CD
Cloudflare Developers•10mo ago
wiz on trap

SSL_ERROR_NO_CYPHER_OVERLAP

Root domain, not on a subdoain, bayon.et seems to return this error (https). I've made sure its cloudflare, webserver is fine, VPS is fine, its definitly cloudflare causing this problem. On Edge Certificates, "Status Timed Out Validations (TXT)" SSL is on FULL as I am using my own cert on my VPS (done with certbot)
No description
12 Replies
Chaika
Chaika•10mo ago
Your domain is pointing at norah.ns.cloudflare.com and duke.ns.cloudflare.com, but they're both responding saying they are not authoritive/setup for your domain. So Cloudflare can't issue the ssl cert because it doesn't have control over the dns Under DNS -> Records, if you scroll down to Cloudflare Nameservers, it should tell you the ones it wants you to use CF recently changed it so if you try to preset your account's default/preferred nameservers at your registrar before adding the domain to Cloudflare, Cloudflare will pick two different ones to protect against domain hijacking. Perhaps what you hit
SSL is on FULL as I am using my own cert on my VPS (done with certbot)
Also don't use Full, it's insecure. Anyone could MITM the connection and serve any certificate and it would accept it. Under SSL/TLS -> Origin Server you can get an Origin Certficate, issued by Cloudflare which lasts up to 15 years and works with Full (Strict) Once you correct the nameservers issue you'll want to disable universal ssl for ~5 minutes and re-enable so it tries again
wiz on trap
wiz on trapOP•10mo ago
Yeah i ended up just removing it from cloudflare and then putting it back on cloudflare to reobtain the certs, weird that even after trying the 5 min disable/enable it didnt fix it
wiz on lick
wiz on lick•10mo ago
@Chaika still having the same issue. new discord account btw*
wiz on lick
wiz on lick•10mo ago
No description
wiz on lick
wiz on lick•10mo ago
@Community Champion
Erwin
Erwin•10mo ago
Pleasn
wiz on lick
wiz on lick•10mo ago
also why is there no easy way to actually contact cloudflare support? seems i just get stuck with being sent to their community forum and their AI
Unsmart
Unsmart•10mo ago
?pings
Flare
Flare•10mo ago
Please do not ping community members for non-moderation reasons. Doing so will not solve your issue faster and will make people less likely to want to help you.
wiz on lick
wiz on lick•10mo ago
oj
Erwin
Erwin•10mo ago
Hehe.. what @Unsmart | Tech debt said 🙂
wiz on lick
wiz on lick•10mo ago
well idk how else to get any responce, im kinda down a very expensive domain and im on the clock yano times tickin the rizzard needs help gang
Want results from more Discord servers?
Add your server