Trying to implement Full mode Encryption

Hello! I enabled CloudFlare and I´m trying to implement Full mode Encryption for andrearegalos.com.ar. Can you help me understand why when I use https the browser respond with ERR_SSL_PROTOCOL_ERROR and still working with http?
What’s missing in the configuration? It’s enough to select Full mode and set Always use HTTPS?
Many thanks in advance for your patience.

Error 525

To fix that error you need to set the SSL option to Flexible on the SSL/TLS section of the Cloudflare


if you just want FULL then you have to do this:
You can install a valid SSL certificate signed by a real certificate authority. These certificates still work (both with and without having Cloudflare on your site). You can get an SSL certificate like that using the SSL Certificates tool in the client area.

https://support.cloudflare.com/hc/en-us/articles/200170416-End-to-end-HTTPS-with-Cloudflare-Part-3-SSL-options

4 Likes

Many thanks for answer @Oxy.
I tried with the Flexible option but still having the ERR_SSL_PROTOCOL_ERROR when calling with https but the page is still responding with http. I tried with Flexible, Full and Full Strict with the same results. Now is set in Full Strict.

My intention is to have (https) a secure channel and Full Strict is the ideal. By reading several posts I found that putting CloudFlare in the middle, helps me to have free ssl certificate that CloudFlare renew automatically. They mention:

Full Strict requires a trusted CA or Cloudflare Origin CA certificate on the server
That I created.

But when I tried to upload here in the SSL section I get:


And I’m lost again …
What I’m doing wrong?

I asked for this error in their comunity and someone told me:
“The error message here will be because the certificate won’t contain the domains in the CN but only in the SANs, but there is perfectly okay and something your host needs to fix too.”

For the moment and as I can’t use this certificate, until this issue is fixed, I decided go back to the Flexible option and don’t ask me why but https begins to work. Maybe it was only question of time.

Hi there,

If you are using a certificate from Cloudflare then it won’t work with your domain because you see the common name of Cloudflare’s SSL certificates is not registered to your domain name and the way InfinityFree verifies that it is your SSL certificate is to check the common name, if the common name is not registered to your domain name it won’t work.

You can install a Let’s Encrypt SSL (You can issue one for your TLD by going to the InfinityFree Dashboard and under the SSL certificates option) certificate though and Full (strict) should work because you have now an SSL certificate installed on the origin server.

Hope this helps!

2 Likes

If you see that error, this tells me you’re connecting directly to our server, not to Cloudflare. This can be caused by your DNS settings being incorrect (which they don’t seem to be) or by DNS caching. Because it should be noted that enabling Cloudflare takes up to 72 hours to be visible everywhere.

2 Likes

Cpanel doesn’t support cloudflare origin certificates, or EEC certificates. Just get one at sslforfree.com it will only work if you manually have setup your domain on cloudflare.

Or get one on app.infinityfree.net, which works with all nameservers.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.