Solved: Error 526 Invalid SSL Certificate

Better Stack Team
Updated on May 4, 2022

Problem

Getting Error 526: Invalid SSL certificate Cloudflare error.

Cause of the problem

Error 526 indicates Cloudflare is unable to successfully validate the SSL certificate on the origin web server and the SSL setting in the Cloudflare SSL/TLS app is set to Full SSL (Strict) for the website.

Solution

  1. If the origin server is configured to use a self-signed certificate, install a valid certificate on your origin server. To test to see if your origin has a self-signed certificate, run the following cURL command and replace the http://example.com with your domain and 123.123.123.123 with your origin IP.
 
curl -svo /dev/null --resolve example.com:443:123.123.123.123 https://example.com/

The response from an origin server with a self-signed certificate will contain SSL certificate problem: self signed certificate. A self-signed certificate secures the connection between Cloudflare and your origin but will cause a 526 error when you try to connect to the origin directly.

  1. Check to make sure the certificate hasn’t expired, the certificate isn’t revoked, and that the certificate is signed by a certificate authority
  2. Check to make sure the requested domain name (hostname) is in the certificate’s Common Name or Subject Alternative Name (SAN) configuration
Got an article suggestion? Let us know
Explore more
Licensed under CC-BY-NC-SA

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

We are hiring.

Software is our way of making the world a tiny bit better. We build tools for the makers of tomorrow.

Explore all positions →

Reliability is the
ultimate feature

Delightful observability tools that turn your logs & monitoring into a secret weapon for shipping better software faster.

Explore Better Stack