Website giving warnings with www

[Alvin63]

Suddenly, one of my forum websites won't load and is giving security warnings - this is in Firefox incognito mode (below). And all other browsers are similar. It will load if I use https only but not with https://www

Contacted server and they are talking about changing CNAME in dns records. But why is that needed - it's been perfectly ok for the past year or more so why does DNS need changing?

 

[Alvin63]

DNS is on Cloudflare - checked cname and it had a flag recommending to set it to proxied to avoid IP address being revealed. So I did that and it's made no difference. Is it possible it's some kind of attack? The site still loads with https only.

 

[Alvin63]

Sorted now. I guess the proxied cname took time to filter through. Still no idea why the warning said my SSL certificate had probably expired.

 

[Alvin63]

My SSL is with cloudflare apparently and Cloudflare is talking about using TLS instead? Anyone know if that's worth doing?

 

[Alvin63]

Ok I think I worked it out. Cloudflare only automatically renews SSL if the cname is proxied. It wasn't proxied so the SSL expired. It's proxied now.

 

[MySiteGuy]

Even though Cloudflare provides SSL, you should install a certificate on the server so there's full SSL between the server and Cloudflare. Cloudflare has certificates you can create in their interface for long spans of time (10+ years) that you download to place on your server.

 

[Alvin63]

Thanks. Server didn't mention that. They just said your SSL is with cloudflare.

 

[fly]

Even though Cloudflare provides SSL, you should install a certificate on the server so there's full SSL between the server and Cloudflare. Cloudflare has certificates you can create in their interface for long spans of time (10+ years) that you download to place on your server.

You can actually just use a self signed one, if you choose the Flexible SSL option on CloudFlare.