Now I’m trying to change the A-record for the root domain, to point to One’s servers. But when I do so, then it gives me the error:
This site can’t provide a secure connection
mydomain.tld uses an unsupported protocol.
The client and server don’t support a common SSL protocol version or cipher suite.
I’ve been in contact with One’s support 3 times, and gotten 3 different responses:
- The first supporter told me to add a CNAME-record, with the name:
_acme-challengeand the value:
- The next supporter told me to remove any txt-record called
_acme-challengeand then wait 24 hours.
- The last supporter told me to delete any
_acme-challenge-records and disable SSL/TLS in Cloudflare.
After every interaction, they tell me to wait 24 hours for the DNS to propagate - but I’m feeling they’re just telling me that to get rid of me.
I did all these three things, but I’m still left with the error and a site that has been down for a long time.
My question here is two-fold:
A) How do I get this to work?
B) How can I debug this error? Can I check that there is a valid certificate for the domain at One?
I’ll add the answers to the questions from the nice and lovely reply from @cloonan .
Current state of SSL
I was advised to disable SSL in Cloudflare. I assumed that was because it could be conflicting with the certificate One.com tried to setup. But SSL is Off (under SSL/TLS).
If you mean, to disable the proxy and use ‘DNS only’, then I tried that. And having left it for 8 hours without a result, then I rolled back to the old hosting provider (so the site didn’t lose to much traffic). But it is grey-clouded.
This is what it responds with: