samsausages Posted February 21, 2023 Share Posted February 21, 2023 I use Cloudflare and have a wildcard certificate that is tied to my domain name. I would like to use this with unraid, but am experiencing issues importing the cert. When I add the certificate to /boot/config/ssl/certs/hostname_unraid_bundle.pem and navigate to the server in the browser, I get an ERR_CERT_AUTHORITY_INVALID error. Inspecting the Cert does show the custom cert in the browser. I can see it in the /Settings/ManagementAccess page, but it also says: "CA-signed certificate file: Not present" I found the directions in the wiki, but they are lacking information on how the /boot/config/ssl/certs/hostname_unraid_bundle.pem file should be structured. I get separate Certificate, Key & CA files from Cloudflare and I need to combine them into the _unraid_bundle.pem Also, cloudflare gives me certificates for "Edge", "Origin" and "Client", I'm using the "Origin" certificate. hostname_unraid_bundle.pem I made: -----BEGIN CERTIFICATE----- Origin Certificate -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- Origin CA certificate (RSA PEM) -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- Origin Certificate Private Key -----END PRIVATE KEY----- So, am I overlooking something? Formatting the bundle.pem file wrong? Using the wrong Cloudflare Cert? Thanks for the help! Sam Quote Link to comment
Drank6362 Posted September 3, 2023 Share Posted September 3, 2023 Hi, did you ever get this resolved? I am having the same problem. Quote Link to comment
samsausages Posted September 4, 2023 Author Share Posted September 4, 2023 (edited) On 9/3/2023 at 2:51 AM, Drank6362 said: Hi, did you ever get this resolved? I am having the same problem. I did get it working, but I'm not using the cloudflare cert. I'm using a letsencrypt certificate. I use ACME on pfsense to automatically generate it, then I use RSYNC once a month to copy that to my unraid server. (Could also have it generated on your server using various methods) From there I have the certs installed on unraid using this script I made: https://github.com/samssausages/unraid-install-sslcert/tree/main If you don't end up using unraid-install-sslcert.sh I made, you should still get some ideas from it as far as where they need to copied to and how they need to be named. Edited September 4, 2023 by samsausages Quote Link to comment
Mainfrezzer Posted September 4, 2023 Share Posted September 4, 2023 In case anyone stumbles upon it later on: The Cloudflare certificates only work for Cloudflare services. Theyre not "real" certificates. They only work between your service and the servers of cloudflare. ZeroSSL or LetsEncrypt are the way to go. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.