SSL not working on .www (no certbot)

I have created an ssl cert that apparently doesn’t work with .www. I do not have a certbot. What should I do? (I am sure the cert was also created for .www)

My domain is: dksdroner.ga

The operating system my web server runs on is (include version): Monster FTP (Unknown version)

My hosting provider, if applicable, is: infinityfree.net

I can login to a root shell on my machine (yes or no, or I don’t know): no

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): yes - vistapanel

Hi @SUBLOLLIPOP

checking your domain there is a curious result ( https://check-your-website.server-daten.de/?q=dksdroner.ga ):

You have a lot of ip addresses

Host T IP-Address is auth. ∑ Queries ∑ Timeout
dksdroner.ga A 104.28.16.80 yes 1 0
A 104.28.17.80 yes 1 0
AAAA 2606:4700:30::681c:1050 yes
AAAA 2606:4700:30::681c:1150 yes
www.dksdroner.ga A 104.28.16.80 yes 1 0
A 104.28.17.80 yes 1 0
AAAA 2606:4700:30::681c:1050 yes
AAAA 2606:4700:30::681c:1150 yes

looks like you use Cloudflare.

Checking the (too long) list of urls (non-www, www, http, https) your http version works. Your https version has always the same error:

SecureChannelFailure - The request was aborted: Could not create SSL/TLS secure channel.

Same checking with FireFox:

SSL_ERROR_NO_CYPHER_OVERLAP

Looks like there are some missing definitions.

Check your vistapanel how to configure SSL.

What's the original ip address of your server?

If they're using Cloudflare, then Cloudflare is the TLS endpoint, so I'd think it would be the more likely source of SSL_* errors...

This might help:

https://community.cloudflare.com/t/community-tip-fixing-ssl-error-no-cypher-overlap-in-mozilla/42323

1 Like

Thank you so much! I tried the step in the guide telling me to greycloud everything, and it worked!
:grinning::grinning:

1 Like

Yes!

But how it's possible that a Cloudflare customer server produces such a result? If the SSL of the customer server is broken, Cloudflare sends a typical error message and shows a SSL page with a http status 523 - Bad Gateway.

Right... but as we can now see, the Let's Encrypt cert on the origin server is working fine. So the problem is/was on Cloudflare's side.

My understanding is that this is how they respond when they should have a valid cert for the domain, but don't. Whether because of an issuance delay or a propagation delay or whatever, I don't know.

@SUBLOLLIPOP, in case you don't know, grey clouding everything disables Cloudflare's CDN, so that you're only using their DNS service. If that's what you intended, then great, it's working now :grinning: However if you actually wanted to use the CDN you'll have to switch it back to orange cloud at some point. In that case you should proceed to try the remaining steps in that guide. If that doesn't help you'll probably have to ask Cloudflare for support.

1 Like

Ah, thanks. So disabling Cloudflare to create an own certificate is an option.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.