Origin Cert causes ERR_CERT_AUTHORITY_INVALID after 3 years


I have a site that has been running fine using an origin cert for three years.

The site is now generating ERR_CERT_AUTHORITY_INVALID errors.

The site can be accessed by “proceeding unsafely” with a certificate exception.

The origin cert still has 10 years before expiration.

Cloudlare IP ranges were last updated in September.

I have tried pointing cloudflare at a different instance and it hasn’t resolved the issue.

Any idea what is happening or what to look at?


It sounds as if you were connecting directly to your machine. Origin certificates are only valid in a proxied context. Did you unproxy or change something locally?

What’s the domain?

No changes (although I have updated to a new ip to pointing to a different server to try and fix it).

The A record for the IP address says it is proxied.

It sounds as if you were connecting directly to your machine

It does seem like that is happening. The origin cert is visible in the browser.

The domain is properly configured and goes via the proxies, so the Origin certificate should never be presented to the client. Loading the site also shows the right certificate.

This must be a local issue on your end. Either your DNS resolver has some outdated value or you made some changes on your machine to reroute requests. I’d check for that first.

1 Like


Thank you!

Yes, an entry in my hosts file. Wtf.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.