SSL wont let me go above flexible

I have recently just purchased an advanced certificate from Cloudflare, and my issue is that whenever I move SSL/Certificate status to full or end-to-end, I just get errors on my site, but when I make it flexible, it works. I need full encryption and would like a solution to this issue, any assistance would be greatly appreciated

What’s the domain?

And yes, you are right, you should not use that legacy mode as that will drop all encryption from your site, as you correctly pointed out.

literacyideas com

Which error do get?

I don’t really understand sorry Sandro, is flexible insecure? Do I need full? I use a2hosting but have deleted all certificates from there as well

I am now getting a 404

Yes, Flexible is insecure and has no encryption. Only Full Strict is secure.

Can you pause Cloudflare?

1 Like

I have just paused it

Unfortunately, your server is not properly configured and has no certificate. You need to contact your host to get this fixed. Keep Cloudflare paused until the site loads fine on HTTPS. Once it does load fine, you can unpause Cloudflare.

so do I just install the default SSL certificate on A2 or do I use the one from cloudflare or elsewhere. I really appreciate your help

If you mean by default certificate, a certificate provided by your host and valid for your domain, then yes. In short, the site needs to load fine on HTTPS without Cloudflare. Once it does, Cloudflare will work too.

the issue that arises then is that every three months I manually need to turn off proxied A records A2 tell me. Is there a permanent solution that gives me top speed but automatically rolls over as well

You may want to take a look at Origin certificates then

okay so if I install that one do I have to remove any others?

Right, if you use that certificate, you do not need the default one.

1 Like

This is super confusing - maybe squarespace wasnt so bad after all

As I mentioned, your site needs to load on HTTPS without Cloudflare. You should contact your host and you can use mentioned certificate, if the host’s certificate does not work.

okay thanks for all your help - how long do autossl certificates usually take to generate?

Typically they are issued within a couple of seconds or minutes. Though the Origin certificate may be the more covenient way.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.