Origin CA Issuer: Origin CA Key expired without notice, leading to 526 errors

Answer these questions to help the Community help you with Security questions.

What is the domain name?

Have you searched for an answer?

Please share your search results url:

When you tested your domain, what were the results?
Error 526: Invalid SSL certificates

Describe the issue you are having:
Our Origin CA Issuer running in our Kubernetes cluster uses the Origin CA Key to issue new certificates before the old ones expire. However, the Origin CA Key expired without notice and we started getting authentication errors when trying to issue new certificates. We cannot afford this downtime so we would like to know how to ensure that our Origin CA Key remains valid at all times.

What error message or number are you receiving?
526 when hitting domain. Authentication error (Code: 10000) when attempting to issue certificates

What steps have you taken to resolve the issue?

  1. Update Origin CA Key used by Origin CA Issuer.
  2. Issue new certificates

Was the site working with SSL prior to adding it to Cloudflare?
It was always on cloudflare, and working previously

What are the steps to reproduce the error:
Use an invalid Origin CA Key.

Have you tried from another browser and/or incognito mode?

Please attach a screenshot of the error:

A similar topic appeared in the Community today.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.