Hi guys,
I searched the Forum but found nothing. I have a problem, my website’s SSL is not working. On the dashboard it shows me that the SSL certificate is active, but in fact it isn’t.
I wanted to add photos here, but it shows me that I can add a maximum of 1 - I will try to add them in the comments.
image1 & image2
The only problem I’ve found is that I don’t have any DNS records on Cloudflare (?). I don’t know why or how this happened, or how I can possibly fix it.
image3
All I have in my file manager is index.html and .htaccess. My .htaccess file is probably auto-generated (or I did it but completely forgot about it).
How does it look like:
image4
If you know what’s going on please help me .
I also have another problem: my website works on tor (ofc shows that the connection is not secure - but it works), but it doesn’t work on my computer (other browsers don’t work either). Do you know how to fix it?
I already triedipconfig /flushdns but nothing happened (this is less important, but still what’s going on with my site lol).
I checked your domain, and it seems that this issue is caused by the DNS configuration of your domain.
Specifically, it seems that DNSSEC is enabled at your domain provider. However, our nameservers don’t support DNSSEC, so the security check of DNSSEC is failing.
Seeing how your domain appears to be registered with Squarespace, this is probably what you need to do:
As for the SSL error in image2, it seems that you have uploaded a Cloudflare Origin Certificate. However, Cloudflare Origin Certificates are NOT valid SSL certificates. They can only be used to secure the connection between your hosting account and Cloudflare, and are not accepted by browsers.
To fix that, you can either switch your domain to Cloudflare so Cloudflare can handle the SSL used to secure the connection between your visitors and Cloudflare’s servers, or you can replace the current certificate with a certificate from a trusted SSL provider. You can use our free SSL certificates tool to get such a certificate.
So I can just turn it off without worrying about security?
OK, thanks for the info, I think I saw it in the panel, but (as you can see in image1) it shows there that everything is fine.
I tried it, it didn’t work with the free SSL tool, I used Cloudflare (hoping it would start working).
Now I tried again, but… the result is in the image.
Whether you worry about security is always your decision.
Using DNSSEC is best practice, so if you can use it, it’s probably beneficial to have it. However, it’s by no means a requirement for a secure website. Many websites, even from big companies don’t use it yet.
And regardless, our nameservers don’t support DNSSEC. And if you have to choose between something that follows all the best practices for security and something that works, you’ll probably want to choose the latter.
Our SSL validator only checker that a certificate is installed and that it’s not expired. It doesn’t check whether the certificate is actually accepted by browsers.
The certificate that’s active is the certificate you have uploaded, so “all is good”. It doesn’t tell you whether the certificate you have uploaded actually fits your needs.
Like you can see in the message: the issue is with DNSSEC. So that’s also the result of having DNSSEC enabled on your domain but our nameservers not supporting it.
SSL providers also validate DNSSEC if it’s enabled. But since our nameservers don’t support DNSSEC, our nameservers will be flagged as “rogue” nameservers, and SSL providers will refuse to do the DNS verification.
So again, you need to disable DNSSEC for your domain to work. Not just for your website to be reachable, but also to get an SSL certificate.
.
