This article is a continuance of article How To Fix Nginx Redirect To Wrong Website Error When There Are Multiple WebSites. In this article, we will tell you how to enable https to domain test-1.com
which use CloudFlare’s CDN service to the domain.
1. Enable HTTPS To Domain Which Use CloudFlare CDN Service Steps.
We will use BT website panel to manage websites in this example. If you are not familiar with it, you can read article How To Install BT VPS Control Panel And Restore WordPress Website Into It
- First login to BT panel, select 网站 (websites) in left panel.
- Then click the website name (
test-1.com
) in right panel websites list. - Click SSL in popup window left menu list.
- Click Let’s Encrypt tab in right panel.
- Check the checkbox before website domain.
- Click 申请 ( Apply ) button to apply the SSL certificate.
- The domain
test-1.com
use CloudFlare CDN service, then you will find above apply process fail. - This is because during apply Let’s Encrypt CA process, it will connect files to url
http://test-1.com/.well-known/acme-challenge/
to verify the ownership of the domain website. - But CloudFlare will change all
http://
protocol request tohttps://
protocol request, thenhttp://test-1.com/.well-known/acme-challenge/
will be changed tohttps://test-1.com/.well-known/acme-challenge/
- And domain
test-1.com
has not enable https, butiphone-how-to.com
has enabled https, then the request tohttps://test-1.com/.well-known/acme-challenge/
will be routed tohttps://www.iphone-how-to.com
to process, which is not correct. You can learn this in article How To Fix Nginx Redirect To Wrong Website Error When There Are Multiple WebSites. - Then Let’s Encrypt CA center can not verify the ownership of the domain, then the apply https process failed.
- To fix this issue is very easy, you just need to turn off Always Use HTTPS in CloudFlare —> SSL/TLS —> Edge Certificates section.
- Now when Let’s Encrypt CA center connect to url
http://test-1.com/.well-known/acme-challenge/
, CloudFlare will not change thehttp://
protocol tohttps://
protocol. - And Nginx server can find the request domain website
http://test-1.com
to process the request because it is not a https request which is not enabled for domaintest-1.com
. - Now Let’s Encrypt center can verify the ownership of the request domain, then you can enable https for
test-1.com
. - After that, you should go back to CloudFlare and turn on Always Use HTTPS in CloudFlare —> SSL/TLS —> Edge Certificates section.
- Because
test-1.com
domain website support https now, so you should select Full in CloudFlare —> SSL/TLS —> Overview—> Encryption Mode section like below picture.