darren
January 29, 2021, 4:31pm
1
Hello,
Using the SSL certificate provided by Cloudflare, I get the following:
Is it possible to use the Cloudflare SSL only and not a SSL on the origin server and to be able to fix that error?
*** Disclaimer: I’ve replaced my actual domain with ( domain.com ) ***
domain.com:443
New, (NONE), Cipher is (NONE)
You shouldn’t get an SSL error when connecting to a Proxied (
You definitely need SSL on the origin server if your goal is to secure your site’s traffic.
darren
January 29, 2021, 6:01pm
3
Thanks for the reply,
I have enabled ssl certificate on the server via lets encrypt and re-enabled the proxy cloud and turned on Full (strict) but still get the error.
But if I turn off the proxy cloud (
Check the SSL/TLS page → Edge Certificates. What’s the Status for the Universal SSL cert?
Can you post the domain name?
It’s interesting that command fails from MacOS, but passes in Ubuntu. I suspect it’s something about Apple’s openssl not tolerating something, but I don’t know what. Browsers don’t seem to mind the certificate.
Maybe another @MVP knows why, or someone from #JanJam may pick this up in an hour.
1 Like
What is your minimum TLS version set as in the Cloudflare Dashboard (At SSL/TLS → Edge Certificates)?
2 Likes
sdayman
January 29, 2021, 7:17pm
10
Good catch. Qualys SSL test says it’s 1.3 only.
1 Like
darren
January 29, 2021, 7:32pm
12
Always Use HTTPS = ON
Opportunistic Encryption = ON
TLS 1.3 = ON
Certificate Transparency Monitoring ( Beta ) = OFF
And yes, I’m using a MacOS computer and using Terminal
TLS 1.3 compatibility is not yet the best on most modern systems, so it’s probably best to keep the minimum version on 1.2 for now
2 Likes
darren
January 29, 2021, 7:40pm
15
@arunesh90 Okey, Thank-you.
system
January 30, 2021, 7:41pm
16
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.
) hostname.