Cant get my domain setup with cloudflares origin server ssl certificate
Lets summarize my problem:
1) My domains SSL is working fine with non proxied DNS records and Letsencrypt.
As soon as I proxy my DNS records, I get a ERR_SSL_VERSION_OR_CIPHER_MISMATCH warning in all the browsers I have tested.
2) My domains SSL is working fine with nonproxied and proxied DNS records and Cloudflare-Universal-SSL Certificate.
3) My domains SSL is not working with Cloudflare Origin Server Certificate and proxied DNS records. If the DNS records are not proxied, I can see, that the Origin Server Certificate gets loaded, but not trusted, which should be normal, as this only works with enabled proxy DNS.
As soon as I enable the DNS proxies, I get an instand ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
I can ping the domain and get the cloudflare IPv4 and IPv6 back, but websitecontent will not load at all, as the ERR_SSL_VERSION_OR_CIPHER_MISMATCH is present.
What I did is : I paused cloudflare a couple of times for more then 24h now, as this should solve this issue and is the only answer I got so far, but this doesn't fix it. SSL/TLS is of course set to Full (strict) as mentioned in the SSL documentation on Cloudflare.
Also to mention that my DNSSEC Authentication Chain is without any error!
My Origin Server Certificate is uploaded correctly to my webserver (Plesk), with PRIVATE KEY, the CERTIFICATE and the *-ca.crt (downloaded from cloudflare).
All traffic is redirected to HTTPS (via Plesk an Cloudflare). No edge certificates are active (universal SSL is off), as I want to use only Cloudflares Origin SSL.
DNS for my mail still runs over a non proxied DNS entry, which works flawless.
And I also would like to mention just for reference, that I am on Plesk Obsidian (latest version) with OpenSSL 3.0.15 3 Sep 2024 (Library: OpenSSL 3.0.15 3 Sep 2024).
I'd really appreciate some help with this, as I fumble with it for quite a while now. Thx in advance!
1) My domains SSL is working fine with non proxied DNS records and Letsencrypt.
As soon as I proxy my DNS records, I get a ERR_SSL_VERSION_OR_CIPHER_MISMATCH warning in all the browsers I have tested.
2) My domains SSL is working fine with nonproxied and proxied DNS records and Cloudflare-Universal-SSL Certificate.
3) My domains SSL is not working with Cloudflare Origin Server Certificate and proxied DNS records. If the DNS records are not proxied, I can see, that the Origin Server Certificate gets loaded, but not trusted, which should be normal, as this only works with enabled proxy DNS.
As soon as I enable the DNS proxies, I get an instand ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
I can ping the domain and get the cloudflare IPv4 and IPv6 back, but websitecontent will not load at all, as the ERR_SSL_VERSION_OR_CIPHER_MISMATCH is present.
What I did is : I paused cloudflare a couple of times for more then 24h now, as this should solve this issue and is the only answer I got so far, but this doesn't fix it. SSL/TLS is of course set to Full (strict) as mentioned in the SSL documentation on Cloudflare.
Also to mention that my DNSSEC Authentication Chain is without any error!
My Origin Server Certificate is uploaded correctly to my webserver (Plesk), with PRIVATE KEY, the CERTIFICATE and the *-ca.crt (downloaded from cloudflare).
All traffic is redirected to HTTPS (via Plesk an Cloudflare). No edge certificates are active (universal SSL is off), as I want to use only Cloudflares Origin SSL.
DNS for my mail still runs over a non proxied DNS entry, which works flawless.
And I also would like to mention just for reference, that I am on Plesk Obsidian (latest version) with OpenSSL 3.0.15 3 Sep 2024 (Library: OpenSSL 3.0.15 3 Sep 2024).
I'd really appreciate some help with this, as I fumble with it for quite a while now. Thx in advance!
Welcome to the official Cloudflare Developers server. Here you can ask for help and stay updated with the latest news
85,436Members
Resources
Was this page helpful?
