Cloudflare gives error on bound certificate (SSL handshake failed)

Added a new domain with subdomains to my server. Used Certifiy to request and bind the certificate (worked fine). but it can’t get to my site (see message above). any suggestions?

Hi Mark,

I would suggest that your current certificate for either doesn’t have a matching name, or the server is presenting the wrong certificate, or the cert has expired. I can’t really tell without connecting to the real website via the IP address.

I’d suggest relaxing cloudflares SSL settings to allow invalid origin certs, that their “Full” options instead of “Full (strict)” but you also have to find out the real reason your server cert is not being trusted. You can use openssl to verify your servers TLS response.

Really though the best option to jump on your actual server and figure out why does not have a valid certificate. There are several possible reasons.

ok - this was weird - I deleted the site in IIS, removed the certificates from Certify and added them all again. then it worked.
Full-Strict is enabled on CloudFlare…
Thank you for the response!!!

Hmm, thanks Mark - it would have been good to get to the bottom of that but glad it’s working.

You don’t usually need to delete IIS sites and at the most deleting the managed certificate in the app should be enough to start again. Even clicking Request Certificate again (to force a certificate renewal) would be enough to test if there was a problem with the certificate.