SSL is not working for my domain


#1

Kindly review, we have added the domain to CLOUDFLARE nearly 24 hours ago, but still SSL is not propagate. The site is down right now. We already opened a ticket for the issue.

*What is the Domain Name?

  • How long has it been “authorizing” for?
    24 Hours.

  • Have you contacted Cloudflare support?
    Yes.

  • If you have, how long ago and what is the ticket number?
    Ticket ID: 1610422

  • What is the plan level for the domain in question?
    Free Plan.

  • What error, if any, is displaying on your site at the moment?
    ERR_SSL_VERSION_OR_CIPHER_MISMATCH

  • Are you signed up directly through Cloudflare or through a hosting provider/partner?
    Hosting Provider: CENTRIOHOST


#2

That site isn’t going through Cloudflare. Is your site showing as Active at Cloudflare?


#3

It shows me like this. I have added it through CNAME record. You can trace the account from Ticket ID: 1610422


#4


#5

The naked domain you posted isn’t going through Cloudflare, but the www subdomain is.

You’ll need to update your DNS record so it goes through Cloudflare and redirects to the www subdomain. Contact Centriohost for assistance with this, as they are the hosting partner you’re using.


#6

Hello,

The server directly managed by me. Domain Protected with " CNAME Flattening" of Cloudflare. So its normal only www will be protected. But the primary domain pointed to the server by “A” record.

This is how it works. Kindly review it.


#7

" 1. Cloudflare’s security and acceleration benefits are only available on delegated subdomains, such as www.example.com. The root domain, such as example.com, cannot be protected or accelerated via Cloudflare. This is due to DNS RFCs."

Im here to ask help with SSL issuance. Kindly help. Its protected with CNAME Flattening option of Cloudflare.


#10

Your www record appears to be working:

curl -I https://www.ourbangla.com
HTTP/2 200
date: Wed, 12 Dec 2018 21:10:04 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de43829a2864bbad5953f16c1e08a48c51544649003; expires=Thu, 12-Dec-19 21:10:03 GMT; path=/; domain=.ourbangla.com; HttpOnly; Secure
link: <https://www.ourbangla.com/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
referrer-policy:
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 48832cf1ceedc1ef-IAD

[~] curl -Iv https://www.ourbangla.com
*   Trying 2606:4700:30::681c:12ac...
* TCP_NODELAY set
* Connected to www.ourbangla.com (2606:4700:30::681c:12ac) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /usr/local/etc/openssl/cert.pem
  CApath: /usr/local/etc/openssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=CA; L=San Francisco; O=CloudFlare, Inc.; CN=sni.cloudflaressl.com
*  start date: Dec 12 00:00:00 2018 GMT
*  expire date: Dec 12 12:00:00 2019 GMT
*  subjectAltName: host "www.ourbangla.com" matched cert's "www.ourbangla.com"
*  issuer: C=US; ST=CA; L=San Francisco; O=CloudFlare, Inc.; CN=CloudFlare Inc ECC CA-2
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7f98e8008400)
> HEAD / HTTP/2
> Host: www.ourbangla.com
> User-Agent: curl/7.62.0
> Accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 200
HTTP/2 200
< date: Wed, 12 Dec 2018 21:10:15 GMT
date: Wed, 12 Dec 2018 21:10:15 GMT
< content-type: text/html; charset=UTF-8
content-type: text/html; charset=UTF-8
< set-cookie: __cfduid=d4b2afecf6e738d207bc5dd1f2ef5a2901544649014; expires=Thu, 12-Dec-19 21:10:14 GMT; path=/; domain=.ourbangla.com; HttpOnly; Secure
set-cookie: __cfduid=d4b2afecf6e738d207bc5dd1f2ef5a2901544649014; expires=Thu, 12-Dec-19 21:10:14 GMT; path=/; domain=.ourbangla.com; HttpOnly; Secure
< link: <https://www.ourbangla.com/wp-json/>; rel="https://api.w.org/"
link: <https://www.ourbangla.com/wp-json/>; rel="https://api.w.org/"
< vary: User-Agent
vary: User-Agent
< referrer-policy:
referrer-policy:
< expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< server: cloudflare
server: cloudflare

#11

Certificate is issued and the page loads on https.


#12

This topic was automatically closed after 30 days. New replies are no longer allowed.