SSL Certificate Active But Domain Isn't Secured

bloqdrop · July 29, 2019, 3:58pm

Hey there - I’ve connected my domain “bloqdrop.com” to Cloudflare and added SSL.

The SSL is displayed as active on the Cloudflare dashboard, however the URL still displays as unsecured when I visit the website. Am I missing a step?

Thanks!

Judge · July 29, 2019, 4:17pm

First it looks like the HTTPS version of your site (when manually going to https://) doesn’t work:

Make sure your origin server also has SSL enabled so that the connection is also secure from CF ↔ your server. Otherwise, If your host charges for SSL, go to the SSL/TLS app and change “SSL” to flexible.

Once you confirm that manually going to the https version - https://bloqdrop.com/ - works, then you can go to the SSL/TLS app of the dashboard and enable “Always use HTTPS” - this will redirect http to https so all visitors will see the secured page.

bloqdrop · July 29, 2019, 5:14pm

Thank you for your help, I went ahead and purchased a SSL package from Namesilo so hopefully that’ll do the trick.

Judge · July 29, 2019, 5:16pm

Since you did that, make sure SSL is “Full (strict)” in the SSL/TLS app. Currently the HTTPS version of the site has mixed content issues, full strict should generally fix that.

bloqdrop · July 29, 2019, 5:20pm

Great - just did that as well, I’m thinking it’ll take a few minutes to reconfigure on the back end.

bloqdrop · July 29, 2019, 6:07pm

Looks like I’m still getting a timeout error, hmm…any suggestions? Perhaps I’ll contact namesilo

Judge · July 29, 2019, 7:06pm

Is there indication that the SSL is set up or activated at namesilo? the error probably means the port 443 (HTTPS port) isn’t open on the server.

bloqdrop · July 29, 2019, 7:24pm

I think I’ll have to talk to the developer I’m working with whose using AWS to host this actually, Namesilo is the domain provider and I believe AWS is the host in this instance, I’m thinking that must be it. Thanks alot!

Judge · July 29, 2019, 8:33pm

Ah, in that case you dln’t need the SSL from Namesilo.

Ask your AWS developer to either get something like an AWS certificate [if the service you’re using supports that. Lightsail and EC2 do not], letsEncrypt certificate. or Cloudflare Origin Certificate.

Also see

Restoring Visitor IPs - needed to get the real IP of a visitor

firewalling server to only accept connections from CF - prevent DDOS attacks from bypassing Cloudflare

system · August 28, 2019, 3:58pm

This topic was automatically closed after 30 days. New replies are no longer allowed.

Topic		Replies	Views
SSL Not Activating Getting Started dns , dash-ssl-tls , dash-getting-started , dash-errors , dash-troubleshooting	34	7932	June 18, 2021
SSL not working! Security ssl , dns , WordPress , dash-ssl-tls , dash-getting-started , dash-errors , dash-troubleshooting	13	2354	August 24, 2018
Looks like my SSL should be active but it's not, heres my issue and what I have tried Security dash-ssl-tls , dash-errors , dash-troubleshooting	7	3458	March 7, 2019
SSL Configuration Security	20	7810	August 10, 2020
Site still "not secure" Security	9	2486	May 31, 2020

SSL Certificate Active But Domain Isn't Secured

Related topics