My Site Suddenly Returns 526 (Invalid SSL Certificate)


#1

Hi,

Today, my site suddenly returned 526 (Invalid SSL Certificate), even though the certificate is still valid:
Found the following certs:
Expiry Date: 2019-04-29 15:09:42+00:00 (VALID: 55 days)
Certificate Path: /some/path/fullchain.pem
Private Key Path: /some/path/privkey.pem

Cloudflare’s SSL setting was usually “Full (Strict)”, and origin’s SSL certificate is provided by letsencrypt.

I had to change the SSL setting to “Full” to make it work again.

Anyone has any idea why this suddenly happened? Thanks.


#2

My guess would be the certificate expired. You said it still is valid, but are you referring to your certificate or Cloudflare’s?

Whats the domain for starters?


#3

Hi Sandro,

Thanks for the prompt reply.

I was referring to my site’s certificate (letsencrypt).
The domain is “webhook.boxify.io”.

Thanks.


#4

In that case the certificate shouldnt be considered invalid.

Would you feel comfortable to reveal your server’s IP address here?


#6

You can delete your posting now if you wish.

The certificate returned by the server expired two days ago. That explains the 526. Have you recently renewed the certificate?


#7

May I know how to check that?

I had force renewed before I changed the SSL setting to “Full”.

Now the validity is until:
Expiry Date: 2019-06-03 04:03:13+00:00 (VALID: 89 days).

Even though it is renewed, whenever I change back the SSL setting to “Full (Strict)”, it returns 526. Does it mean the certificate was not actually renewed?


#8

Did you restart the service after having renewed the certificate? Maybe it is still using the old one.


#9

Oh my, I forgot to restart the web service. It is OK now.

Thank you so much for the help and for your time.