Hi @gaunt fable. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
#Cloudflare ssl
rugged badgerBOT
I'm sorry to hear that you're having trouble with your website. Based on the information provided, it seems like you might be experiencing issues with your SSL configuration or DNS settings on Cloudflare. Here are some steps you can take to troubleshoot the issue:
-
Verify your domain: When adding a custom domain to Vercel, it must go through a process of verification. This process involves changing DNS records. Once DNS records have been changed, they can take a while to propagate. A custom domain added to Vercel will appear as unverified until this process is complete and full propagation has been achieved. source (https://vercel.com/guides/why-is-my-vercel-domain-unverified)
-
Check your SSL/TLS settings on Cloudflare: To fix the issue, you need to set the "SSL/TLS" option in Cloudflare to "Full (strict)". It is important to also follow the instructions in the Cloudflare guide so the domain keeps working without any issues. source (https://vercel.com/guides/resolve-err-too-many-redirects-when-using-cloudflare-proxy-with-vercel)
-
Check your Cloudflare integration: Both Cloudflare and Vercel utilize the ACME protocol—with SSL providers like Let’s Encrypt—to issue certificates. To validate domain ownership, the protocol sends an HTTP (not HTTPS) request to
/.well-known/acme-challenge/<id>on your server. Cloudflare has a variety of services that, depending on their configuration, could block the ACME protocol verification checks, resulting in Vercel failing to issue TLS certificates properly. source (https://vercel.com/docs/integrations/cloudflare)
- Check for common SSL certificate issues: There are many reasons why a certificate may not be generated. As the first starting point, we recommend testing your domain with Let's Debug and DNSViz. For non-wildcard domains, we use HTTP-01 challenge by default, which Vercel handles automatically by intercepting the challenge requests from Let's Encrypt to your domain as long as the domain points to Vercel. source (https://vercel.com/docs/projects/domains/troubleshooting)
If you're still having trouble after trying these steps, I would recommend reaching out to Vercel or Cloudflare support for further assistance.
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
gaunt fable
@rugged badger I host the bot on a dedicated sevrer
rugged badgerBOT
Let me check the knowledge base for you. One moment! :books:
Based on the information provided in the extracts, you can host your Next.js application on a dedicated server in three different ways:
- Node.js Server: Next.js can be deployed to any hosting provider that supports Node.js. You need to ensure your
package.jsonhas the"build"and"start"scripts. Then, runnpm run buildto build your application andnpm run startto start the Node.js server. This server supports all Next.js features. source (https://nextjs.org/docs/pages/building-your-application/deploying#self-hosting)
{
"scripts": {
"dev": "next dev",
"build": "next build",
"start": "next start"
}
}
- Docker Container: Next.js can be deployed to any hosting provider that supports Docker containers. You can use this approach when deploying to container orchestrators such as Kubernetes or when running inside a container in any cloud provider. source (https://nextjs.org/docs/pages/building-your-application/deploying#self-hosting)
# Build your container
docker build -t nextjs-docker .
# Run your container
docker run -p 3000:3000 nextjs-docker
- Static Export: Next.js supports static export, so it can be deployed and hosted on any web server that can serve HTML/CSS/JS static assets. This includes tools like AWS S3, Nginx, or Apache. However, running as a static export does not support Next.js features that require a server. source (https://nextjs.org/docs/pages/building-your-application/deploying#self-hosting)
Please note that if you decide to use a custom server, it should only be used when the integrated router of Next.js can't meet your app requirements. A custom server will remove important performance optimizations, like serverless functions and Automatic Static Optimization. Also, a custom server cannot be deployed on Vercel. source (https://nextjs.org/docs/pages/building-your-application/configuring/custom-server)
If you're self-hosting and using Next.js Image Optimization, you'll need to install the optional package sharp, which Next.js will use to optimize images. Optimized images will require more available storage on your server. source (https://vercel.com/docs/workflow-collaboration/conformance/rules/NEXTJS_USE_NEXT_IMAGE)
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
gaunt fable
I use the dedicated server to host the website but I am having issues setting up the website with cloudflare ssl
@rugged badger
rugged badgerBOT
Let me check the knowledge base for you. One moment! :books:
Based on the information provided in the extracts, here are some steps you can follow to set up your website with Cloudflare SSL:
-
Set up DNS Records: In your Cloudflare dashboard, create a CNAME record pointing your domain to
cname.vercel-dns.com. source (https://vercel.com/docs/integrations/cloudflare) -
Enable Cloudflare Proxy: Enable the Cloudflare proxy to send traffic through Cloudflare first. source (https://vercel.com/docs/integrations/cloudflare)
-
Set Cloudflare SSL/TLS Encryption Mode: Set Cloudflare SSL mode to Full to encrypt traffic between Cloudflare and your server. source (https://vercel.com/docs/integrations/cloudflare)
-
Check for ACME protocol verification checks: Both Cloudflare and Vercel utilize the ACME protocol—with SSL providers like Let’s Encrypt—to issue certificates. To validate domain ownership, the protocol sends an HTTP (not HTTPS) request to
/.well-known/acme-challenge/<id>on your server. Cloudflare has a variety of services that, depending on their configuration, could block the ACME protocol verification checks, resulting in Vercel failing to issue TLS certificates properly. To avoid disruption, the path<http://<YOUR_DOMAIN>/.well-known/acme-challenge/*> must be excluded from page rules, bot protection, or bypassed inside Access. source (https://vercel.com/docs/integrations/cloudflare)