Hi. I have created and installed an SSL certificate (Origin Certificate) for my AWS service using cloudflare. We have a domain on the form “company.com” and the certificate I have created is for “x.company.com”.
When I test the certificate in a browser it is not accepted as valid.
Using the service SSL Checker
I got the response that
" The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. The fastest way to fix this problem is to contact your SSL provider."
How do I get, and install these “Intermediate/chain certificates” ? I store the certificate in AWS certificate manager, and use them for an API gatway, if that is relevant.
This server could not prove that it is <x.company.com> ; its security certificate is from *.execute-api.eu-west-1.amazonaws.com . This may be caused by a misconfiguration or an attacker intercepting your connection.
You will need to enable the Cloudflare proxy if you want to use the Cloudflare origin certificate. Also make sure your SSL/TLS setting is set to “Full (strict)” in your dashboard here… https://dash.cloudflare.com/?to=/:account/:zone/ssl-tls