526 Error on subdomain with Cloudflare Origin Certificate

Hi there,

I have an origin certificate that I generated from Cloudflare that expires on 2035-07-02 that I downloaded and added to my server.

The hosts listed on this certificate are:

*.domain.com, domain.com (ssl_tls.crypto_hosts)

The status of this certificate is active and I ran my subdomain through https://www.sslshopper.com/ssl-checker with 0 errors.

I have my encryption set to full (strict) and my full domain (domain.com) works as expected, however my subdomain (sub.domain.com) is throwing a 526 error.

I’ve spent two days on this and am out of ideas. Can someone help me understand why my configuration is causing an error only on my subdomain?


It sounds like the subdomain isn’t using the origin certificate. Does it work in Full (not strict) mode?

If you :grey: that subdomain and wait five minutes, you should be able to hit that website, get a cert error, then take a look at the offending certificate to see if it’s the Cloudflare one, or a self-signed one from your host.

It goes to a 404 error page in full (not strict) mode, which is unexpected since these website files haven’t been touched and it was resolving fine when I was using a Let’s Encrypt certificate a few hours ago.

I’ll try this and see if I can get more info on the cert. I looked at the cert on my subdomain and it looks like the same one on my full domain, but maybe this will give me more info.


1 Like

That helped me find the solution, I saw the wrong certificate on the subdomain after that. Then I checked my server and saw that I didn’t set up that origin certificate on that sub, just the full domain. Face palm.

Thanks for the help.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.