What am I doing wrong with SSL (full strict)?

Hello. I want to set SSL full strict on my domain. I use Ubuntu and Nginx.
I do it like this:

  1. I go to Cloudflare dash and then to SSL/TLS
  2. I set SSL to “off”
  3. I go to “Origin server”
  4. I create certificate (RSA, 15 years, PEM)
  5. On Ubuntu in etc/ssl i create 2 files (domain.com.pem and domain.com.key)
    6 Into .pem i paste origin certificate and into .key i paste private key.
  6. In etc/Nginx/sites-available/default in server i add this lines:
    listen 443;
    ssl on;
    ssl_certificate /etc/ssl/domain.com.pem;
    ssl_certificate_key /etc/ssl/domain.com.key:
  7. Then i restart Nginx
  8. At the end i turn on SSL full strict and always use https
  9. After this website isnt loading.

What am i doing wrong?
Thanks for help.

You don’t need to do that. The Origin certficate is solely issued from the dashboard. If your site is not loading you probably misconfigured your server or copied the certificate incorrectly and you should check for any errors your server might be listing in the logs.

Without further details (first posting in the forum) it is impossible to say anything else.

When i try to visit website after few seconds i got error 522.
I correctly copy my certificate.
My nginx default:

server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443;
ssl on;
ssl_certificate /etc/ssl/domain.com.pem;
ssl_certificate_key /etc/ssl/domain.com.key;

root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
try_files $uri $uri/ =404;

I am afraid server configuration is beyond the scope of the forum and something you’d need to discuss at e.g. StackExchange.

522s are covered in detail at Community Tip - Fixing Error 522: Connection timed out

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.