I’ve been trying to install a Cloudflare Origin CA certificate for my website as custom domain as I use Cloudflare upfront on my domain name, however it just says it’s not PEM formatted OR it says it’s not the correct private key, and I don’t know why. I do choose the PEM format and these also work fine on a test Nginx instance I spinned up on my computer. I generate those from the web UI on the Cloudflare Dashboard though…
If you use Cloudflare on your domain, doesn’t it automatically generate a SSL and use it? As I’m seeing now, your website is loading over SSL provided by Cloudflare, so is there ahy specific reason why you need to setup the SSL in Netlify?
it should not matter whether I use DNSSEC or not, I don’t use Netlify DNS. I know what I’m saying, I used to have it on remy.codes with Cloudflare CDN + DNS and Netlify before
the DNSSEC will only be relevant for the visitors but in no case it applies between Cloudflare’s Edge servers trying to connect upstream on the Netlify website.
And I do want to put Cloudflare’s CDN on top.
I can confirm. We have the same issue for Cloudflare Origin Certificate. For one of our projects it works fine to set up the custom cert. But for all other projects it says repeatedly “Private key did not match certificate” which is definitely not the case.
I just tried to use the safer CSR generation method to obtain a Cloudflare Origin CA certificate, but no success here either. Netlify simply doesn’t want to install the certificate.
“Private key did not match the certificate”.