What is wrong!

I have changed nameservers to Cloudflare
But my website can’t load correctly
And i see this message ( your site uses an unsupported protocol )!!

Funny enough, I just had this exact same problem. Purging your browsers cache or opening your website in incognito mode solves this problem!

I tried incognito mode but i get this message too
ERR_CONNECTION_RESET !

And this message too
ERR_SSL_VERSION_OR_CIPHER_MISMATCH

May I ask you to post and share your domain name in bracketed dot [.] notation here and URL example to the particular resource with us so we could double-check, troubleshoot and provide some feedback information? :thinking:

If you recently changed your domain nameservers, regular DNS propagation time usually takes up to 24-48 hours to complete.

May I ask have you tried using a different Web browser, or tried clearing your Web browser cache?
How about using a Private window (Incognito mode) or a VPN connection if possible?
Is it the same behaviour on your mobile phone (4G LTE, mobile data, cellular)?

May I ask, if you know was the DNSSEC active and enabled for your domain name at your Domain Registrar, before switching domain nameservers to the given Cloudflare nameservers of your Cloudflare account?

May I ask what steps for troubleshooting have you already tried from the article/link in your post due to this error being presented to you? :thinking:

This post was flagged by the community and is temporarily hidden.

Hello Dear
Before I changed names server to Cloudflare 24 hours ago
My website was working correctly with Https
But now It can’t work correctly
Iam using this option full strict

I tried using many browser but the same error

i disabled Cloudflare and my website is working now

this mean Cloudflare can’t give me ssl !!

For animalworld.world you have a broken DNSSEC configuration:

➜  ~ dig @1.1.1.1 animalworld.world

; <<>> DiG 9.18.8 <<>> @1.1.1.1 animalworld.world
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 45125
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; EDE: 9 (DNSKEY Missing): (no SEP matching the DS found for animalworld.world.)
;; QUESTION SECTION:
;animalworld.world.        IN    A

;; Query time: 90 msec
;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
;; WHEN: Tue Nov 15 13:52:09 WET 2022
;; MSG SIZE  rcvd: 103

This means your domain doesn’t resolve correctly for anyone using a resolver that respects DNSSEC - and likely is causing the SSL certificate not to be issued - CAs will use DNS to validate you have control of the domain before issuing the certificate - if they cannot resolve the domain because DNSSEC is broken, the certificate issuance will be impacted.

To fix this you can either disable the old DNSSEC config you have at your current domain registrar or move forward and enable DNSSEC with Cloudflare and update your configuration at the registrar. Instructions for either choice are here:

Once you do this, the CA should be able to complete validation an issue the certificate.

I have enabled this option DNSSEC and added those value but i can see the same error now!

I Paused Cloudflare once again ! I think this option didn’t succeed

I can see you have fixed your DNS configuration by enabling DNSSEC at Cloudflare and correcting your DS record at the registrar:

https://dnsviz.net/d/animalworld.world/analyze/

This has allowed the Certificate Authority to resolve your domain and issue a certificate.

Now, testing via Cloudflare I can see that your certificate for the domain is correct - so you should be able to unpause and see this working.

1 Like

Thank you , you fixed my website errors
Best regards

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.