Let's Encrypt's Certificate doesn't seem to work

WizZarD · August 20, 2017, 11:51pm

Please fill out the fields below so we can help you better.

My domain is: www.thegamefeed.net

I ran this command: I have Plesk panel on my VPS

It produced this output: I installed Let’s Encrypt’s extension for Plesk and everything was done right.

My web server is (include version): Nginx

The operating system my web server runs on is (include version): CentOS 6.9

My hosting provider, if applicable, is: Plesk Panel hosted on my VPS

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk Panel - Latest Version.

Also the site is hosted through Cloudflare’s DNS, maybe Cloudflare is causing a problem?

rg305 · August 21, 2017, 12:00am

Yes.
The user connects to CloudFlare.
CloudFlare connects to your server.
Any cert on your server would only be seen by CloudFlare.

But CloudFlare is hosting your site via HTTP & HTTPS (SSL Labs test results)

So exactly what "doesn't seem to work"?

[EDIT]
Maybe the problem is that CloudFlare HTTPS is using only one cert and it is not supported by your browser???:
Certificate #1: EC 256 bits (SHA256withECDSA)

Patches · August 21, 2017, 12:06am

CloudFlare DNS isn't a problem, but you appear to be also using the CloudFlare CDN, which is.

When you have the orange cloud enabled for a domain in CloudFlare control panel, they run an intermediary server between your origin server and the Internet that caches content and serves as a web application firewall. This obscures your origin server so the Let's Encrypt certificate you installed will not appear.

You could turn off the orange cloud in CloudFlare, in which case they would not provide these services for you, but your original server would appear with your Let's Encrypt certificate.

Or, you could enable SSL in the CloudFlare control panel, and they'll provide a certificate for you. You still need a certificate to secure the connection between CloudFlare and your server. CloudFlare provides their Origin CA for this purpose. But, if you enabled Let's Encrypt successfully with no errors in the Plesk control panel you should be able to enable "Full SSL" with no problems as is. This will use your Let's Encrypt certificate to secure the connection between your origin and CloudFlare and a CloudFlare certificate between them and the Internet.

EDIT: @rg305 points out you already have SSL enabled in CloudFlare. If it is set to "Full", your Let's Encrypt certificate (or perhaps some other one) is working. (If it is not set to Full, your connections between your origin server and CloudFlare may not be secure.)

If you were just trying to force https for all your visitors, you can do that with a page rule:

https://support.cloudflare.com/hc/en-us/articles/200170536-How-do-I-redirect-all-visitors-to-HTTPS-SSL-

system · September 20, 2017, 12:06am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.