I put my site behind Cloudflare last week and it has been working well. But today I woke up to an error message that my site is not accessible.
I am getting generic nginx 403 page when I am trying to access my site (same as https://community.cloudflare.com/t/why-403-forbidden-all-of-a-sudden-when-i-go-to-my-site/3453), along with 'not secure' warning in Chrome address bar.
When I disable CDN as shown in the picture, the error disappears.
I am using an SSL cert issued by Letsencrypt in my server and a Full SSL in Cloudflare. I can confirm that Letsencrypt cert has not been expired.
Any ideas how to debug this issue? I am confused as to why it was working and suddenly stopped working when nothing changed.
Additional information
When I enable the CDN, I get the following error(ERR_CERT_COMMON_NAME_INVALID) in Chrome's security tab:
The error I get when I curl the https version of the site is:
curl: (51) SSL: no alternative certificate subject name matches target host name 'my-domain.com'
Related
I have a digitalocean droplet where I have hosted a Laravel application App Url . I have added a SSL using Tutorial Link. But when I run the application in https it returns 404 page not found error. can anyone check the issue. Config file ( assamgas.tk.conf ) is below.
I'm seeing two things wrong here.
1) The web server is not redirecting to port 443 (SSL/HTTPS)
2) The certificate is not present.
I could not find any certs through HTTPS on your server.
I suggest, run through the tutorial again, or try this DigitalOcean tutorial
Don't generate too many production certificates while you test, rather use the Let's Encrypt staging server for your testing, when you get the self-signed certificate, then you switch over to the production server for Let's Encrypt, otherwise you will get Rate Limited for a week.
I've tried to enable SSL on my Cloudflare account for my asset subdomains, but I see the following error in Chrome:
This site can’t provide a secure connection
a1.staging.domain.com sent an invalid response.
ERR_SSL_PROTOCOL_ERROR
And this in Firefox:
Secure Connection Failed
An error occurred during a connection to a1.staging.domain.com. Peer reports it experienced an internal error. Error code:
SSL_ERROR_INTERNAL_ERROR_ALERT
I followed this up with Cloudflare support. Turns out that this is due to the limitation that the Cloudflare issued SSL cert is only valid for a single subdomain. So *.domain.com will work, but *.staging.domain.com won't.
More info here:
https://support.cloudflare.com/hc/en-us/articles/200170566-Why-isn-t-SSL-working-for-my-site-
I have a heroku app hosted at www.example.com.
I have a certificate issued for that address (www.example.com). I've installed the certificate successfully according to the heroku docs.
However, I how have a problem:
when I visit www.example.com, I get an invalid CN error (says that it is issued for *.herokuapp.com)
when I visit example.herokuapp.com, I also get an invalid CN error (this time the cert CN is for www.example.com)
So the certificates are pretty much flipped. This is still pretty fresh (<1 hour) - could waiting solve the problem?
Also: This part of the heroku docs shows an endpoint in the form example.herokussl.com
$ heroku certs:info
Fetching SSL Endpoint example-2121.herokussl.com info for example... done
And I'm getting the standard example.herokuapp.com endpoint, so I did not have to change the DNS settings after installing the certificate. Could that be some clue?
If you have already configured your domain DNS for non-SSL, standard http:// access, keep in mind that you need to update it again for SSL. From your Heroku account, go to your app settings, Domain section. You will see something like:
In this example, the example.com's DNS should be updated to point to example-ssl.herokussl.com (and not example-standard.herokuapp.com).
Turns out this was a DNS caching issue on my machine. Since this was Linux, changing browsers did not work (also for some reason restarting the dns deamon).
Anyway, it's fine now.
When I used set doc=db.GetDocumentByURL(url,1,1,,,,,False) to get a page/file under http, it returned the web page/file successfully as a Notes document.
But when I used set doc=db.GetDocumentByURL(url,1,1,username,password,,,False) to get an ssl page/file under https, where url is like "https://docs.google.com/document/d/xxxxoooo/edit", it failed and the remote console showed the error messages:
SSL Error: Keyring File access error
Connection interrupted: SSL Error: Bad or missing remote certificate
Can't db.GetDocumentByURL() access an ssl page/file? What should I do?
Assuming you are using Windows - make sure that IE can open the page. I've seen this problem in case the server's SSL certificate was self-signed and installing it in IE solved the problem.
I got an issue from my client regarding the SSL setup for his website. I'm not familiar with the SSL certification setup process. He is saying that We have an SSL certificate for this server but I can’t tell if it’s setup properly or not.
If I open that website, firefox says Warning: Contains unauthorized content. I am seeing some details in the warning message window which are given below:
Web site: mydomain.com
Owner: This web site does not supply ownership information
Verified by: Not specified
Mainly I want to know whether the SSL certificate used for this site is valid or not. Can anybody suggest a way to check for the SSL certificate validation of a website.
Thanks
Telnet the server on port 443. If it is responding then it is a certificate problem
To install certificate
Check this