I’m pretty confused at the moment, I was seeing a bunch of 526 errors earlier today even though my SSL/TLS encryption mode is Full, not Full (strict), what gives?
While the issues was happening:
If I bypass Cloudflare with curl, then the site is fine so long as I use the --cacert flag with curl.
The default virtualhost used the same self-signed cert as the virtualhost Cloudflare should be accessing.
I was able to fix it by setting my default virtualhost in apache to the virtualhost that serves the site that was seeing the errors, but that doesn’t seem like it should be neccesary, why isn’t Cloudflare traffic recognized as being for the appropriate virtualhost?