When replacing a SSL certificate and key in the SSL/TLS section I get the following error:
“The certificate chain you uploaded cannot be bundled using Cloudflare’s trust store. Please check your input and try again. (Code: 2100)”
Why is this? How do I troubleshoot this?
Additional information: I checked the certificate and chain PEM and this is correct according to https://tools.keycdn.com/ssl it is a valid chain.
Cloudflare support responded to me (in a private ticket) that most of the times this is caused by a mismatch in certificate and private key. In my case this wasn’t the case.
I turned out that one of the root certificates was not thrusted by Cloudflare.
I figured this out with the help of a tip from Cloudflare support: When you select “Bundle method” as “User Defined”, the certificate will be uploaded without error (at least if the certificate and key matches and are in the correct format). I then saw an SSL error in the browser of my website. When inspecting the certificate in the browser I saw that one of the root certificates was unthrusted.
Hope this helps others running into this issue.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.