SSL on a Dreamhost hosted site w/ Cloudflare as DNS not working

I have Dreamhost request an Let’s Encrypt SSL cert for my site and I’m using Cloudflare as a DNS. If I access the site directly it is encrypted fine with https. When I turn on Cloudflare for that domain I get this error:

This site can’t provide a secure connection uses an unsupported protocol.
Unsupported protocol
The client and server don’t support a common SSL protocol version or cipher suite.

Also I don’t understand why Dreamhost recommends Flexible SSL. If the cert is for the website domain, when Cloudflare is accessing the site shouldn’t it be secure?

Cloudflare’s Universal SSL cert is for and * The certificate would cover under the wildcard but it doesn’t (can’t) cover ..example domains such as

To work around this you could either use a different second level domain name to cover that domain (e.g. or you can purchase a dedicated certificate for and * which would cover child domains of the domain.

Thanks for the information, I didn’t know that’s how the certs worked. However, I have a Let’s Encrypt SSL cert specifically for on Dreamhost. Does this mean that SSL Cert’s are dealt with on the DNS level since they can’t be used?

When a site is orange clouded (proxying through Cloudflare) then Cloudflare’s edge becomes the SSL endpoint for client communications. We then evaluate the request to determine what if any requests need to be made to the origin and we initiate a new SSL session to the backend where the client certificate you have installed at Dreamhost is used.

So you have a valid SSL certificate on the backend, but the clients connect to us where there isn’t a valid cert.

You could also choose to bypass Cloudflare (gray cloud the record) in which case we’d no longer be the client SSL endpoint but instead they would connect directly to the Dreamhost server and use it’s SSL certificate.

1 Like