Trying to get the orgin cert.from cloudflare during the menu option 22 setup and I get this error Code: --2021-06-12 20:12:50-- https://support.cloudflare.com/hc/en-us/article_attachments/360044928032/origin-pull-ca.pem Resolving support.cloudflare.com... 104.18.6.251, 104.18.7.251 Connecting to support.cloudflare.com|104.18.6.251|:443... connected. HTTP request sent, awaiting response... 404 Not Found 2021-06-12 20:12:50 ERROR 404: Not Found. I created an orgin cert. in cloudflare which is actually at PEM file. Would I just paste the orgin certificate from cloudflare in the orgin.crt located at on the server then change the cloudflare SSL setting from Full to Strict?
Hmm looks like download url changed yet again - wish they'd use a persistent URL for the download! You don't create that one. Now docs at https://developers.cloudflare.com/ssl/origin-configuration/origin-ca do have confusing terminology as that article actually is discussing 2 types, one custom created Origin Certificates and not the Origin CA certificates setup and that differs from the original CF Origin Pull Certificates mentioned at https://developers.cloudflare.com/ssl/origin-configuration/authenticated-origin-pull in Zone-Level — Cloudflare certificates section Also if you copy and paste from that dev doc the cert contents, it ends up formatted incorrectly too Code (Text): openssl x509 -noout -text < cf-origin-ca.pem unable to load certificate 139894394582928:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:707:Expecting: TRUSTED CERTIFICATE The doc title should really be Managing Origin certificates minus Cloudflare CA term to differentiate it from the original CF Origin Pull CA certificate at https://developers.cloudflare.com/ssl/origin-configuration/authenticated-origin-pull in Zone-Level — Cloudflare certificates section. For now, you can download to /usr/local/nginx/conf/ssl/cloudflare/mydomain.com the temp created URL I did for CF Origin Pull CA certificate with the correct format at https://gist.githubusercontent.com/centminmod/020e3580eb03f1c36ced83b94fe4e1c5/raw/origin.crt change mydomain.com to your domain name for Centmin Mod Nginx vhost Code (Text): domain=mydomain.com wget -O /usr/local/nginx/conf/ssl/cloudflare/$domain/origin.crt https://gist.githubusercontent.com/centminmod/020e3580eb03f1c36ced83b94fe4e1c5/raw/origin.crt
Thanks for reporting the bug. I've updated Centmin Mod 123.09beta01 with the temp URL fix for now so running cmupdate should update folk's installs