Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
You might for other domain names but am.arts-et-metiers.asso.fr is not proxied in Cloudflare. The A record points directly to your origin server (it looks like). If proxied in Cloudflare these records point to Cloudflare's CDN Edge
I proxified the DNS record in cloudflare.
Please help me understand.
I didn' install certbot on my server. I didn't install any lets encrypt certificates. But y websites are secured using SSL certifications from Cloudflare.
So I don't want to touch it anymore but I'd like to understand and make sure no erros will arise at some point. We used to use lets encrypt. I didn't understand how proxified the A record solved the issue.
You should visit the Cloudflare docs and community forums for the Cloudflare instruction.
One important thing to know is when you proxy your DNS in Cloudflare you are now using its CDN. With any CDN there are two connections between the client (for example a browser) and your Origin Server.
There is an HTTPS connection between the browser and the CDN Edge. The CDN gets and uses a cert for this. Cloudflare uses Let's Encrypt as one of its cert providers. You are not involved in getting or renewing this cert, Cloudflare does this.
There is also a connection between the CDN Edge and your Origin Server. This should also be HTTPS and needs a cert in your Origin Server for this. Cloudflare even offers something called an Origin CA Cert for this purpose. It has some limitations but for simple cases works very well.
Again, though, the Cloudflare docs and community are best place to learn about it.
Because my webiste were accessible but the payments made on them were not going through, because I had to proxified my cloudflare dns record to use the cloudflare ssl certificates.
What I did for now is, download certbot and generate my SSL certificates. Uninstall certbot and remove the proxy on cloudflare. My website are now my Let's encrypt SSL from the origin server and the payments are working.
But I'd like not to have to remove certbot.
Can you please help? I'm wondering if it's not due to the fact that I upgraded my OS from Debian 9 to Debian 11, and that it wasn't a native Debian 11. Maybe there's a glitch there with certbot.
If I leave certbot on my server, my website is in an infinite loop. And not accessible. I tried removing all rules to redirect HTTP to HTTPS from my vhost conf files and from cloudflare but it still doesn't work.
I'd like to be able to install and leave certbot installed. So if you have any idea I'd take it.
Certbot is just a program. It can't affect how your server behaves. It gets a cert and can renew certs. That's all.
But, if I guess what you really mean is that if you have a cert in your Apache Origin Server you get a redirect loop when you re-proxy your domain in Cloudflare. In that case you need to review your Cloudflare SSL Settings. Or, just never proxy your domain.
Off-hand I don't remember which setting often causes trouble. But, you could find out pretty quick on the Cloudlfare community forum. Someone else here may remember but than I can right now.
I know it's crazy, and I don't understand either. But I can assure you that the install of certbot itself makes the website crash. Whatever and however the rest is configured.
I have worked with an experienced admin this morning who lost it too, because of that.
Simply put, as soon as I install certbot, my websites crash.