I'm encountering an SSL issue while trying to use Cloudflare. Despite successfully configuring SSL for another site, I'm now facing either an "ERR_SSL_VERSION_OR_CIPHER_MISMATCH" or "No required SSL certificate" error. Below is my Nginx configuration:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name www.domain.com domain.com;
return 302 https://$server_name$request_uri;
}
server {
server_name www.domain.com domain.com;
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/ssl/cert.pem;
ssl_certificate_key /etc/ssl/key.pem;
ssl_client_certificate /etc/ssl/cloudflare.crt;
ssl_verify_client on;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/hesamz3090/domain;
}
location /media/ {
root /home/hesamz3090/domain;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/domain.sock;
}
}
I've followed this tutorial to enable SSL with Cloudflare, and my SSL mode is set to "Full (strict)" with Universal SSL/TLS and Authenticated Origin Pulls activated.
However, when I check DNS proxy, it shows the error "This hostname is not covered by a certificate." Can you help me troubleshoot this issue?
Disabling the DNS proxy resulted in a "No required SSL certificate was sent" error. I attempted commenting out the lines:
ssl_client_certificate /etc/ssl/cloudflare.crt
ssl_verify_client on;
However, the issue persisted. As a workaround, I changed the SSL mode to "Full." This allowed the site to load, but it's marked as "Not Secure" with a warning on the page due to the SSL certificate not being fully recognized.