https not working for aws load balancer, also cloudflare cname for @ is not working but anything else works

I have a ec2 instance with a loadbalancer. The loadbalancer has an issued ssl certificate, it says it's active. I will post screenshots of all my settings. The site works on http just fine. Just not sure how to debug at this point, I have got https this way working before, but not sure why it's not working.

Also not sure why just hitting yobuzzer.com with the cname is not working, but dev.yobuzzer.com works

Even when I visit https://yobuzzer-171342802.us-east-1.elb.amazonaws.com/ I get not secure

Thanks ahead of time

(anyone visiting the url, I restarted my server, so I think the healthcheck saw that, and its down currently, but should come back up)

Solution 1:

Also not sure why just hitting yobuzzer.com with the cname is not working, but dev.yobuzzer.com works

You can't use CNAME on root domain (yobuzzer.com); you can only use CNAME on subdomain (www.yobuzzer.com, dev.yobuzzer.com, etc). Root domain should only use A or AAAA.

Though, on Cloudflare, they can flatten CNAME on root domain, technically querying A record from CNAME target, and serve that to your root domain as A record.

Try checking your DNS propagation using dig or nslookup.

$ dig +noall +answer yobuzzer.com
$ nslookup yobuzzer.com

Even when I visit https://yobuzzer-171342802.us-east-1.elb.amazonaws.com/ I get not secure

That site has SSL certificate with CN assigned to yobuzzer.com, instead of yobuzzer-171342802.us-east-1.elb.amazonaws.com. Try accessing yobuzzer.com from your browser.

$ openssl s_client -connect yobuzzer-171342802.us-east-1.elb.amazonaws.com:443
CONNECTED(00000004)
depth=2 C = US, O = Amazon, CN = Amazon Root CA 1
verify return:1
depth=1 C = US, O = Amazon, OU = Server CA 1B, CN = Amazon
verify return:1
depth=0 CN = yobuzzer.com
verify return:1