Why is my A Record not working with cloudflare origin cert?

Website, Application, Performance DNS & Network
1

I have created an origin cert and set it up using nginx like…

server {
    # listen          80;

    listen  443 ssl;
    ssl_certificate /usr/src/secondave.pem;
    ssl_certificate_key /usr/src/secondave.key;
    server_name     ha.secondave.net;
    location / {
        proxy_pass          http://homeassistant:8123;
        proxy_set_header    Host    $host;
        proxy_set_header    X-Forward-For   $remote_addr;
    }
}

When I access via the IP I get the expected warning message about it being an insecure cert but it looks correct…

Screenshot 2022-12-05 225943
Screenshot 2022-12-05 225943906×510 13.7 KB

But when I try to access the actual subdomain it says the server is down. I have confirmed the A record looks correct and is pointed to the correct IP

What am I missing? It does look like it is hitting it enough to get the 302 because it ends on the authorize URL.

2

Here is the DNS

Screenshot 2022-12-05 230635
Screenshot 2022-12-05 2306351081×591 29.2 KB

3

Also I seem to be getting the following when trying to get https://vpn.secondave.net

SEC_ERROR_UNKNOWN_ISSUER

But the cert looks correct

Screenshot 2022-12-05 231638

4

You are getting the error because origin certificates are only valid between your server and Cloudflare. When you have a DNS record of :grey: it will fail.

2 Likes
5

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.