I just recently signed up for hosting. I initially built my site on the auto-assigned infinityfree subdomain (using wordpress). Then I purchased a domain and parked it as per instructions so requests are forwarded to the infinityfree subdomain. Everything appeared to work fine.
Next, I added my domain to cloudflare (changed infinityfree’s nameservers to cloudflare’s nameservers with my registrar as required). I didn’t run into any issues and checking my SSL, it appears to work fine. However, my site still shows as insecure. I’ve tried all suggestions for the past 2 days and still not making a headway. If I check the site on http, it works fine (but of course with the insecure page warning). If I try https, I get an “ERR_SSL_PROTOCOL_ERROR”.
I’ve checked SSL on my site using several different tools and it passed in every single case. If I use the Really Simple SSL plugin on Wordpress, it breaks the site. And I have to go in the database and reset the URLS.
CloudFlare is only for you custom domain. Free subdomain has no SSL installed.
Since WP is installed on free subdomain with no SSL, there is no way your custom domain (SSL enabled) can forward to free subdomain (non SSL).
Unless you migrate WP from free subdomain to your custom domain, you will need SSL for free subdomain as well
Really Simple SSL can’t install SSL Certificates on our platform for various reasons. You’ll need to manually install an SSL from Login to your account - InfinityFree (I recommend Self Signed issuer) and then install it with cPanel. After you do that, you can set your CloudFlare SSL settings to Full and then install Really Simple SSL. You can also use automatic http rewrites in CloudFlare.
Thanks. I did this and it seemed I made some progress - site shows up as secure but contents are all over the place. I then tried Really Simple SSL and everything went south. Can’t access the site. Message shows Cloudflare is fine but error is on the host’s side:
After generating, I clicked “Install”. Ensuing page shows it’s installed
Then I went to SSL section in cPanel (because site still wasn’t secured) and I clicked to "Generate Key/CSR) - not sure if this was necessary
Instructions I’m reading appear to suggest that the key/CSR combination needs to be sent to some ‘vendor’ who would then provide me a Certificate that I’d need to upload. Am I right? Is this necessary in my case? I feel like I’m bungling something.