0

I have an Azure virtual machine running IIS. The DNS goes through Cloudflare and I have turned SSL on there. However, when I visit https://www.reainvite.com.au I get "This site can’t be reachedwww.reainvite.com.au took too long to respond."

Below is a video covering all my setup

https://youtu.be/vi7ksa7Y8Qc

Can anyone let me know what to do?

Petras
  • 249
  • 1
  • 4
  • 13

1 Answers1

1

You are selecting Full End-to-End encryption for your Cloudflare setup.

This means Cloudflare is expecting to connect to an encrypted server, and proxy that connection to the end user. This means your back-end server, the IIS VM, needs a certificate installed, and needs to be bound to 443.

If you do not want to, or cannot, install the cert on your VM, you cannot use Full end-to-end encryption, and will need to select Flexible e2e.

This Cloudflare help article provides an overview of how E2E encryption works, and what is required to get things working.

RobbieCrash
  • 1,181
  • 9
  • 26
  • Thanks that has helped my understanding but not quite fixed it. See 1-minute video on the current states of system https://youtu.be/l9777nCIVUc – Petras Oct 10 '20 at 01:59
  • Are you able to browse the site over http if you connect to the VM's public IP? – RobbieCrash Oct 10 '20 at 07:54
  • You can see the site via IP here http://52.253.89.211/ But the https https://52.253.89.211/ still times out – Petras Oct 12 '20 at 01:45
  • That's ok, https to that address should fail. When I do a DNS lookup, your website is pointed to that IP address, not to Cloudflare. Do you have the Cloudflare proxy disabled, or set to DNS Only for the main address? – RobbieCrash Oct 12 '20 at 05:26
  • I have changed the CloudFlare setting to A records to Proxied:- A reainvite.com.au 52.253.89.211 Auto Proxied A www 52.253.89.211 Auto Proxied Still no luck – Petras Oct 13 '20 at 01:10
  • Looks like you've figured it out between your last post and now. I'm able to connect to the site over https. Can you clarify what you had to do to get things working? – RobbieCrash Oct 14 '20 at 02:08
  • 1
    You are right, but I only found this out when I checked after reading your answer. It wasn't working when I performed the last action. Perhaps the DNS takes time to update. Anyway, steps were the Flexible option in CloudFlare SSL and proxied in DNS at CloudFlare. Thanks for your awesome help. – Petras Oct 15 '20 at 03:09
  • Happy to help! Thanks for clarifying what you had to do. You may want to look at restricting inbound http traffic to your VM, so that only Cloudflare can connect directly to your server. Cloudflare's IP addresses are listed here: https://www.cloudflare.com/ips/ – RobbieCrash Oct 16 '20 at 11:39