Getting TSL error when running ./cerbot-auto --apache

Hello, i am hosting an wordpress site via VPS and using Cloudflare for the SSL. I just learned, that you need
a SSL Certificate on the Server to activate the Full setting to get the green HTTPS icon.

I ran the code ./certbot-auto --apache

then i had to choose my 2 domains

domain.com
www.domain.com

after that, it loaded till the end i got this error:

remote error: tls: handshake failure

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
you have an up-to-date TLS configuration that allows the server to
communicate with the Certbot client.

I tried it too often so i cant install it anymore cause 5 per Week limit -.-
How can i use these 5 certificates or arent there any chances
after failing them to install?

Please help me =) Thanks

Hi,

./certbot-auto --apache is not supported with hosts behind Cloudflare. If you want to know lots of technical details about why not, look through

https://community.letsencrypt.org/search?q=cloudflare%20tls-sni-01

Behind a CDN, you should instead use the --webroot method. This calls for you to specify a webroot directory which is the top level directory that your web site’s content is served from.

If you want Certbot to try to install the certificate and configure your web server for you, you can use

./certbot-auto -a webroot -i apache

Also, hosts behind Cloudflare do not necessarily need or benefit from Let’s Encrypt certificates in comparison to another option that Cloudflare offers. This is because that certificate, in practice, would only protect the connection between Cloudflare and your server. Cloudflare has an alternative option to give you a Cloudflare-issued certificate to protect this connection.

The lack of the green padlock security indication in browsers is not necessarily due to the lack of an HTTPS connection between Cloudflare and your server. It could also be due to mixed content problems. You can check that with

https://www.whynopadlock.com/

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.