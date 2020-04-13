Geekzone: technology news, blogs, forums
SSL via CF and Openhost

#269900 13-Apr-2020 16:58
All the time I've run a website and helped others, I've never had to bother with SSL. 

 

And now I'm wanting to implement it on my personal site....but hitting snag.

 

Site hosted with Openhost, DNS with Cloudflare and SSL Cert via Cloudflare.

 

So I've generated a cert with CF, copied the supplied cert info.

 

Gone to Openhost, and added cert (via text paste) to the SSL section, which it accepted.

 

Set my site (Wordpress) to use https://www.xpd.co.nz/

 

But getting invalid cert error when visiting my site.

 

What have I done wrong ? :)

 

CF gave me 3 lots of text (keys).

 

 

 

Any ideas ? :)

 

Ta

 

 




XPD / Gavin / DemiseNZ

 

  #2460673 13-Apr-2020 17:02
Google gave me https://community.cloudflare.com/t/ssl-issue-unknown-issuer-from-firefox/62260




No signature to see here, move along...

  #2460674 13-Apr-2020 17:03
One person supports this post
I thought that the certs from cloudflare were not for end users?




Richard rich.ms

 
 
 
 


  #2460675 13-Apr-2020 17:05
3 people support this post
Judging by the IP returned for www.xpd.co.nz you're not proxying through Cloudflare. The origin cert is not trusted by browsers, only by Cloudflare. Once you're proxying through Cloudflare with SSL enabled, they'll generate a valid cert for you and present that to visitors, while using the one you got from them (Cert + key) to encrypt traffic between Cloudflare and OpenHost




Prodigi - Optimised IT Solutions
WebOps/DevOps, Managed IT, Hosting and Internet/WAN.

Webhead
  #2460678 13-Apr-2020 17:07
I am guessing that those certs are for encrypting the communication between Cloudflare and your site, when you are using Cloudflare's caching and WAF.

 

Any reason you are not using it? Especially for blocking brute force logins etc, it's very useful.

  #2460689 13-Apr-2020 17:33
danielfaulknor:

 

Judging by the IP returned for www.xpd.co.nz you're not proxying through Cloudflare. The origin cert is not trusted by browsers, only by Cloudflare. Once you're proxying through Cloudflare with SSL enabled, they'll generate a valid cert for you and present that to visitors, while using the one you got from them (Cert + key) to encrypt traffic between Cloudflare and OpenHost

 

 

Bingo :)

 

Thank you kind sir, choc fish for you :)

 

 




XPD / Gavin / DemiseNZ

 

