Aareksio
commented
2 years ago This is an issue with your nginx configuration, thus out of scope for this project.
I checked your domain and it seems you are running flexible SSL setting on Cloudflare. Your nginx is configured to serve writing. subdomain on 80 port only, but the cloudflare is likely hitting your server on 443 attempting SSL. Since no server_name matches for 443, it uses the first declaration as default and serves your instance of chibisafe with invalid SSL certificate.
As CF is configured in flexible mode, it does not check the certificate and accepts the response, forwarding it to the client.
Solutions:
-
use rules to configure different SSL strategy for your subdomain - you need one that does not require SSL on server-side; On the other hand, you can update your root domain setting to "Strict" as LetsEncrypt is configured on the server;
-
create 443 server for your subdomain, you can obtain free SSL certificate from LetsEncrypt as you done for the main domain;
You may encounter issues attempting to implement either solution, CF SSL config is a bit tricky, so is requesting new cert for a domain which is currently not listening on 80... Good luck!
ghost
I have a chibisafe instance setup on my main domain without any subdomains. Today I tried to add a subdomain to my website that was for something different, set everything up in nginx, but the subdomain still resolves to chibisafe. Not sure if I'm doing anything wrong but I've included my nginx config file for reference. Unsure what other config files I'd need to include.
default(1).txt