Transfered domain from google to cloudflare and now getting 526 error

alensubasic · August 25, 2023, 3:16am

I was using Google Domains for years until they announced that they were killing that service also.

After the domain transfer I noticed 502 errors, so I revoked and created a new origin certificate thinking that might solve the issue. It did not.

Now I am getting 526 Invalid SSL certificate errors.

I am using Nginx Proxy Manager on UnRaid.

anon9246926 · August 25, 2023, 3:32am

Have you read over the thread linked above ?

alensubasic · August 25, 2023, 1:49pm

Yes I have and I ran the curl command and got this:

* Added subasically.me:443:173.215.80.121 to DNS cache
* Hostname subasically.me was found in DNS cache
*   Trying 173.215.80.121:443...
* Connected to subasically.me (173.215.80.121) port 443 (#0)
* ALPN: offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
} [319 bytes data]
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (IN), TLS handshake, Server hello (2):
{ [88 bytes data]
* (304) (OUT), TLS handshake, Client hello (1):
} [384 bytes data]
* (304) (IN), TLS handshake, Server hello (2):
{ [187 bytes data]
* (304) (IN), TLS handshake, Unknown (8):
{ [19 bytes data]
* (304) (IN), TLS handshake, Certificate (11):
{ [837 bytes data]
* SSL certificate problem: self signed certificate
* Closing connection 0

alensubasic · August 25, 2023, 2:18pm

I figured out my issue, NPM wasn’t using ports 80 and 443.

Once I set up the correct port forwarding to the correct ports on my router it started working again.

curl -svo /dev/null --resolve subasically.me:443:173.215.80.121 https://subasically.me

* Added subasically.me:443:173.215.80.121 to DNS cache
* Hostname subasically.me was found in DNS cache
*   Trying 173.215.80.121:443...
* Connected to subasically.me (173.215.80.121) port 443 (#0)
* ALPN: offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
} [319 bytes data]
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* (304) (IN), TLS handshake, Unknown (8):
{ [19 bytes data]
* (304) (IN), TLS handshake, Certificate (11):
{ [2430 bytes data]
* (304) (IN), TLS handshake, CERT verify (15):
{ [110 bytes data]
* (304) (IN), TLS handshake, Finished (20):
{ [36 bytes data]
* (304) (OUT), TLS handshake, Finished (20):
} [36 bytes data]
* SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=subasically.me
*  start date: Jul  6 20:17:27 2023 GMT
*  expire date: Oct  4 20:17:26 2023 GMT
*  subjectAltName: host "subasically.me" matched cert's "subasically.me"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* using HTTP/2
* h2 [:method: GET]
* h2 [:scheme: https]
* h2 [:authority: subasically.me]
* h2 [:path: /]
* h2 [user-agent: curl/8.1.2]
* h2 [accept: */*]
* Using Stream ID: 1 (easy handle 0x149810400)
> GET / HTTP/2
> Host: subasically.me
> User-Agent: curl/8.1.2
> Accept: */*
> 
< HTTP/2 200 
< server: openresty
< date: Fri, 25 Aug 2023 14:17:05 GMT
< content-type: text/html; charset=utf-8
< content-length: 11491
< x-powered-by: Express
< cache-control: public, max-age=0
< etag: W/"2ce3-nQqxkELf2310A56RH5aweEYls2E"
< vary: Accept-Encoding
< x-served-by: subasically.me
< 
{ [11491 bytes data]
* Connection #0 to host subasically.me left intact

system · August 28, 2023, 2:19pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.