NET::ERR_CERT_AUTHORITY_INVALID not sure what the problem is anymore

kenjibailly · December 6, 2020, 2:21pm

Hello,

I have recently had a crash on my raspberry pi where I host my website with apache2 in a docker container.
I have everything put back into place, but the ssl certificate is giving an error and I don’t know why anymore.
I have linked my server.pem and server.key file in apache2, that seems to be working as the error matches the .pem file.
I’m not using a proxy version, but a DNS only for specific reasons. This was also the case before my crash, nothing has changed there. The only thing I changed is the certificate files as those I had lost and had to regenerate.
Could someone perhaps point me in a direction for more debugging or a solution?
Also I wait quite some time in between changes, but even after a few times of sleep and renewing the certificates, nothing has changed up till now.

Also sorry if this would point out to be an apache2 configuration problem, I’ve been going over the config and have also remade the webserver a few times now. It’s pretty safe to say I’m clueless at this point which party I would need to look into to resolve the issue.

My domain: https://kenjibailly.xyz

Thanks in advance

EDIT: I have tried to use another ssl certificate and that one seems to work perfectly fine. The only difference is that the file issued from that other website is a .crt file and not a .pem. I know I got it to work before with cloudflare. So my webserver config is working at least. That I can tell for sure now.

sandro · December 6, 2020, 2:44pm

In that case you had an invalid certificate before. With the updated one now it loads just fine. Keep that certificate in place, make sure you renew it whenever necessary, and you should be good.

kenjibailly · December 6, 2020, 4:04pm

Yes now it’s working cause I’m using a different website with a free SSL certificate that is only valid for 90 days. I’d like to use the SSL certificates from cloudflare as they were setup before.
I can’t get it to work :s

sandro · December 6, 2020, 4:06pm

What Cloudflare certificate did you use before? Where did you get this?

kenjibailly · December 7, 2020, 11:22pm

I got it from my dashboard > SSL / TLS > Origin Server > Create Certificate (default options)
Copied over the .pem and .key that it provides.

sandro · December 7, 2020, 11:23pm

That certificate would work just fine, however you’ll need to have that in a proxied context as otherwise you’ll get exactly that error message. Origin certificates are only trusted by the proxies, not browsers.

system · December 10, 2020, 3:41pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.