Join the community today
Become a Member

Letsencrypt centmin.sh menu option 2 letsencrypt behind cloudflare

Discussion in 'Domains, DNS, Email & SSL Certificates' started by Kuro, Mar 30, 2019.

  1. Kuro

    Kuro Member

    82
    12
    8
    Feb 8, 2018
    Ratings:
    +19
    Local Time:
    6:37 AM
    1.15.10
    10.3
    Hi Eva so, what should i do? Disable Orange Cloud?
    HTML:
    Create a self-signed SSL certificate Nginx vhost? [y/n]: n
    Get Letsencrypt SSL certificate Nginx vhost? [y/n]: y
    
    ---------------------------------------------------------------
    To get Letsencrypt SSL certificate, you must already have updated intended
    domain vhost name's DNS A record to this server's IP addresss.
    If top level domain, DNS A record is needed also for www. version of domain
    otherwise, Letsencrypt domain name validation will fail.
    ---------------------------------------------------------------
    continue [y/n] ? y
    
    
    domain.com is a top level domain
    your server IP address: 103.105.48.xx (Real IP)
    current DNS A record IP address for domain.com is: 104.28.31.148 (IP Cloudflare)
    104.28.30.148
    
    !! Error: DNS A record IP doesn't match any found on this server
    
    Abort this Nginx vhost domain setup to setup updated DNS A record(s) first? [y/n]:
    
    upload_2019-3-30_16-33-24.png
    I disabled orange cloud and selected number 4: 4. issue live cert with HTTPS default (trusted)
    I wonder if it fits Cloudflare?
     
    Last edited: Mar 30, 2019
  2. eva2000

    eva2000 Administrator Staff Member

    45,970
    10,442
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,203
    Local Time:
    9:37 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    No need to disable orange cloud as centmin mod uses webroot authentication
     
  3. Kuro

    Kuro Member

    82
    12
    8
    Feb 8, 2018
    Ratings:
    +19
    Local Time:
    6:37 AM
    1.15.10
    10.3
    So, do I need to install it again? (install an ECDSA 256bit Cloudflare Origin SSL certificate). I didn't use Letsencrypt before and install only the ECDSA 256bit Cloudflare Origin SSL certificate then switch SSL full (strict)
     
  4. eva2000

    eva2000 Administrator Staff Member

    45,970
    10,442
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,203
    Local Time:
    9:37 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    if you already used origin ssl cert and SSL full strict then you don't need to do it again unless you want to switch out origin ssl cert for your own letsencrypt ssl cert
     
  5. eva2000

    eva2000 Administrator Staff Member

    45,970
    10,442
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,203
    Local Time:
    9:37 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x