Author Topic: Cloudflare SSL  (Read 852 times)

0 Members and 1 Guest are viewing this topic.

Offline tigerbait

  • Member
  • *
  • Posts: 40
    • Ellerbe Weather
Cloudflare SSL
« on: February 21, 2023, 04:56:57 PM »
I just added a Cloudflare free SSL certificate to my website.  My host is Godaddy. The website has a secure lock now.  Now my WD clientraw will not upload.
Keeps aborting connection.  https://www.sporttiger.com/. I did have to change the DNS to point to Cloudflare
Thank you in advance
« Last Edit: February 21, 2023, 05:36:44 PM by saratogaWX »
https://www.sporttiger.com
Davis VP2 Weather Display
Saratoga scripts

Offline saratogaWX

  • Administrator
  • Forecaster
  • *****
  • Posts: 9244
  • Saratoga, CA, USA Weather - free PHP scripts
    • Saratoga-Weather.org
Re: Cloudflare SSL
« Reply #1 on: February 21, 2023, 05:39:04 PM »
Yes, your https://www.sporttiger.com/wxstatus.php page shows neither clientraw.txt nor testtags.php have been uploaded for a while.

You may have to change how you upload to your site.. it may require SFTP instead of FTP.  Look at the Weather-Display ftp log (View, FTP Log) to see the reason why it's not connecting/updating.
Ken True/Saratoga, CA, USA main site: saratoga-weather.org
Davis VP1+ FARS, Blitzortung RED, GRLevel3, WD, WL, VWS, Cumulus, Meteobridge
Free weather PHP scripts/website templates - update notifications on Twitter saratogaWXPHP

Offline tigerbait

  • Member
  • *
  • Posts: 40
    • Ellerbe Weather
Re: Cloudflare SSL
« Reply #2 on: February 21, 2023, 05:56:49 PM »
*******list of files uploaded********

*******actual messages from upload session********
***Start Time/date***:4:55:08 PM 2/21/2023
laz001.txt
Permanent connection selected
Permanent connection, will do ftp now
Finshed email agenda
Finshed email agenda, and more Internet agenda items to do....
Weather Display FTP/Internet vers 9.29
***Time/date***:4:55:10 PM 2/21/2023
Logging onto FTP server....sporttiger.com
Connecting to FTP server at 172.67.152.24:21.
[10060] Connection timed out
Failed to connect: [10060] Connection timed out
FTP error occured
FTP error, looking for next agenda item
Checking for next FTP agenda....
there are 1 more things to do
Doing ftp upload
All Agenda complete, doing FTP log off....
FTP logoff
143: Busy performing current action.
Doing abort procedure/program close...
https://www.sporttiger.com
Davis VP2 Weather Display
Saratoga scripts

Offline Vasco

  • Forecaster
  • *****
  • Posts: 324
    • PWS
Re: Cloudflare SSL
« Reply #3 on: February 21, 2023, 06:17:22 PM »
You may have to change how you upload to your site.. it may require SFTP instead of FTP

There is a setting for 'use SFTP' on the clientraw Real Time FTP upload page, but I have no idea about testtags. . .
Oregon Scientific WMR200 + Weather Display in Windows 10

Offline saratogaWX

  • Administrator
  • Forecaster
  • *****
  • Posts: 9244
  • Saratoga, CA, USA Weather - free PHP scripts
    • Saratoga-Weather.org
Re: Cloudflare SSL
« Reply #4 on: February 21, 2023, 07:36:20 PM »
I think it's worse than that.  It appears that by using Cloudflare free SSL cert, what happened is that sporttiger.com DNS now points to their IP space (likely to a HTTPS->HTTP relay to send requests back to your original IP address on a shared server.
They aren't sending back FTP (port 21) requests however.

