I've tried to enable SSL on my Cloudflare account for my asset subdomains, but I see the following error in Chrome:
This site can’t provide a secure connection
a1.staging.domain.com sent an invalid response.
ERR_SSL_PROTOCOL_ERROR
And this in Firefox:
Secure Connection Failed
An error occurred during a connection to a1.staging.domain.com. Peer reports it experienced an internal error. Error code:
SSL_ERROR_INTERNAL_ERROR_ALERT
I followed this up with Cloudflare support. Turns out that this is due to the limitation that the Cloudflare issued SSL cert is only valid for a single subdomain. So *.domain.com will work, but *.staging.domain.com won't.
More info here:
https://support.cloudflare.com/hc/en-us/articles/200170566-Why-isn-t-SSL-working-for-my-site-
Related
https://codesandbox.io/ seems to have an invalid SSL Cert or so my browser suggests. As such, my companies proxy services are blocking this site. Anyone have any info on why this is happening or who we could reach out to to get this resolved?
We have a server that holds a variety of our clients sites. For one client there is a ssl set up at a server level.
We want to add ssl certs to all out clients now.
We usually use cloudflare. However I am now getting the following error:
Warning: file_get_contents(): Peer certificate CN=`*.[SERVER LEVEL SSL CLIENT]' did not match expected CN=`[CLOUDFLARE SSL CLIENT]'
when accessing the non server level ssl client over https.
Ive added the cloudflare origin certificate to the [CLOUDFLARE SSL CLIENT] ssl area in cpanel but that doesnt seem to be helping.
Are there any additional steps I need to take?
I put my site behind Cloudflare last week and it has been working well. But today I woke up to an error message that my site is not accessible.
I am getting generic nginx 403 page when I am trying to access my site (same as https://community.cloudflare.com/t/why-403-forbidden-all-of-a-sudden-when-i-go-to-my-site/3453), along with 'not secure' warning in Chrome address bar.
When I disable CDN as shown in the picture, the error disappears.
I am using an SSL cert issued by Letsencrypt in my server and a Full SSL in Cloudflare. I can confirm that Letsencrypt cert has not been expired.
Any ideas how to debug this issue? I am confused as to why it was working and suddenly stopped working when nothing changed.
Additional information
When I enable the CDN, I get the following error(ERR_CERT_COMMON_NAME_INVALID) in Chrome's security tab:
The error I get when I curl the https version of the site is:
curl: (51) SSL: no alternative certificate subject name matches target host name 'my-domain.com'
When I used set doc=db.GetDocumentByURL(url,1,1,,,,,False) to get a page/file under http, it returned the web page/file successfully as a Notes document.
But when I used set doc=db.GetDocumentByURL(url,1,1,username,password,,,False) to get an ssl page/file under https, where url is like "https://docs.google.com/document/d/xxxxoooo/edit", it failed and the remote console showed the error messages:
SSL Error: Keyring File access error
Connection interrupted: SSL Error: Bad or missing remote certificate
Can't db.GetDocumentByURL() access an ssl page/file? What should I do?
Assuming you are using Windows - make sure that IE can open the page. I've seen this problem in case the server's SSL certificate was self-signed and installing it in IE solved the problem.
I got an issue from my client regarding the SSL setup for his website. I'm not familiar with the SSL certification setup process. He is saying that We have an SSL certificate for this server but I can’t tell if it’s setup properly or not.
If I open that website, firefox says Warning: Contains unauthorized content. I am seeing some details in the warning message window which are given below:
Web site: mydomain.com
Owner: This web site does not supply ownership information
Verified by: Not specified
Mainly I want to know whether the SSL certificate used for this site is valid or not. Can anybody suggest a way to check for the SSL certificate validation of a website.
Thanks
Telnet the server on port 443. If it is responding then it is a certificate problem
To install certificate
Check this