AWS ACM minted certificate, strict SSL

What is the name of the domain?

akccis.com

What is the error number?

526

What is the issue you’re encountering

ACM origin certificates seen as invalid

What steps have you taken to resolve the issue?

I want to use ACM managed certificates on my domain but CF will not use them in strict mode. I prefer to use ACM certs for auto renewal as opposed to managing origin certs manually.

I enabled advanced cert manager on this domain so I could upload my own CA certs but that has not seemed to make a difference. I can’t upload the entire chain to advanced cm, it will only allow me to upload root CA certs

What is the current SSL/TLS setting?

Full

What are the steps to reproduce the issue?

enable strict, enjoy 526 error

Can you pause Cloudflare?

Yes, it works without issue not going through Cloudflare, the AWS certs are valid and trusted by
browsers.

The domain is currently not paused.

Ok, I paused it again

It is, but the server does not respond at all

sitemeer.com/#1999595628bd709ca5a0c70f2c303bdbd0a632e7

Where does sitemeer source from? My site is geo blocked locally

Can you drop the firewall rules for now?

I cannot, but you got me on a path. For some reason it seems it was seeing the wildcard CN on the ACM cert as a mismatch. I will need to look into that but all seems well now

Sure. Essentially, it should load fine in the browser without Cloudflare. Once it does, it will also work with Cloudflare.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.