Synology Cloudflare Origin Cert and Edge Issue

Everything was working and properly installed. Added the Origin Certificates on my Synology NAS.
I have subdomains setup at Cloudflare and proxied.
The origin Cert is valid:
Expires on: Nov 28, 2036
Current date: Mar 3, 2022
Since 02/29 I am having issues accessing my sub domains.
NET::ERR_CERT_AUTHORITY_INVALID
Expanding it it is referencing my Origin Cert.
Not entirely sure what happened.
But I either missed it or there is now an EDGE Cert added from Let’s Encrypt at Cloudflare. I haven’t seen this before. Is this possibly throwing it off ? I am not able to remove it.
I don’t really know where to start.
Any pointer is appreciated.

It shouldn’t have. The error message you receive indicates that the certificate is not signed by a trusted certificate authority and that’s actually true. Origin certificates are not trusted by browsers and will only work in a proxied context. Maybe you unproxied the record in question, so check if it is :orange:.

1 Like

I appreciate the quick reply. All entries are proxied.
The strange thing is I haven’t changed anything in months. It just started happening.
The Cert is a Cloudflare Origin Cert, issued by Cloudflare Origin SSL Certificate Authority.
Any additional ideas ? Would creating a new Origin Cert through Cloudflare make a difference ?

Maybe check which IP address you actually resolve.

Do you feel comfortable sharing the hostname here?

1 Like

I can share it personally.
But when I ping the one set of subdomains that work they show a different ip from the ones that don’t work … All subdomains have the same target and handled by the NAS. Both IP’s are Cloudflare IP’s, proxied IPs …

In that case you’ll have a DNS propagation issue. Maybe clear your DNS cache or switch to another resolver.

@sandro Thank you, it turned out to be a switch issue !

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.