Solved: Error 526 Invalid SSL Certificate

SSL certificate Error
Better Stack Team
Updated on May 4, 2022

Problem

Getting Error 526: Invalid SSL certificate Cloudflare error.

Cause of the problem

Error 526 indicates Cloudflare is unable to successfully validate the SSL certificate on the origin web server and the SSL setting in the Cloudflare SSL/TLS app is set to Full SSL (Strict) for the website.

Solution

  1. If the origin server is configured to use a self-signed certificate, install a valid certificate on your origin server. To test to see if your origin has a self-signed certificate, run the following cURL command and replace the http://example.com with your domain and 123.123.123.123 with your origin IP.
 
curl -svo /dev/null --resolve example.com:443:123.123.123.123 https://example.com/

The response from an origin server with a self-signed certificate will contain SSL certificate problem: self signed certificate. A self-signed certificate secures the connection between Cloudflare and your origin but will cause a 526 error when you try to connect to the origin directly.

  1. Check to make sure the certificate hasn’t expired, the certificate isn’t revoked, and that the certificate is signed by a certificate authority
  2. Check to make sure the requested domain name (hostname) is in the certificate’s Common Name or Subject Alternative Name (SAN) configuration
Got an article suggestion? Let us know
Explore more
SSL certificate Error
Solved: Error:0D0680A8 : asn1 encoding routines: ASN1_CHECK_TLEN: wrong tag
This error is due to an invalid certificate format installed on the Apache webserver.
Questions
Solved: ERR_SSL_VERSION_OR_CIPHER_MISMATCH
When you are accessing the HTTPS secured website a series of steps is taken in the background to ensure that the connection is safe and trusted. Some of these steps consist of checking certificates. If the browser does not believe that the connection would be secure it displays this error.
Questions
Solved: Invalid command ‘SSLEngine
This frequently happens on fresh Apache servers. When Apache starts it reads through the configuration files. When it encounters `SSLEngine` directive, it considers it as unknown. This is caused by the fact that the server’s basic configuration does not have `mod_ssl` module installed or enabled.
Questions
SSL Certificate Problem: Unable to get Local Issuer Certificate
If you get SSL certificate problem: unable to get local issuer certificate error, it's an indication that your root and intermediate certificates on the system are not working correctly or not set up correctly.
Questions
Licensed under CC-BY-NC-SA

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Make your mark

Join the writer's program

Are you a developer and love writing and sharing your knowledge with the world? Join our guest writing program and get paid for writing amazing technical guides. We'll get them to the right readers that will appreciate them.

Write for us
Writer of the month
Marin Bezhanov
Marin is a software engineer and architect with a broad range of experience working...
Build on top of Better Stack

Write a script, app or project on top of Better Stack and share it with the world. Make a public repository and share it with us at our email.

community@betterstack.com

or submit a pull request and help us build better products for everyone.

See the full list of amazing projects on github