SSL error on Custom Domain

Hi,

I recently set up a custom domain on one of my Glitch projects (added CNAME using Dreamhost’s DNS). The custom domain seems to work through unencrypted http ( http://www.craigfahner.com ) but gives me an SSL error when using https ( https://www.craigfahner.com ). The error in Chrome reads ERR_SSL_PROTOCOL_ERROR

Am I missing some steps here? Or is this taking longer than usual to propagate?

Thanks!

Hi there Craig!
Welcome back to the Glitch Community! :slight_smile: :glitch:
That’s weird… I see you are using Dream Host’s DNS. I would really recommend you use Cloudflare. It’s free and it works great with Glitch, especially SSL. You can sign up here: https://dash.cloudflare.com/sign-up
If you do use it, please make sure you are using Flexible SSL (this could also be your problem now if Dream Host also needs this to change somehow) as Full won’t work with Glitch
Hope this helps!
P.S. This probably won’t be a problem with Glitch, but instead your DNS configuration
Eddie
@crafah

Thanks! I’m going to give this a try. Quick question (as I know next to nothing about DNS) - I have a bunch of Dreamhost-hosted subdomains on the same domain name, is this going to disrupt those, which are working totally fine?

Edit: Tried it. I assume I should wait until the DNS changes propagate, but for now it appears that:

https://www.craigfahner.com IS working
https://craigfahner.com is still not working (using A record with glitch.edgeapp.net’s IP address) it IS working now, just took some time.
and my subdomains are all broken with a “too many redirects” error. fixed this by disabling Dreamhost’s own HTTPS redirect in my certificate settings

Both work for me :tada:
I would also, now that you are using Cloudflare, stop using an A record for glitch.edgeapp.net, you can just make CNAME records. This will be useful just in case the IP changes and is best practise
Glad I could help! :slight_smile:
Eddie

1 Like

My understanding is I can’t use a CNAME for the bare domain (https://craigfahner.com vs https://www.craigfahner.com) - the Glitch custom domain guide notes this and suggests using an A record to access the bare domain. Perhaps there’s a way of setting this up with Cloudflare to redirect the bare domain to the www subdomain?

Cloudflare use something fancy called CNAME Flattening which means that you can add a CNAME for the root domain, this is recommended and Glitch says that

most registrars won’t allow [A Records on root domains]

but Cloudflare do :slight_smile:

2 Likes

Is there a reason why Full SSL on Cloudflare wouldn’t work, since Glitch seems to provide Lets Encrypt certs on projects accessed via https?

There’s no harm in trying it, just change the setting, just some people have had Handshake errors when on Full SSL :slight_smile:

Yep, I get a handshake error when I switch to Full. Frustratingly I am intermittently still getting an SSL error on https://www.craigfahner.com under Flexible SSL, and curiously it doesn’t replicate across browsers. Is this just a caching issue, or could it be a configuration problem (conflicting DNS records?)

Yeah. I think it’s just DNS propagation and cache. You see, for me, it didn’t work at first until I changed my DNS to 1.1.1.1 (Cloudflare’s DNS - this connects directly to their DNS so will give better results if you are changing DNS records) because I had already viewed your site before that with the error.

2 Likes