Hello, I am trying to create a website, but I can’t get Let’s Encrypt to work.
I am using the acme/autocert library from crypto. I also use Cloudflare for my domain and I get the SSL to work properly if I disable Cloudflare for the domain. So that the traffic goes directly to my server instead of going through Cloudflare.
But once I turn Cloudflare back on I get this error message:
2017/04/11 06:06:35 http: TLS handshake error from 172.68.182.83:13617: acme: identifier authorization failed
On Cloudflare I set the SSL to Full so that the encrypted traffic goes from the client to cloudflare and to the server, but it’s still not working.
Am I doing something wrong or doesn’t acme support cloudflare for some reason or something?
The connection between the visitor and Cloudflare is completely managed by Cloudflare. They deal with proper certificates, etc.
The connection between Cloudflare and your server (i.e., the origin server) is managed by you.
When you are using this setup, the ACME TLS verification will NOT work because Cloudflare is responding for the domain, not the origin server. Thus your error message.
Self-signed certificates on the origin server are sufficient for Cloudflare’s Full SSL setup. Visitors will not see the origin server’s certs, only Cloudflare’s.
