Learn about Centmin Mod LEMP Stack today
Become a Member

CDN Cloudflare Cloudflare Flexible SSL, Nginx & XenForo

Discussion in 'Domains, DNS, Email & SSL Certificates' started by BamaStangGuy, Oct 1, 2014.

  1. BamaStangGuy

    BamaStangGuy Active Member

    608
    179
    43
    May 25, 2014
    Ratings:
    +244
    Local Time:
    5:57 PM
    I am getting a redirect loop as well.

    Code:
    server {
        server_name yabucket.com www.yabucket.com;
    return 301 https://www.yabucket.com$request_uri;
    }
    
    server {
    listen 443 ssl spdy;
      server_name www.yabucket.com;

     
  2. BamaStangGuy

    BamaStangGuy Active Member

    608
    179
    43
    May 25, 2014
    Ratings:
    +244
    Local Time:
    5:57 PM
    Can someone post their domains .conf file for nginx using the Flexible SSL where you are forcing SSL?
     
  3. eva2000

    eva2000 Administrator Staff Member

    42,354
    9,562
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,735
    Local Time:
    9:57 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    hmm wonder if Cloudflare tech support were correct then from SSL - Cloudflare Flexible SSL, Nginx & XenForo | Centmin Mod Community You'd want to contact Cloudflare tech support and ask specifically what is Nginx equivalent for How do I redirect HTTPS traffic with Flexible SSL and Apache? – CloudFlare Support

    My test Cloudflare flexible SSL is still in SSL expired state and the other domain I did not request flexible SSL is activated but it's on a Apache + WHM/Cpanel server with working https redirect
     
  4. BamaStangGuy

    BamaStangGuy Active Member

    608
    179
    43
    May 25, 2014
    Ratings:
    +244
    Local Time:
    5:57 PM
    I opened a ticket with them and will report back here
     
  5. eva2000

    eva2000 Administrator Staff Member

    42,354
    9,562
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,735
    Local Time:
    9:57 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    yeah i opened a follow up ticket with Cloudflare pointing to this thread too

    here's the exact reply I had previously.. just in case I read it incorrectly

    note, page rules method they mention is only available to paid pro and higher plan users not free plan Cloudflare users.
    so maybe try
    Code:
    server {
        server_name yabucket.com www.yabucket.com;
    return 301 $scheme://www.yabucket.com$request_uri;
    }
    
    server {
    listen 443 ssl spdy;
      server_name www.yabucket.com;
    but that would allow both http and https not redirect to https
     
    Last edited: Oct 9, 2014
  6. Razib Hasan

    Razib Hasan Member

    34
    13
    8
    May 31, 2014
    Dhaka, Bangladesh
    Ratings:
    +13
    Local Time:
    5:57 AM
    1.7.6
    5.10
    I have tried a few configuration with Cloudflare's flexible SSL but none seems working fine for me :(. I am testing flexible SSL (not forced) on Test Page for the Centmin Mod Nginx HTTP Server

    Config #1: current-config - Pastebin.com
    CSS and JS doesn't load when trying Reflection design studio | ... we bring ideas to life
    but, without https it works fine.

    Config #2: centmin-default-page - Pastebin.com
    This config takes to centminmod's default page instead of actual website.

    Config #3: redirect-loop - Pastebin.com
    This config gives redirect loop error.
     
    • Like Like x 1
  7. eva2000

    eva2000 Administrator Staff Member

    42,354
    9,562
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,735
    Local Time:
    9:57 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    thanks for sharing @Razib Hasan

    here's hoping Cloudflare support comes back to us with a working setup.
     
    • Like Like x 1
  8. BamaStangGuy

    BamaStangGuy Active Member

    608
    179
    43
    May 25, 2014
    Ratings:
    +244
    Local Time:
    5:57 PM
    This is the reply I got back

     
  9. rdan

    rdan Well-Known Member

    4,740
    1,144
    113
    May 25, 2014
    Ratings:
    +1,711
    Local Time:
    7:57 AM
    Mainline
    10.2
    CloudFlare’s Flexible SSL Without Infinite Redirect Loops

    Within CloudFlare go to the Page Rules section for your domain and enter a rule just as shown in the screenshot below:
    The rule should be: *your-domain.com*
    Always Use HTTPS – On

    [​IMG]

    And that is it.
    Once this is saved, after a few minutes, CloudFlare will start forcing all traffic over SSL.
     
    • Like Like x 2
  10. eva2000

    eva2000 Administrator Staff Member

    42,354
    9,562
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,735
    Local Time:
    9:57 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    haha that easy.. shame my domain is in 10+ days and still not activated :LOL::rolleyes:
     
  11. rdan

    rdan Well-Known Member

    4,740
    1,144
    113
    May 25, 2014
    Ratings:
    +1,711
    Local Time:
    7:57 AM
    Mainline
    10.2
    Try to cancel it, then enable back flexible ssl or full ssl.
    All my domains are enabled already.
     
  12. BamaStangGuy

    BamaStangGuy Active Member

    608
    179
    43
    May 25, 2014
    Ratings:
    +244
    Local Time:
    5:57 PM
    Even with that redirect @RoldanLT SSL is not working correctly. Even with changing the URL to https in Board settings, it still tries to load all css and javascript over http.
     
  13. rdan

    rdan Well-Known Member

    4,740
    1,144
    113
    May 25, 2014
    Ratings:
    +1,711
    Local Time:
    7:57 AM
    Mainline
    10.2
    Purge cache on cloudflare settings?
     
  14. BamaStangGuy

    BamaStangGuy Active Member

    608
    179
    43
    May 25, 2014
    Ratings:
    +244
    Local Time:
    5:57 PM
  15. eva2000

    eva2000 Administrator Staff Member

    42,354
    9,562
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,735
    Local Time:
    9:57 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    I gave up for now, still nearly 13 days and my SSL is still expired status. Cloudflare support says they have engineers investigating and will get back to me eventually heh.
     
  16. Razib Hasan

    Razib Hasan Member

    34
    13
    8
    May 31, 2014
    Dhaka, Bangladesh
    Ratings:
    +13
    Local Time:
    5:57 AM
    1.7.6
    5.10
    I had similar problem with a domain. I checked yesterday and saw the SSL is active now :)
     
  17. eva2000

    eva2000 Administrator Staff Member

    42,354
    9,562
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,735
    Local Time:
    9:57 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    well just checked, went out of SSL Expired back to SSL authorizing so guess that's progress :D
     
  18. rdan

    rdan Well-Known Member

    4,740
    1,144
    113
    May 25, 2014
    Ratings:
    +1,711
    Local Time:
    7:57 AM
    Mainline
    10.2
    @BamaStangGuy Are you using Pro plan now?
    How many hours or days for the Full SSL become active?
    Mine is more than 24 hours now still not yet active.
     
  19. BamaStangGuy

    BamaStangGuy Active Member

    608
    179
    43
    May 25, 2014
    Ratings:
    +244
    Local Time:
    5:57 PM
    Pro. Took mine about an hour.
     
  20. rdan

    rdan Well-Known Member

    4,740
    1,144
    113
    May 25, 2014
    Ratings:
    +1,711
    Local Time:
    7:57 AM
    Mainline
    10.2
    What :(
    Mine already 30 hours now.