Invalid SSL certificate - even though I got a correct one

macmattias · October 22, 2021, 7:13am

So I decided to really dig into what the issue can be.
I stopped the VM with traefik on it, installed a new server, Ubuntu Server 20.04 and Nginx.
Local ip -> Welcome to Nginx.
domain.io -> 526 invalid SSL.
There, this is not Traefiks fault.
Checked Cloudflare, since there is where it begins, I "lowered" the SSL/TLS encryption to Full instead of Strict.
Then click Edge certificates and there I find a Universal certificate for my main domain, valid to 2022-05-20.
So one step forward, I now have a nginx running with a selfsigned certificate. And it answers on domain-calls with a Cloudflare certificate.

macmattias · October 22, 2021, 9:05am

So if I use this in my static file:

[certificatesResolvers.lets-encrypt.acme]
  email = "your_email@your_domain"
  storage = "acme.json"
  [certificatesResolvers.lets-encrypt.acme.tlsChallenge]

There is no issue with the certificates from Cloudflare?

macmattias · October 22, 2021, 12:56pm

So finally. I have it working. I took all the steps back and followed the digitalocean guide. That gave me a basic setup that is actually working!

So now I need to thank @kevdog and @jakubhajek for sticking with me and helping me. It means a lot to me that you did. I am so grateful! Thank you!

jakubhajek · October 22, 2021, 2:49pm

Hello @macmattias

Glad to hear that it is finally working. If you would like to document the steps and publish the entire configuration that will be very helpful for other community members. Thank you

macmattias · October 23, 2021, 6:35am

After all the issues, I decided to go back to step 1.
First step investigate the 526 error, since I suspected that wasn't Traefiks fault.
After shutting down all Traefik instances, I installed nginx on the server that was reciving the calls from the internet. As I suspected 526 was a Cloudflare error saying that it had no one to talk to on my side on port 443.
So I made a self signed certificate and configured nginx to talk on 443, and boom!
All was working as it should have been all the time.
I left it there for some hours to let it sink in.
After that I decided that digitaloceans guide was the one for me, set up a Ubuntu Server 20.04 and followed it to the letter.
Sure it is toml but that has to for now.

Topic		Replies	Views
Traefik SSL Let's Encrypt invalid certificate Traefik v2 (latest) docker , letsencrypt-acme	2	486	October 4, 2022
Bad certificate Traefik v2 (latest) docker , letsencrypt-acme	5	572	December 18, 2020
Invalid certificate generated by traefik Traefik v2 (latest) docker , letsencrypt-acme	6	2983	September 25, 2020
Invalid Let's Encrypt cert with Docker Traefik v2 (latest) docker , letsencrypt-acme	0	305	December 15, 2020
Traefik does not provide a valid certificate on my website Traefik v2 (latest) docker , letsencrypt-acme , cli	6	3093	August 8, 2022

Invalid SSL certificate - even though I got a correct one

Related Topics