I need some assistance, I have recently moved domain nameservers to Cloudflare for the free SSL and this has added fine.
When viewing the site externally, the site shows as secure no problem. A web app needed connection to the site too via certificate so I generated an Origin Certificate and this has also connected fine.
However, when viewing internally using domain connected PCs to Windows Server 2016, the domain shows as not secure and seems to route through the Origin certificate as opposed to the universal SSL of which publicly is accessible.
Cloudflare does not really offer anything “freer” here than for example Let’s Encrypt.
The issue with Origin certificates is exactly that they are not trusted by browsers, which is why you get the warning you get. If your requests do not always go via the proxies, you will need a regular, publicly trusted certificate.
Is it not possible to have the Origin certificate in place for the web app connection only?
I would have assumed this was the case and therefore browsing to the domain would route through the universal SSL
Apologies if i am not making much sense
Depends on your architecture. If can deploy the Origin certificate on a server that is always behind Cloudflare, it will work. Otherwise you still need said certificate.
Alternatively, you need to make sure that all requests go via the proxies and you do not route anything on your own network.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.