Support » Plugin: Health Check & Troubleshooting » All sites with Cloudflare fail loopback and rest api checks

  • All sites that use the official Cloudflare plugin w/ Flex SSL result in two failed tests:

    -The REST API request failed due to an error.
    Error: [] cURL error 35: error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 unrecognized name

    -The loopback request to your site failed, this means features relying on them are not currently working as expected.
    Error: [] cURL error 35: error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 unrecognized name

    I haven’t experienced any issues with my sites and the /wp-json url is accessible with json data present.

    As far as I can tell, these failures only effect the health check score but otherwise seem ok to be ignored.

    *tested w/ plugin and w/out

Viewing 4 replies - 1 through 4 (of 4 total)
  • I don’t know. This plugin is blocking CURL or is it from another plugin. I don’t know why. Same error happening.

    Plugin Author Marius L. J.

    (@clorith)

    Hmm, that’s peculiar, does your Cloudflare have any logs about the attempt, judging by this, it looks like cURL on your server is unable to validate the certificate name.

    Hi,

    I got a different cURL error number, but I believe the underlying issue may be the same.

    My site uses Cloudflare. I was testing different SSL configurations and while trying to use Cloudflare-issued certs at the origin, Health Check would then always return a REST API error (cURL #60) related to SSL having a self-signed certificate, followed by the loopback request error.

    Cloudflare origin certificates are only supposed to work with Cloudflare itself, the visitors’ browsers never getting to it if the domain is proxied by Cloudflare.

    Visitor > Cloudflare SSL at the edge (Cloudflare datacenters); then
    Cloudflare > Cloudflare SSL at the origin (server at hosting provider)

    Cloudflare of course handles this magically, having its self-issued cert at the origin. But this kind of cert will not work for any other visitor (supposedly not welcome anyway, since not coming though the Cloudflare proxy).

    It doesn’t seem the REST API itself is prevented from working (at least for local requests), as I’ve tested with a plugin (Redirection) that depends on it to work and it didn’t have any issues.

    Is there any way to make HC accept self-signed certificates? Or else to force it to make the curl request over the internet, instead of locally, so that it reaches the same cert normal visitors will (CF Edge universal cert)?

    pingram

    (@pingram3541)

    I suspect the same or similar. I can see this error across multiple hosting platforms, in which sites that use Cloudflare’s FlexSSL w/ self signed certs each have the same Curl error 35 -> “unrecognized name” <- which I think is the biggest clue, but when I search this error up I am finding a different explanation related to an openSSL version mismatch between the WordPress installation reaching out (not through CF) and the response being processed back through CF vs directly w/ the WordPress installation.

    Not all sites using FlexSSL have this error. The ones I am finding that do not are on my own VPS systems running EasyEngine in which EE registers certs using Let’s Encrypt which means they are not self-signed.

    https://stackoverflow.com/questions/29808030/curl-error-35-error14077458ssl-routinesssl23-get-server-hellotlsv1-unreco

Viewing 4 replies - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.