What is the name of the domain?
What is the error message?
521: Web Server is down
What is the issue you’re encountering
Cannot reach site
521: Web Server is down
Cannot reach site
I am just starting the site & it reports that “the SSL certificate presented by the server did not pass validation. This could indicate an expired SSL certificate or a certificate that does not include the requested domain name.” It is asking me to contact my hosting provider (which is Cloudflare) to ensure that an up-to-date & valid SSL certificate issued by a a Certificate Authority is configured for this domain name on the origin server.
What is odd to me is that in all the notices to me, Cloudflare has not offered to provide a valid certificate as my site registrar and IP, but has sent me a literal ton of email that I do not understand. If someone would be so kind as to inform me of the corrective action to getting my site online - I really only have the simplest site intentions in mind - I would sincerely be very grateful!
What do you mean by that? Do you have a website on Cloudflare Pages, or do you have a website with a different company that you are trying to connect to your domain?
That sounds like those emails were caused by this incident. You should be fine to ignore them.
That is error 526, not error 521. You can learn more about fixing it here:
If you do not already have a valid certificate for your origin server, you can use a free Cloudflare Origin CA certificate to secure proxied hostnames.
I don’t know if this is any help, but I paused Cloudflare & ran the SSL tool which reported that the certificate had expired & was in the name of someone else from 01/2021 until 01/2022. Cloudflare help documentation also recommended lowering the SSL/TS automatic encryption from automatic Full (strict) to Full, which I did. The odd thing as well is that in the dashboard overview, I continuously have nearly a hundred “Unique Visitors” to the site daily. I don’t see how this is possible.
Have you replaced it with one that isn’t expired?
I’m not sure what you mean by that. Are you saying that you were using a certificate that didn’t contain your domain name? That’s not good.
That is intended as a temporary workaround for use while replacing the expired certificate.
Based on the following report, you appear to be redirecting your visitors to another domain.
https://cf.sjr.org.uk/tools/check?3e463ac16d66487aad468dc4fa445cd1
Are you currently having any problem?
With what I’ve done so far, when you type in the name of my site, you are taken to the landing page of someone named Brian Schulz.com. Before hitting , Google reports “526:invalid SSL certificate http://mstankovich.com” I have created an Origin Certificate & a Private Key, but I am unsure of where/how to upload them.
Correct. That appears to be the result of a redirect configured in your Cloudflare account. If that is not desired, you will want to inspect your Cloudflare settings. If you didn’t add that redirect, you may want to take steps to secure your account.
Based on the IP of the hostname in your proxied MX record, it loooks like you host with GoDaddy. If that is correct, you would need to upload yor Origin CA certificate and key there.
Note that if GoDaddy tries to use them with your email service, they will not work for that purpose. Your mailserver will require a valid publicly trusted certificate.
A colleague has shared findings that indicate the redirect is being sent from your origin server and not Cloudflare, as I had suggested. You will need to check your site to find it.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.