1) The SSL certificate visible to visitors, which will be encrypting information between the visitor and CloudFlare is issued by CloudFlare itself. If you see a security warning in your browser (note, NOT an error 526) relating to the SSL certificate while CloudFlare is in place then you should contact their support.
2) The certificate on your site will encrypt connections between your site and CloudFlare
Your SSL certificate on your site is issued by Let's Encrypt (unless you have installed a third-party certificate) and is valid for 90 days. After this time, it will automatically renew itself.
Occasionally, CloudFlare can cause issues in that the system is unable to verify that your domain resolves to your actual site. As a result, certificates can sometimes fail to be renewed, and in such a case you may see this "526" error.
To avoid this, please follow the following steps:
- Log in to your CloudFlare account
- Click on your site
- Click on the "Crypto" tab
- At the top, the first option, change the "SSL" setting to "Full" (note, do not select "Flexible" or "Full (Strict)".
