This article is a continuance of the article How To Fix Nginx Redirect To Wrong Website Error When There Are Multiple WebSites. In this article, we will tell you how to enable HTTPS to domain test-1.com
which use CloudFlare’s CDN service to the domain.
1. Enable HTTPS To Domain Which Uses Cloudflare CDN Service Steps.
We will use the BT website panel to manage websites in this example. If you are not familiar with it, you can read the article How To Install BT VPS Control Panel And Restore WordPress Website Into It
- First login to BT panel, select 网站 (websites) in the left panel.
- Then click the website name (
test-1.com
) in the right panel websites list. - Click SSL in the popup window left menu list.
- Click the Let’s Encrypt tab in the right panel.
- Check the checkbox before the website domain.
- Click 申请 ( Apply ) button to apply for the SSL certificate.
- The domain
test-1.com
use Cloudflare CDN service, then you will find the above apply process failed. - This is because during apply Let’s Encrypt CA process, it will connect files to URL
http://test-1.com/.well-known/acme-challenge/
to verify the ownership of the domain website. - But Cloudflare will change all
http://
protocol request tohttps://
protocol request, thenhttp://test-1.com/.well-known/acme-challenge/
will be changed tohttps://test-1.com/.well-known/acme-challenge/
. - And domain
test-1.com
has not enabled the HTTPS feature, butiphone-how-to.com
has enabled HTTPS, then the request tohttps://test-1.com/.well-known/acme-challenge/
will be routed tohttps://www.iphone-how-to.com
to process, which is not correct. You can learn this in the article How To Fix Nginx Redirect To Wrong Website Error When There Are Multiple WebSites. - Then Let’s Encrypt CA center can not verify the ownership of the domain, then the apply SSL certificate process failed.
2. How To Fix The Apply SSL Failed Error.
- To fix this issue is very easy, you just need to turn off Always Use HTTPS in Cloudflare —> SSL/TLS —> Edge Certificates section.
- And you also need to change the SSL/TLS encryption mode to Off(not secure) by selecting the Off(not secure) radio button in Cloudflare —> SSL/TLS —> Overview section
- Now when Let’s Encrypt CA center connect to URL
http://test-1.com/.well-known/acme-challenge/
, Cloudflare will not change thehttp://
protocol tohttps://
protocol. - And Nginx server can find the request domain website
http://test-1.com
to process the request because it is not an HTTPS request which is not enabled for the domaintest-1.com
. - Now Let’s Encrypt CA center can verify the ownership of the requested domain, then you can enable HTTPS for
test-1.com
. - After that, you should go back to Cloudflare and turn on Always Use HTTPS in Cloudflare —> SSL/TLS —> Edge Certificates section.
- Because
test-1.com
domain website support HTTPS now, so you should select Full in CloudFlare —> SSL/TLS —> Overview—> Encryption Mode section.