I am trying to use Cloudflare SSL with my Azure app on a small basic service plan. I have the SSL set to Flexible in the Cloudflare Crypto tab. The status is Active Certificate.
In the Cloudflare DNS tab I have the orange cloud for the A record and CName record for my domain.
A mywebsite.com.au points to XX.XX.XXX.XXX
CNAME www is an alias of mywebsite.azurewebsites.net
In Azure Custom Host Names I have a binding for www.mywebsite.com.au and mywebsite.com.au
when I go to https://www.mywebsite.com.au I get an error
unsupported protocol: The client and server don't support a common SSL protocol version or cipher suite.
I also get the error for https://mywebsite.com.au/
If I switch the orange cloud to a grey cloud for the www CName record in CloudFlare, then I get a different error
Your connection is not private
This server could not prove that it is www.mywebsite.com.au; its security certificate is from *.azurewebsites.net. This may be caused by a misconfiguration or an attacker intercepting your connection.
HTTPS Only is Set to OFF in the Azure Custom Host Names.
If I set the A record cloud in CloudFlare to Orange then
https://mywebsite.com.au/ reports ERR_SSL_VERSION_OR_CIPHER_MISMATCH
If I set it to grey (DNS Only) then the website shows with the https crossed out and the words Not Secure
[Update] After clearing the chrome cache and waiting some time both
mywebsite.com.au and https:\mywebsite.com.au started to work with the orange cloud on the a record in cloudflare DNS
I had used dig with trace which showed the CloudFlare Name servers indicating that my change of the DNS to Cloudflare had gone through earlier.
The other thing I had done was to delete the www CName from CloudFlare DNS and www.mywebsite.com.au from the Azure Custom Host Names.
I have since been able to get the www working using the cname flattening work around given in Stephen Cleary's answer to this question
