Receiving 526 errors on primary domain and www domain. (Owner)

I’ve got an interesting issue where we get an SSL verification error (526) but the SSL certificate on the host (Onyx) is valid as it’s a Let’s Encrypt certificate but when enabling Cloudflare proxy the SSL certificate cannot be verified.

To try and resolve this myself I’ve followed the following article and also tried re-issuing the Let’s Encrypt certificate and also reached out to main support but it’s been a few weeks without luck.

https://community.cloudflare.com/t/community-tip-fixing-error-526-invalid-ssl-certificates/44273

When the command in the above article was run it was able to successfully verify the certificate and not provide any errors.

Key details:

  • Domain: example.com
  • SSL Setting: Flexible
  • Error Code: 526
  • We did have a SASS hostname with WP Engine that was originally causing problems but Cloudflare has said they removed this.
  • Cloudflare proxy is not currently enabled on the root domain as the website is business-critical and the current setup causes downtime.

Any suggestions or support would be appreciated.

1 Like

Hi @matt30

I see the website is working fine for me

Hi @Neeraj_1,

That’s right as we’ve switched off the Cloudflare proxy for the main domains (www & @) as it causes downtime with the 526 error.

This was more of a stab in the dark as it seems to be a very specific error that can’t be solved without intervention from Cloudflare.

Do you use Custom SSL ?

We use Cloudflare’s Universal SSL and a Let’s Encrypt certificate at the source which is automated by Onyx (https://onyx.io/).

The one reason I think this error could be is the SASS hostname configuration is still lingering somewhere overwriting my configuration in the dashboard.

@matt30 The article below may be helpful! I would advise checking it out!

Thank you for the link, unfortunately tried the options on that page.

After digging a bit further into the SSL certificates on the domains they seem to each have their own certificates and not a shared one over @ and www which is causing issues as Cloudflare seems to only look at the root domain and not the subdomain’s SSL certificate for the www sub domain.

2 Likes