Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

Connection error with Cloudflare proxying

Scheduled Pinned Locked Moved Solved Support
cloudflare
13 Posts 3 Posters 990 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • girishG Offline
    girishG Offline
    girish Staff
    replied to guyds on last edited by
    #4

    @guyds If you have CF proxying enabled, then you will always see some Cloudflare UI. Something like below.

    5901341a-ba39-4848-a6fa-d81b8a935904-image.png

    In your case, the Secure Connection Failed, I think means something related to browser/HSTS or something. Can you try in another device/browser or clear the browser cache? In Firefox, it's a bit tricky to clear HSTS. Usually, what I do is open my "History" and then right click on the site and there is a "Forget about this site" option.

    G 1 Reply Last reply
    1
  • G Offline
    G Offline
    guyds
    replied to girish on last edited by
    #5

    @girish You're right, it seems to be related to Firefox.
    I tried on 4 different pc's, both regular and private mode, and always that same error. So it has nothing to do with caching but with Firefox in general 🤔
    When I use chrome or another chrome based browser it works fine.

    girishG 1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    replied to guyds on last edited by
    #6

    @guyds oh maybe https://appuals.com/how-to-fix-ssl_error_no_cypher_overlap/

    G 1 Reply Last reply
    0
  • G Offline
    G Offline
    guyds
    replied to girish on last edited by
    #7

    @girish thanks for that link.
    However, in the meantime I'm experiencing the same issue with the chrome based browsers.

    So to summarize:
    When I use a regular domain there are no issues.
    When I switch to a subdomain, the Cloudron isn't accessible anymore on Firefox, but on chrome based browsers it works.
    After 10 or 15 mins however, I'm getting a similar error on the Chrome based browsers.
    When I turn of the CF proxy for the subdomain, it also works fine in any browser.

    So there definitely seems to be an issue with proxying a sub-sub-domain (my.sub.domain.tld) through CF.

    girishG 1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    replied to guyds on last edited by
    #8

    @guyds You can check curl https://my.sub.domain.tld with CF proxying turned on. If that doesn't work (gives some TLS/TLS warnings), you can simply open a ticket with Cloudflare.

    G 1 Reply Last reply
    0
  • G Offline
    G Offline
    guyds
    replied to girish on last edited by
    #9

    @girish That doesn't work either:

    curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
    

    So I'll open a ticket with CF.

    Thanks for following up on this issue!

    1 Reply Last reply
    0
  • G Offline
    G Offline
    guyds
    wrote on last edited by
    #10

    Ok, so I was correct when I said I seemed to remember there are some limitations with CF proxy and subdomains in the free plan.
    When trying to open a ticket with CF regarding this issue I was pointed to the following link on their community:
    https://community.cloudflare.com/t/subdomain-too-deep/81872

    The certificates available with the free account (universal certificates) cover only one level of subdomains so my.domain.tld is covered, but my.sub.domain.tld isn't.

    girishG 1 Reply Last reply
    3
  • girishG Offline
    girishG Offline
    girish Staff
    replied to guyds on last edited by
    #11

    @guyds Ah, good to know. Did not know this limitation!

    humptydumptyH 1 Reply Last reply
    0
  • humptydumptyH Offline
    humptydumptyH Offline
    humptydumpty
    replied to girish on last edited by
    #12

    @girish I just ran into this issue and I'm glad I found this thread. Can you please add the limitation as a note to the docs. TIA! https://docs.cloudron.io/domains/#cloudflare-dns

    girishG 1 Reply Last reply
    1
  • girishG Offline
    girishG Offline
    girish Staff
    replied to humptydumpty on last edited by
    #13

    @humptydumpty done

    1 Reply Last reply
    1

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.