a rule (attached) because I saw this recommendation somewhere… is it ok to have that rule?

You dont need that rule as you can set that globally without a page rule under your SSL/TLS settings.

As for your current issue, that is the very same issue I referred to several times yesterday. You still dont have a certificate on your server.

Sorry for my deep ignorance… but that’s chinese for me …and then why it showed as protected yesterday? that made no sense for me… I followed every single step of godaddy’s third party SSL installation guide… their CS wont help me because obviously they want to sell their thing… it is still a non solved mystery… any one with the same issue please help!