SSL not working for subdomain


#1

Hi,

I am trying to setup ssl for my site that is hosted by github pages.
I use route 53 for my domain registration and hosted zones.

I followed the setup at https://blog.cloudflare.com/secure-and-fast-github-pages-with-cloudflare/ but no look!

i changed the name servers on route 53 which is fine. You can view my blog at http://blog.shanelee.name

however doest get redirected to https.
I do not have any other records set. Even for root domain.

Under cryto tab I selected ssl Full.
Always use HTTPS is on.

I then created a page rule:
URL: http://.shanelee.name/
Setting SSL Full

Am I missing something?

Thanks,
Shane.


#2

I think you have DNS propagation issue. Executing a dig still show a CNAME to GitHub instead of Cloudflare’s IP. Please ensure that the blog subdomain is orange-cloud. And probably wait for the old TTL to expire.


#3

thanks for response.

It states in overview (DNS modification pending).

When I run dig ns blog.shanelee.name I see:
;; QUESTION SECTION:
;blog.shanelee.name. IN NS

;; AUTHORITY SECTION:
shanelee.name. 3600 IN SOA austin.ns.cloudflare.com. dns.cloudflare.com. 2025194874 10000 2400 604800 3600

I made these changes on route 53 at the weekend to add in the name servers.

Does it take a while to change or have I done something wrong?

Thanks,
Shane.


#4

Hi this domain is not currently being proxied by Cloudflare. You said you made a change in Route 53, but the DNS servers for this domain are Cloudflare, so you should make the change int he DNS tab in the Cloudflare admin console and yu should make sure the record is orange clouded.

Right now when you visit the page using https it is showing the github SSL cert because it is going direct and not being proxied.

hope that helps.


#5

thanks for response.

Just to confirm my NS from cloudflare are:
kia.ns.cloudflare.com
austin.ns.cloudflare.com

Now in aws console for route 53 i changed my NS record set for shanelee.name to be:
kia.ns.cloudflare.com
austin.ns.cloudflare.com

Then for the registered domain I changed the NS too to
kia.ns.cloudflare.com
austin.ns.cloudflare.com

Just received an email from aws stating
"We recently received an online request from your AWS account to do the following:

Update the name servers associated with the domain shanelee.name
We’re sorry to report that the operation failed after we forwarded your request to our registrar partner. This is because:

2002 : Command use error (A login command MUST be sent to a server before any other EPP command)"

Any clue?


#6


#7

All good.

I tried to change the name servers at the domain level in route 53. This time it passed!

It took a few minutes but my certificate appeared enabled in cloudflare and my domain.
Now can redirect to https automatically. No need for page rule.