Hi, I’m having issues adding my Cloudflare Origin Certificate to IBM Cloud in order to enable SSL between Cloudflare and IBM Cloud.
IBM Cloud allows for the following to be uploaded:
- Private key
- Intermediate certificate (optional)
- Client certificate trust store (optional)
I’ve tried adding the certificate and private key as-is, that brought about the error below.
Appending the Cloudflare Root Certificate RSA to the certificate (as stated in https://support.cloudflare.com/hc/en-us/articles/218689638-What-are-the-root-certificate-authorities-CAs-used-with-Cloudflare-Origin-CA-) results in a similar error as below.
When adding the SSL, I’ve been given the following error:
Add a SSL Certificate for goid.com.sg
The domain goid.com.sg is not supported by the certificate CN/SAN matches [static.goid.com.sg] and misses [CloudFlare Origin Certificate]."
I’ve contacted IBM Cloud support and they have replied as follows:
Basing on the message: The domain goid.com.sg is not supported by the certificate CN/SAN matches [static.goid.com.sg] and misses [CloudFlare Origin Certificate]." it looks you have 2 problems with this certificate:
the CN is missing ie: I run the command openssl x509 -in static.goid.com.sg.pem -text and it looks the CN is missing .
it misses the CloudFlare Origin Certificate I would suggest to contact the certificate issuer about how to fix this problem.
Basing on their https://support.cloudflare.com/hc/en-us/articles/218689638-What-are-the-root-certificate-authorities-CAs-used-with-Cloudflare-Origin-CA- they suggest to append the cloudflare_origin_rsa.pem over your static.goid.com.sg.pem but they did not mention detailed steps. More, you need to ask steps about how to add CN in your certificate.
Now I’m stumped on what to do.