Yesterday (2020-08-24) I’ve figured out that my website (insoftex . com) does not work. A browser shows a typical error 526: Invalid SSL certificate. (NB: all URLs here and bellow I type with spaces as Cloudflare forum does not allow me as a new user to add more than 2 links)
I haven’t touched Cloudflare settings for several months.
Before I had configured A record for (mail . insoftex . com) to bypass Cloudflare proxy. So, I can access SMTP and POP3 servers on Bluehost (my hosting provider) directly.
Bluehost support confirmed that there were no changes on their side.
I’ve searched on Cloudflare community forum and found posts about similar issues. Also, I’ve read this post: https://community . cloudflare . com/t/community-tip-fixing-error-526-invalid-ssl-certificates/44273
I’ve changed SSL/TLS encryption on Cloudflare from “Full (strict)” to “Full” and the website started working (although, some images are not loaded in Safari whereas no issues in Chrome and Firefox).
Then I’ve checked my original SSL certificate:
curl -svo /dev/null --resolve $DOMAIN:443:$IPADDRESS https://$DOMAIN/
And I’ve figured out a message:
- Server certificate:
- subject: CN=mail . insoftex . com
- start date: Aug 23 20:07:06 2020 GMT
- expire date: Nov 21 20:07:06 2020 GMT
- subjectAltName does not match insoftex . com
- SSL: no alternative certificate subject name matches target host name ‘insoftex . com’
It seems that my original IP address is associated with subdomain mail . insoftex . com but not the root domain insoftex . com.
Please advise how to properly configure Cloudflare settings for my domain and fix the issue.