Hello all and thank you in advance for your help.
I have just recently signed up with CloudFlare and so far everything is working great.
I am trying to get the SSL working between My Synology NAS device and CloudFlare.
The issue I am having is that whether I try to do the export method of my Self-Signed Certificate or get a CloudFlare “Origin” certificate created I don’t seem to end up with the correct number of files.
I think the best would be the CloudFlare “Origin” certificate. But that only seems to give me 2 files. A “Key” file and a “Cert” file. When I try to create the SSL on Synology NAS there is a wizard that let’s me “Import” it. But it asks for the “Key” file, “Cert” file and an “Intermediate Cert” file.
Thank you for your help. That seems to have worked partially. The Synology NAS has accepted the certificate and it appears that any subdomains on my server are not working and encrypted. However the main domain for some reason now will not load. It has the SSL Lock to show it is secure but it loads with Error 522 connection timed out. Now this is to get into the DSM & Other services.
So any subdomain I have created eg. sub.domain.ca seems to work find and is encrypted.
however any of the services I try to get to which would be domain.ca/service (eg. note, downloads, music etc…) all come up with the 522 error.
I have checked everywhere and the only reference I could find was for “HSTS” which I have verified is not enabled.
The main difference between the sub domains and the main one is that they are all created as “Virtual Hosts” via the web station app.
Sorry just to clarify that last part. The “Sub” domains are created via the Web Station as “Virtual Hosts”. The main domain interface just is? I am not sure how to make any real changes to it (PHP engine etc…)
Additional update. It seems that if I Pause Cloudflare on my site then it works. When I reenabled it I now receive a different / related message stating that there are too many redirects or the same Error 522?
Thanks for your response. Have tried both flexible and full modes.
I just reenabled it for another test and switched it to full. Am now getting the error 522 connection timed out again.
It was working all day while CloudFlare was “Paused”.
With some additional investigation I have discovered that if I turn off the built in Dos Protection in my Asus RT-AX92U Router the errors seem to go away? I found a document that seems to indicate I can add CloudFlare IP addresses to my router’s white list. ( IP Ranges | Cloudflare UK ) However I don’t see anywhere in the Router settings to do that?
Does CloudFlare take care of any DOS attacks? Is it safe for me to leave this turned off?