Unsafe Connection error using LetsEncrypt with CloudFlare


#1

I noticed today my website was reporting “Unsafe Connection” type error when visited using Chrome or Firefox. Error from Chrome is here:
http://tinypic.com/view.php?pic=20qe3ie&s=9 (domain shown as issued to in the pic is my site).

I have others sites with LetsEncrypt that are working fine, but this is my only one that is using both LetsEncrypt and CloudFlare together.

I’ve just disabled CloudFlare on my domain, and the Unsafe Connection error has gone away (well at least it has gone away on Chrome - it still reports an error on Firefox for now).

This used to be fine. I haven’t checked the site for a week or two so it’s happened recently. Wonder if anyone else experiencing this? Also, if anyone knows what the solution is? I was just using the free CloudFlare on the DH control panel, and the LetsEncrypt option on the DH control panel too - no special options. Thanks.


James


#2

Just to add, a problem still exists even after turning off CloudFlare - Chrome is still saying “Your connection is not secure… www.mysite.com uses an invalid security certificate. The certificate is only valid for mysite.com”.

That kind of suggests the sub-domain www is not permitted with the certificate. So to see if this fixes it, I’ve changed my DH domain setting to remove www. (previously it added www.)

But if that is the fix then what to do with CloudFlare which requires www turned on?


#3

I have pretty good luck with my SSL setup here and at Cloudflare. How’s your Cloudflare SSL set up? I have mine set to Full Strict. I also have Dreamhost remove WWW. Why do you say Cloudflare requires www?


#4

Hi! I just have the basic free Cloudflare subscription available from the DH control panel (not looked for options so not heard of Full Strict).

Yes, DH requires (or at least it did when I set Cloudflare up) that the domain is set to use www subdomain. Here’s a reference to one discussion about it:
https://discussion.dreamhost.com/thread-136317.html

Maybe things have changed since then but tbh I’m dropping CloudFlare. Too much hassle and no significant benefit for my site with lowish traffic.