XF 1.5 Cloudflare SSL issues

Amin Sabet

Well-known member
I just changed over all 6 of my XenForo forums to https. I am using the XenForo link proxy and the @digitalpoint image proxy.

I have a valid GeoTrust Rapid SSL certificate on my server for each one of the sites, and all showed the green lock in Chrome prior to setting up CloudFlare.

Yesterday I signed the sites up for CloudFlare (Pro) and within the CloudFlare settings chose Full SSL Strict for all six websites.

Three of my sites still show the reassuring green lock in Chrome:




The other three show the yellow triangle (This site uses a weak security configuration (SHA-1 signature) so your connection may not be private):




Would appreciate any help on getting these to work properly. Thanks!

Chris D

XenForo developer
Staff member
It's probably a question best asked to the certificate provider and/or CloudFlare to be honest.


The error is suggesting there is a certificate in the chain that is still using SHA-1 which is deprecated and unsupported in favour of SHA-2.