Starting over (again)

Okay I’ve been battling something for about 3 years now. For instance I have never been successful with an https strict connection. I just started over by using a completely different machine and deleted my account with cloudflare and then re-enable it. Cloudflare is my domain name server but when I try to add the site again I am seeing this:

NOTICE THE ca3-a174b6a6f9c1465ebcfdf305fb287683 TXT FILE? whois that alpha-numeric and you’ll find it’s not me nor cf

When I try to figure out why the TXT file looks odd I find that a WHOIS SHOWS me this:
Domain Name: ARAFATSKY99.COM
Registry Domain ID: 2320101056_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.PublicDomainRegistry.com
Registrar URL: http://www.publicdomainregistry.com
Updated Date: 2019-09-11T05:35:38Z
Creation Date: 2018-10-11T04:59:57Z
Registry Expiry Date: 2020-10-11T04:59:57Z
Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
Registrar IANA ID: 303
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +1.2013775952
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: DNS1.NAMECHEAPHOSTING.COM
Name Server: DNS2.NAMECHEAPHOSTING.COM

I don’t have namecheap or arafatsky, should I continue to add my domain at this point?

Hard to understand your question. The domain you are referring to seems to be springfield-ohio-post.com, yet in your WHOIS you have searched for domain arafatsky99.com. Two different domains, and if you search WHOIS for the first domain, you will obviously get totally different records:

Domain Name: SPRINGFIELD-OHIO-POST.COM
Registry Domain ID: 2133530408_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.cloudflare.com
Registrar URL: http://www.cloudflare.com
Updated Date: 2019-07-27T04:17:09Z
Creation Date: 2017-06-14T00:34:20Z
Registry Expiry Date: 2022-06-14T00:34:20Z
Registrar: CloudFlare, Inc.
Registrar IANA ID: 1910
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone:
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: ELMA.NS.CLOUDFLARE.COM
Name Server: TERRY.NS.CLOUDFLARE.COM
DNSSEC: signedDelegation
DNSSEC DS Data: 2371 13 2 9C83E85177400384B52AED1AE3CF1056D3FA971AD6040D6BDE4549A6FDF5292B
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/

Last update of whois database: 2019-09-28T01:30:54Z <<<

See that TXT file in the first screenshot? Paste that in google and it comes up as our military in the middle-east or something: TXT=ca3-a174b6a6f9c1465ebcfdf305fb287683

When i add my domain…
cf automatically shows:
the A record,
the Cname record,
and that bogus (?) txt record
(I x’d the txt before proceeding to add my domain)

When I use the IP ADDRESS to check 443 and port 80 I can ping, trace, and do an nslookup however when I try to use my domain name through cloudflare all fails…I don’t get it.

How can I paste text from a screenshot? The screenshot doesn’t even show the content of the DNS TXT entry.

Besides, what is that TXT entry for? It’s not added by Cloudflare. If you believe it to be junk, why not just delete it? TXT records have nothing to do with where your domain name points. That’s related to the A record, which points to 99.91.234.52.

Why your DOMAIN is not working is something else, not related to that TXT record. I tried to access your website by IP (bypassing Cloudflare), and it works. It does NOT work on SSL though, and your cloudflare domain version is set to redirect to SSL. Looks like SSL related issue to me.

1 Like

OH wow!!! LOL sorry about that!

Good point!

ca3-a174b6a6f9c1465ebcfdf305fb287683

Others might be having similar issues on here so I guess I’ll just go to bed and leave it on full-strict even though it isn’t working now (it was up for a whopping 10 minutes)

That TXT record is added by Cloudflare for TLS/SSL certificate issuance.

Are you certain about that?

https://www.google.com/search?source=hp&ei=GaCOXa6gIKW60PEPg6Cd0AE&q=ca3-a174b6a6f9c1465ebcfdf305fb287683&oq=ca3-a174b6a6f9c1465ebcfdf305fb287683&gs_l=psy-ab.12...1942.1942..2769...0.0..0.140.140.0j1…0…2j1…gws-wiz.CJNv0QiTDN0&ved=0ahUKEwjukLbTmPLkAhUlHTQIHQNQBxoQ4dUDCAs

Oh great, that paste isn’t working…anyway when you whois that ca3-a174b6a6f9c1465ebcfdf305fb287683 it comes back to this person:
http://arafatsky99.com
Not sure though…but the website is in some other language and it’s not mine

Yes, I am.

Hey sdayman,
Just to be clear, am I supposed to have two pems and one key in the root?
In my efforts to get fullstrict to work I added this:
origin_ca_ecc_root.pem
and it seemed to have worked for a while

LOL…well, in that case I’ll delete my domain and redo (again) but this time I’ll be sure to leave arafat in the setup. Good grief, who knew ? I thought it was something rogue at my end that cf picked up when setting up the A record and Cname records. Hopefully this explains why I’ve never been able to ssl the site to full strict (now I’m curious why it worked for about 10 minutes though).

The TXT file was added by cloudflare as seen by my very first screenshot.

I deleted the site from cf

I re-added the site to cf BUT THIS TIME, as all the other times in the past, there was not a TXT file found by cloudflare…cf AUTO ADDED just the A and Cname Records (without a txt file). Since I did not take an updated screenshot to show this, imagine the following screenshot (only without the TXT) upon my adding the domain back in cf:

strict/full ssl still, and has never, worked even though the ports are open (443 80) here and the server has default server 443 and 80
I think now I’ll go and trash the nginx conf file to make only 443 as a default server and see what happens

This topic was automatically closed after 31 days. New replies are no longer allowed.