When setting up a new cert for our website, we get an error: NET::ERR_CERT_AUTHORITY_INVALID. Checking an SSL checker (SSL Checker) gives us another error, stating “One of the root or intermediate certificates has expired” and the expired certificate was issued by CloudFlare. I set up this certificate today, as you can see it expires on August 19, 2036. Have also tried installing the CloudFlare Origin RSA PEM as directed by https://developers.cloudflare.com/ssl/origin-configuration/origin-ca#4-required-for-some-add-cloudflare-origin-ca-root-certificates.

Ideas?

Both of those Origin CA Root Certs from the article you linked to expire in 2029. Can you try adding the RSA cert again?

We already tried that. But in the name of troubleshooting here are the steps we just took after your reply:

1. Logged into cPanel
2. Click SSL/TLS
3. Click Generate, view, upload, or delete SSL certificates
4. The Origin CA Root Cert shows as expiring 8/15/29 and says - Self Signed - as issuer
5. Deleted cert
6. Tried site again, still no SSL
7. Tried SSL Checker again, still same error

Did NOT reinstall RSA cert again. Thing is, this morning things were working fine without the RSA Cert and our original CF cert from May that expired in May 2036. I uninstalled and deleted that cert and created a new one and we get that intermediate cert has expired error message still, even with the new cert that expires in August 2036.

OK, We have it all squared now. We figured out the issue. Our DNS records were not Proxied, we changed that and the certs are valid now and everything is working as it should. Sometimes it’s the simple things. Thanks

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.