Getting Error 526: Invalid SSL certificate Cloudflare error.
Cause of the problem
Error 526 indicates Cloudflare is unable to successfully validate the SSL certificate on the origin web server and the SSL setting in the Cloudflare SSL/TLS app is set to Full SSL (Strict) for the website.
- If the origin server is configured to use a self-signed certificate, install
a valid certificate on your origin server. To test to see if your origin has
a self-signed certificate, run the following cURL command and replace the
http://example.comwith your domain and
18.104.22.168with your origin IP.
curl -svo /dev/null --resolve example.com:443:22.214.171.124 https://example.com/
The response from an origin server with a self-signed certificate will
SSL certificate problem: self signed certificate. A self-signed
certificate secures the connection between Cloudflare and your origin but will
cause a 526 error when you try to connect to the origin directly.
- Check to make sure the certificate hasn’t expired, the certificate isn’t revoked, and that the certificate is signed by a certificate authority
- Check to make sure the requested domain name (hostname) is in the certificate’s Common Name or Subject Alternative Name (SAN) configuration
SSL Certificate Problem: Unable to get Local Issuer Certificate
If you get SSL certificate problem: unable to get local issuer certificate error, it's an indication that your root and intermediate certificates on the system are not working correctly or not set up correctly.Questions
When you are accessing the HTTPS secured website a series of steps is taken in the background to ensure that the connection is safe and trusted. Some of these steps consist of checking certificates. If the browser does not believe that the connection would be secure it displays this error.Questions
Solved: Invalid command ‘SSLEngine
This frequently happens on fresh Apache servers. When Apache starts it reads through the configuration files. When it encounters `SSLEngine` directive, it considers it as unknown. This is caused by the fact that the server’s basic configuration does not have `mod_ssl` module installed or enabled.Questions
Solved: Error:0D0680A8 : asn1 encoding routines: ASN1_CHECK_TLEN: wrong tag
This error is due to an invalid certificate format installed on the Apache webserver.Questions
Make your mark
Join the writer's program
Are you a developer and love writing and sharing your knowledge with the world? Join our guest writing program and get paid for writing amazing technical guides. We'll get them to the right readers that will appreciate them.Write for us
Build on top of Better Stack
Write a script, app or project on top of Better Stack and share it with the world. Make a public repository and share it with us at our firstname.lastname@example.org
or submit a pull request and help us build better products for everyone.
See the full list of amazing projects on github