Your connection is not private - SSL issue

I have a GoDaddy certificate installed on my server end but it seems like Cloudflare is forcing Let’s Encrypt and it causing some sorta conflict.

Ever since I’ve started using CloudFlare, some users who try to access my website are getting a warning message in their web browser window “your connection is not private”. Once I disable Cloudflare, the issue is resolved. I’ve spent a good hour on the phone with my hosting provider going through my Cloudflare dashboard backend. They are asking me to reach out for support on Cloudflare.

Once Cloudflare is enabled again… the padlock SSL certificate changes from GoDaddy being the issuer to Lets Encrypt R3 being the issuer.

How do I resolve this issue when Cloudflare is enabled…

Any help would be much appreciated

Can you share the hostname?

Once you activate the Cloudflare proxy, users will see a Cloudflare issued certificate. As a best practice, you should still have and maintain a certificate on your Origin, and set SSL Mode to Full (Strict). The fact that it is a Let’s Encrypt, Digicert or any other public CA should make no real difference.

There are several reasons that error message will be seen. Probably the most common for Cloudflare users is when they are trying to use a multi-level subdomain with a Universal Certificate. Universal Certificates cover only one level of subdomain (subdomain.example.com), but do not cover multiple levels of subdomain (www.subdomain.example.com)

1 Like

Thanks for the fast reply. The host name is http://chirotvnetwork.com.

I believe I have tired “Full (Strict)” mode but not sure if I waited long enough for it to propagate the changes.

I currently have no multi-level subdomain

1 Like

Switching between encryption modes is instantaneous.

It’s interesting that only some users are experiencing this. It’d be helpful if some of them could open their browser’s Dev Tools (F12 in Chrome) and track down the source of that message. I’m guessing it’s Mixed Content…unless you don’t have “Always Use HTTPS” in SSL/TLS → Edge Certificates and they aren’t typing in HTTPS for your site.

2 Likes

Hey, thanks for the feedback.

The user I was helping earlier today - I was remotely logged onto their machine. I went into the browser console and I didn’t see any messages about “Mixed Content”. I thought that would have been the issue but it doesn’t look like it was.

Should I turn on “Always Use HTTPS” in CloudFlare because I wasn’t sure if that could conflict with some .htaccess files.

I do believe my hosting company I was on the phone with earlier had me enable that feature at some point but I don’t think it fixed anything…

1 Like

Can anyone help me get this resolved? This is very frustrating. I made a ticket request (ticket number 2291377) but I got a bot answering it and it was marked solved. How do I speak someone about this issue?

Here is a little more detail about my issue…

I have users who log into my website daily. In the past few days ever since using CloudFlare we’ve had 3-5 users calling us explaining that the website now says “Your connection isn’t private”. I have spent hours on trying to resolve this issue on their end.

If I pause CloudFlare then issue on their end is resolved. We signed up for CloudFlare because we were getting DDOS attacked. CloudFlare has been working amazing for that. We is something going on with our SSL and the SSL settings on your end that is causing this message to appear for some of our users. I have spoken to our hosting company (liquid web) and they seem stuck on what is happening.

We would like to continue using CloudFlare but this issue has to be resolved. I saw the options to install our own SSL onto CloudFlare but if you ask me paying $200 more a month is unaffordable and I’m not even sure that would fixed the issue.

We have an SSL install on cPanel and the issuer for that SSL is valid with GoDaddy.

http://chirotvnetwork.com

Thanks, realise I asked that before.

Standard tools show that the website and certificate are fine.

The only thing that might be causing you an issue is users on very old devices/browsers. If that is the case you can try two things:

  1. Update the clients/browsers (they will have other problems, but not a practical solution for most users.)
  2. Switch to a DigiCert certificate as described here:
2 Likes

A shot in the dark. I had a similar thing that I could not understand www.example.com (SSL) worked but not example.com (no SSL),

I found the solution in the DNS settings. www was proxied (orange) but example.com was gray. I switched on proxy and SSL worked as expected.

Thanks for the reply. It’s not an older browser issue. I’m currently working on someones machine remotely and its Windows 10 running Edge and the latest Google Chrome…

So in dev tools you will probably see a console warning that explains what the issue is.

I browsed a bit of the site, and could not replicate, so it might only be visible behind your logon screen, which I cannot get past.

What happens if you proxy all? Does not hurt to test, but your setting seems to be correct. Have you “flexible” settings or “full”?

Right now I have it set to “full” - if I switch it to “flexible” the site just completely goes down. I will try all to “proxy” Hang on for a minute :slight_smile:

Click on Advanced for that “isn’t private” screen. It should should show you the cert that’s being presented.

It’s also ‘www’, but you said the URL doesn’t include ‘www’. It’s possible Cloudflare didn’t generate a Universal cert for *, which would cover ‘www’. You’d have to take a look at Edge Certificates at dash.cloudflare.com

Is the web server certificate validated and correct?

On that screen, click on Advanced. What does it say?

Also, Click “Not Secure”, then “Your connection to this site”, and then the little Certificate Icon. Grab a screenshot and share.

1 Like

Hey, thanks for the reply.


Here is the cert that’s being presented

Thanks. Here you go !



100% validated / correct

Ah, “Fortinet Untrusted CA”. So this certificate is still not a valid certificate.

1 Like