SSL/Edge Certificate

matt170 · July 18, 2024, 5:05pm

What is the name of the domain?

bushidoafrica.co.za

What is the error number?

N/A

What is the error message?

N/A

What is the issue you’re encountering

Site not reflecting with SSL

What steps have you taken to resolve the issue?

Hi everyone, I’ve been struggling for days to renew my universal SSL/Edge certificate as it would not let me proceed with the free/universal plan I was on so I have now opted to pay for the Advanced Certificate manager, issued a new certificate and still my domain is without an SSL/edge certificate. How do I rectify this? Even though I am now paying for additional service it appears contacting support is akin to flying to the moon.

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Full (strict)

What are the steps to reproduce the issue?

None

Screenshot of the error

sjr · July 18, 2024, 5:10pm

Your DNS records are not proxied so requests are going direct to your origin server…
https://cf.sjr.org.uk/tools/check?76f1658a3a59486eac299204a9962b41#dns

Your origin server SSL certificate expired 7 days ago so you need to get that renewed before enabling the Cloudlfare proxy and make sure your SSL/TLS setting is set to “Full (strict)” in your dashboard here…
https://dash.cloudflare.com/?to=/:account/:zone/ssl-tls

Once that is all done you can enable the proxy and have a fully secured setup.

matt170 · July 19, 2024, 8:25am

Hi there,

Thank you, I have now done this and am met with a new error ‘Invalid SSL certificate Error code 526’

How can I fix this? I have not managed to find a resolution through the community articles and links, they don’t explain how to fix this?

sjr · July 19, 2024, 8:27am

That means the SSL certificate on your origin is invalid.

Did you do this?

matt170 · July 19, 2024, 8:36am

Hi, yes, here is the new one.

matt170 · July 19, 2024, 8:39am

To also give you a full screenshot of what is going on in the edge certificate section.

sjr · July 19, 2024, 8:42am

That’s not the certificate your origin is presenting…

* Server certificate:
*  subject: CN=*.cloudwaysapps.com
*  start date: Apr  5 00:00:00 2024 GMT
*  expire date: May  6 23:59:59 2025 GMT
*  issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
*  SSL certificate verify result: self-signed certificate in certificate chain (19), continuing anyway.

matt170 · July 19, 2024, 8:46am

Do you know how I can rectify this? Should I just delete and revoke all certificates and create new ones?

sjr · July 19, 2024, 8:48am

If you are using the Cloudflare origin certificate, make sure you have downloaded and installed it correctly on your origin and reloaded/restarted the web server.

system · July 21, 2024, 8:48am

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Ssl edge certificate Security	6	1880	February 17, 2022
Edge certificates not issued on my domain and trying to enable universal fails Security	6	230	May 24, 2024
Edge Certificate was not updated Security	1	1799	June 11, 2022
Edge certificates are not being issued on my domain and trying to enable universal Security	3	245	May 10, 2024
No Edge Certificates on Website Security	3	2100	May 24, 2022