After setting up ssl still using not encrypted connection


#1

i set up certificates and edited server block for nginx but i am still connectng without ssl


#2

Please provide some information that would make it at all possible to diagnose your issue, like your nginx configuration and the domains in question.


#3

http://paste.ubuntu.com/13862010/

heres the conf file


#4

https://jadecommerce.fr/ looks fine here, maybe you want to configure a redirect from http://jadecommerce.fr/ to https://jadecommerce.fr/?


#5

Looks like you’re using CloudFlare to me…
Try disabling SSL in CloudFlare or deactivating CloudFlare for your site.


#6

But it’s using a COMODO certificate, not Let’s Encrypt :wink:


#7

It’s using a COMODO cert from CloudFlare.
Issued to sni26161.cloudflaressl.com


#8

Ah, I didn’t look for that, your post title mislead me to thinking you never setup any kind of HTTPS there.

And yeah, it looks like you enabled Cloudflare for your domain.


#9

disabled the cloudflare ssl but still cannot use letsencrypt


#10

It doesn’t look fully disabled here.


#11

it can be cace maybe


#12

I run my own recursor, so I made sure to purge it’s cache of course.


#13

https://jadecommerce.fr/ still uses CloudFlare for me. Not sure if it’s something that needs time to propagate.

Making your site work properly on https is outside the scope of Let’s Encrypt. You will have to make sure all links to your site, all resources like images, css or javascript are protocol-relative or https-only. If you want http requests to redirect to https automatically you will have to set that up as well. Let’s Encrypt only provides a trusted certificate and, if you’re using a supported web server, auto-configuration of said certificates and SSL settings. The rest is still up to you.


#14

By disabling SSL in CloudFlare all together, it redirects to the non-HTTPS:

osiris@desktop ~ $ openssl s_client -servername jadecommerce.fr -connect jadecommerce.fr:443
CONNECTED(00000003)
*snip*
---
GET / HTTP/1.1 
Host: jadecommerce.fr

HTTP/1.1 503 Service Temporarily Unavailable
Server: cloudflare-nginx
Date: Wed, 09 Dec 2015 16:57:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: __cfduid=ddb58...9680223; expires=Thu, 08-Dec-16 16:57:03 GMT; path=/; domain=.jadecommerce.fr; HttpOnly
X-Frame-Options: SAMEORIGIN
Refresh: 8;URL=/cdn-cgi/l/chk_jschl?pass=144...wlfY/0
Cache-Control: no-cache
CF-RAY: 252...

112b
<!DOCTYPE HTML>
<html lang="en-US">
<head>
...more HTML with all kinds of JavaScript to redirect the user to the non-HTTPS-site...

So… I’ve got no clue how this CloudFlare-shizzle should work with your own ngix server, but it isn’t working properly right now and I think it has something to do with CloudFlare :wink: (Certificate was a CloudFlare again btw…)