You may need to change Weather-Display to use the IP address of your webserver at GoDaddy instead of 'sporttiger.com'.
Try changing the host for FTP to 23.229.227.199 (which was your IP address according to https://securitytrails.com/) and the address of your cpanel.
Ken True/Saratoga, CA, USA main site: saratoga-weather.org
Davis VP1+ FARS, Blitzortung RED, GRLevel3, WD, WL, VWS, Cumulus, Meteobridge
Free weather PHP scripts/website templates - update notifications on Twitter saratogaWXPHP

Offline tigerbait

  • Member
  • *
  • Posts: 40
    • Ellerbe Weather
Re: Cloudflare SSL
« Reply #5 on: February 21, 2023, 10:08:06 PM »
I've tried just about everything.  Removing Cloudflare name servers to get back to unsecured site.  Will look further into SSL over the weekend.
Thanks for all the help
https://www.sporttiger.com
Davis VP2 Weather Display
Saratoga scripts

Offline hcorrin

  • Contributor
  • ***
  • Posts: 126
    • Ballaugh Weather
Re: Cloudflare SSL
« Reply #6 on: February 22, 2023, 04:29:45 AM »
I have a shared sever on my host and it has a different ip address to the ftp server so need to find the ip address from godaddy for the ftp to put in WD and any ftp program you use

Offline 92merc

  • BismarckWeather.net
  • Forecaster
  • *****
  • Posts: 1307
  • BismarckWeather.net
    • BismarckWeather.net
Re: Cloudflare SSL
« Reply #7 on: February 22, 2023, 09:02:47 AM »
I'm using Let's Encrypt Certs with GoDaddy.  Here's the short story, but not so short.

I found a free program called Certify the Web.  It's a Windows software you install.  You go through the wizard for your site.  I use certs for other uses, so I added in both bismarckweather.net and *.bismarckweather.net to the wizard so I get a global cert to use on some home equipment.

There is one part in the program where you select how CTW updates DNS.  GoDaddy has an API.  If you Google the Google API, you get your own unique key that you put in the CTW program.  Then at the end you can test it and get a cert.

The last part is a bit more tricky.  The cert you get is not compatible with GoDaddy.  I have to install OpenSSL and run 2 commands to create 2 files.  You can then upload the 2 files to GoDaddy.

I did make a video on the last part of uploading to GoDaddy.  But the very first part I show in the video is no longer supported.  Which is why I went looking for CTW program.  I create a new cert every 60 days.

https://www.youtube.com/watch?v=YFqPiGUWHbY
https://www.BismarckWeather.net
Davis VP2, Cumulus, WeatherDisplay, Blitzortung, Saratoga Scripts, NOAA Stream via PI

Offline tigerbait

  • Member
  • *
  • Posts: 40
    • Ellerbe Weather
Re: Cloudflare SSL
« Reply #8 on: February 22, 2023, 09:34:57 AM »
Thanks for the info.  I will check it out.
https://www.sporttiger.com
Davis VP2 Weather Display
Saratoga scripts

Offline 92merc

  • BismarckWeather.net
  • Forecaster
  • *****
  • Posts: 1307
  • BismarckWeather.net
    • BismarckWeather.net
Re: Cloudflare SSL
« Reply #9 on: February 22, 2023, 10:56:50 AM »
This video comes pretty close to the tasks needed.

https://www.youtube.com/watch?v=jbGFY5PHXTE

In the section where she has "Update DNS Manually", you can get and use the GoDaddy API method if you can get your key.  That works much better.  Then you can skip the whole part where she tests the DNS entries.  Once you have the API configured, it takes a couple of minutes to complete, but it just works.

When she comes to the part about entering in the certificate info, you can do it manually like her.  Or there is a part where you can install each key manually by uploading them.  That's how my video shows it.  But either will do.

You can also skip the last two sections where she installs/configures WordPress and subdomains.  Those aren't really needed for just certificates.

One thing I did learn from this is it looks like CTW can do the conversion of PFX file into the 2 files I would need.  I'll have to test that this weekend.
https://www.BismarckWeather.net
Davis VP2, Cumulus, WeatherDisplay, Blitzortung, Saratoga Scripts, NOAA Stream via PI

Offline tigerbait

  • Member
  • *
  • Posts: 40
    • Ellerbe Weather
Re: Cloudflare SSL
« Reply #10 on: February 23, 2023, 02:59:55 PM »
Thanks for the information.  I’ll wait for your report on the PFX conversion
https://www.sporttiger.com
Davis VP2 Weather Display
Saratoga scripts