I am unable to get the www version of my site secured with an active certificate. It says that it expired 15 days ago (thought Cloudflare auto-renews them?), but for some reason when I renewed (disabled Universal SSL and renabled), it only secured the non-www version of my site. I do not have any sort of third-party certificate installed or anything else. I have disabled Universal SSL several times now and it still won’t work.
After looking through related issues in this forum, I am unable to find what I am looking for.
Well it appears my home network might be caching the page despite using incognito and clearing cache, but I think it may be working since my last re-enabling of Universal SSL. The issue was that it was giving me a “page not secure” message when typing in “www” in front of the URL, but it was fine when just typing in the domain without it. It kept showing the certificate had expired 15 days ago for the www version of my site.
I appreciate your quick reply. If I notice an issue again I will sure be back here. Thanks sir.
The HTTP versions are irrelevant as they are not using a certificate in the first place.
So the difference it between the naked domain and www, assuming they resolve to the same IP address for you, you should hit the same edge server and if the naked domain works I’d expect www to work as well. I cant reproduce your error but if you say you cleared the cache I really can only refer you to support.
Both SSL Labs and SSL Hopper both have https://www variation of the URL as expired. Also, GTMetrix and Pagespeed can’t crawl it either. They can crawl the “www” but not the “https://www” version. Waiting to see what support says.
whos your hosting provider, you should issue an ssl there and encrypt there so no matter what you can force https even if Cloudflare fails, if you dnt youre open to attacks between you and Cloudflare because tour info is not encypted at all
well, if he had one on the origin he wouldnt need to worry as much because he could force https when your ssl cert fails. maybe i misunderstand how fallbacks work
Not sure what you are trying to say. First, it is not clear whether or not the OP has a certificate on the origin. Second, even if he does, it would not fix the issue at hand.
CF looked into it and it is because FindLaw is also a Cloudflare customer and that is who my client had their website through previously, and the certificate was still showing up on the Cloudflare Edge as expired from them being with FindLaw previously. Apparently this is a “known” issue that they have been working on. They granted me a dedicated certificate and everything is good to go now.
