SSL after joining cloudflare

Hello Team. can i be assisted on this one issue please. I have recently listed my domain on Cloudflare. After joining Cloudflare, i bought a wildcard SSL from godaddy and installed it on my server now, issue is, i cant get it to reflect on my browser. In my Cloudflare account i get a notice that says, Ineligible for SSL. I guess this is why i am not getting my SSL to work. the domain is a .co.zw domain and its on the free Cloudflare account.I have tried following this link: https://support.cloudflare.com/hc/en-us/articles/204468848-How-do-I-access-or-change-any-of-my-SSL-settings-?flash_digest=5367ef830f6c7dfd7429e1c04ac968154ebe85ac but i am unauthorized to view its content.

Thank in advance for the assist.

Zimbabwe is one of the countries restricted by Cloudflare’s main CA, Comodo, out of concern for United States export and sanction laws.

https://support.comodo.com/index.php?/Help Center/Article/View/989

Depending on Cloudflare’s own legal interpretations and policies, they might use one of the other CAs they work with, or they might not obtain any sort of certificate.

2 Likes

thank you for the feedback. So, how do i get SSL while on Cloudflare? Does this mean because of sanctions, i cant get SSL even if i purchase another third party SSL certificate (godaddy in my case)? Isn’t there a way i can get SSL?

So the ineligibility is beause they dont get certificates issued for a legal reason.

Hmm, so it would require a business account and a custom certificate to get a .zw domain on TLS at Cloudflare.

1 Like

Maybe, maybe not.

Cloudflare works with 3 CAs. Solving this may be as simple as filing a support ticket and asking them to try one of the other CAs.

Or not.

1 Like

What I find interesting however, is the way this ban is implemented. Why is the top-level domain sanctioned? Everybody seems to be able to register such a domain, whereas a Zimbabwean citizen can register under another TLD and get a certificate.

That ban is somewhat pointless :thinking:

1 Like

Any tips on going around it?

Not more than what was already mentioned. Or you use another domain.

1 Like

You been a great help, Let me try to open a ticket with Cloudflare see if i can get assisted as suggested above

My other .com domain didnt have problems. its working very well with a third party SSL

GlobalSign, the non-US CA Cloudflare works with, has issued certificates for .co.zw domains for Cloudflare as recently as April.

DigiCert, the third CA, also seems to be willing to work with Zimbabwe.

Edit: Then again, that site is no longer using a Cloudflare certificate, so policies may have changed.

1 Like

Well, it is a .com

1 Like

This topic was automatically closed after 14 days. New replies are no longer allowed.