526 Invalid SSL Certificate
526
Invalid SSL Certificate
Example HTTP Response
HTTP Response
HTTP/1.1 526 Invalid SSL Certificate
Server: cloudflare
Content-Type: text/html
<html><body>Invalid SSL certificate</body></html>Common Causes
- Origin SSL certificate is expired
- Origin uses self-signed certificate with Full (Strict) mode
- Certificate Common Name/SAN doesn't match hostname
- Certificate chain is incomplete or broken
- Certificate was revoked
- Certificate signed by untrusted CA
- Cloudflare SSL/TLS mode set to Full (Strict) inappropriately
Technical Details
What does this mean?
Your credentials are bogus! Cloudflare checked your origin's SSL certificate and it's either fake, expired, or signed by someone sketchy. No secure connection for you!
Technical Definition
Cloudflare could not validate the SSL certificate on the origin server when in Full (Strict) SSL mode.
Code Snippets
Ready-to-use code for returning this HTTP status in your application:
Node.js
// Express.js
app.get('/example', (req, res) => {
res.status(526).json({
error: 'Invalid SSL Certificate',
message: 'Your error message here'
});
});
// Native HTTP
const http = require('http');
http.createServer((req, res) => {
res.writeHead(526, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({
error: 'Invalid SSL Certificate',
message: 'Your error message here'
}));
}).listen(3000);Related Status Codes
526 Invalid SSL Certificate FAQ
What causes a 526 Invalid SSL Certificate error?
Origin SSL certificate is expired. Origin uses self-signed certificate with Full (Strict) mode. Certificate Common Name/SAN doesn't match hostname. Certificate chain is incomplete or broken. Certificate was revoked. Certificate signed by untrusted CA. Cloudflare SSL/TLS mode set to Full (Strict) inappropriately.