My server’s certificate suddenly became invalid for some time (Error 526), known duration of issue: around 20 minutes. Now it’s also suddenly back to normal, but i’d want to know what was the issue. Existing topics on the problem doesn’t provide any answer.
Website has worked without any issue for half a year;
Server’s and Cloudflare’s configuration was not changed for 4 months;
Server’s certificate was renewed just a week ago, so it’s perfectly valid;
SSL Encrypted mail service hosted on the same server kept working through all the time just fine for both incoming/outcoming mail;
Playing around with SSL/TLS encryption mode and disabling/enabling HSTS didn’t affect the issue;
Shortly before the trouble I’ve added another website hosted on the same server to Cloudflare, set DNS A-record to the server while still pending nameserver check. Issue disappeared just around time the new site was activated, so my best guess is that it was somehow connected to the trouble.
With all that, was the issue caused by me (and how to prevent it), or is it Cloudflare’s fault?
If you pause Cloudflare (or set the individual record to Unproxied () / DNS-only), does the certificate on the server work flawlessly in a browser?
Alternatively, and assuming that your operating system has e.g. cURL installed, then if your problematic host name is test.example.com, and that the IP address of your sever is 203.0.113.123, you can try run cURL like this:
That command would make test.example.com resolve to 203.0.113.123, and therefore connect directly to your server (bypassing Cloudflare) for connections on port 443, where you can then check in the output for e.g. information about the secure connection, and whether cURL means that your certificate is “ok”.