Ssl configuration - site down - help!

Hi there, my site is down…
I’m getting this error from Cloudflare:

Error 526 Ray ID: 641bbd5e993c3e5e • 2021-04-18 06:12:08 UTC
Invalid SSL certificate
You: Browser Working
Adelaide Cloudflare: Working Host Error
What happened?
The origin web server does not have a valid SSL certificate.

What can I do?
If you’re a visitor of this website:
Please try again in a few minutes.

If you’re the owner of this website:
The SSL certificate presented by the server did not pass validation. This could indicate an expired SSL certificate or a certificate that does not include the requested domain name. Please contact your hosting provider to ensure that an up-to-date and valid SSL certificate issued by a Certificate Authority is configured for this domain name on the origin server. Additional troubleshooting information here.

I’ve contacted my hosting provider, which replied with:
“You have the domain on Cloudflare so you have to configure the SSL there for it to work, contact Cloudflare to get it fixed”

Could someone shed some light on this for me??
I’m running in circles!!

I am afraid that is an incorrect answer and your host needs to fix the broken certificate on their server

Community Tip - Fixing Error 526: Invalid SSL certificates has all the details on that error but the bottom line is your host needs to provide a properly valid certificate on the server.

1 Like

Does your server IP address end in 61?

You have a certificate that expired yesterday, so that might be the root cause.

Hi everyone,
I’ve found this thread

then I’ve changed my SSL/TLS configuration to FULL.
My site is up again…
Thanks to all of you!

That’s what I linked to before.

With the change you made your site is insecure now.

Your host needs to fix the certificate.

Thanks for the info…
I’m very confused… so the problem is actually with my hosting provider?? It makes sense as I had the Cloudflare settings as FULL STRICT before and it was working ok…
So I’d have to contact my HP and ask them to renew the certificate? Pardon my ignorance.

I already mentioned that. Your host needs to fix the broken certificate and that’s something only your host can fix.

Switch back to “Full strict” and tell your host to fix the certificate, respectively renew it and keep renewing it whenever it is about to expire.

You can also look into Cloudflare’s Origin certificates, but that’s a different story and still needs to be done on your server.

Yes. (Whoever set up that cert in the first place, which may not be the hosting provider).

As this is a Let’s Encrypt cert that process should be automatic, and happen every 60 days or so.

Once the cert is renewed, put your SSL mode back to Full (Strict).

Plus, the question was

Thanks for this info… My hosting provider’s support is pretty lame as they quickly blame Cloudflare for the problem (it has been working ok for yonks under FULL(strict)) so it looks like they (my HP) are at fault but my total ignorance on this matter makes me believe them, thank god for this community which has helped me enormously… thanks to all of you …
I’ve requested them to fix the issue… let’s see what they say…

I’ve done so… meanwhile, I’ve changed the SSL settings to FULL (strict) as apparently it would become insecure!!
Gee… I’m lost… Ignorance is NOT a bliss when it comes to this!!

Yes, your host needs to fix that. Right now you have an insecure mode selected, they should fix this as quickly as possible and you should change back to “Full strict”.

You might also want to look into changing host if yours does not provide proper support. SSL is a relatively fundamental thing and should not need a lengthy discussion but should be automated by your host and should work.

I agree with you… It’s so frustrating that their support is via email only, with a 24 hours turnaround… you get what you paid for!!!
Thanks for your reply, mate!

Can I renew it myself ?? How?

Yes, I’m thinking of changing hosts…I’m trying to find a not to expansive Wordpress one …
Good hosting providers cost money… fair enough… I’m trying to find a balance between price and service… but the current HP has proven that I’ve made a mistake in signing up with them…
Thanks heaps, mate!

Done, Thanks!

Hi Sandro…
I have no idea… but I’ll try to find out…

Possibly, but that’s somethig you need to check with your host. It might be best to pause Cloudflare altogether for now and make sure the site loads fine on HTTPS and only then unpause Cloudflare.

Thanks… will do