SSL Full - still showing not secure

Any help / tips very welcome!

Steps taken:

  • cloudflare: generate client certificate (include: and
  • cloudflare: generate origin ca
  • cloudflare: add dns cname entry for ‘app’ to point at the required aws server
  • aws: import the cloudflare origin certificate
  • cloudflare: set ssl to FULL (strict)
  • test at 10min, 30min and 60min
  • test with incognito mode, test with brower clear, test with remote pc on diff network not previously visited the page

I’m clearly missing a trick.
In Chrome + Firefox it shows
the issuer: cloudflare inc
validity: 11jan 2024 - 7jan 2039 (15yrs as expected)
Subject alt names:,

You need to proxy the DNS entry, otherwise you connect directly to the server and Origin certificates are not trusted by mainstream browsers.

1 Like

Has anyone told you that you are wonderful recently?
Well thank you very much!
I will give that a go and report back. If you are right then BIG THANK YOU!

@sandro you are wonderful!
it working now Cloudflare DNS entry has proxy turned on for that CNAM / subdomain entry. Not sure how you spotted that it was off but big thanks!

:slight_smile: Always a pleasure

And a belated happy new year

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.