[wp-trac] [WordPress Trac] #52614: Cloudflare Root Certificate Missing
WordPress Trac
noreply at wordpress.org
Wed Mar 17 15:28:23 UTC 2021
#52614: Cloudflare Root Certificate Missing
-------------------------------------+------------------------------
Reporter: thesimarchitect | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version:
Severity: minor | Resolution:
Keywords: reporter-feedback close | Focuses:
-------------------------------------+------------------------------
Changes (by desrosj):
* keywords: close => reporter-feedback close
Comment:
@thesimarchitect So it looks like the certificate you specified above is
actually the [https://developers.cloudflare.com/ssl/origin-configuration
/origin-ca origin certificate] for Cloudflare, not the root one.
I believe that this certificate is meant for the connection TO the
Cloudflare server, and not from the Cloudflare server to the actual
website server.
A few questions:
- If you do not add this certificate to the `ca-bundle.crt` file, does the
site work normally for users? Is the only error encountered within Site
Health when the loop back is attempted?
- Is your site in orange cloud mode (passing through Cloudflare)? Or grey
cloud mode (traffic not passing through Cloudflare)?
If the site works normally without updating the cert file and you are in
orange cloud mode, it's possible (maybe) that something is configured at
the hosting level to intercept traffic targeted to the same site before it
is sent out and reroutes it back to the site for a faster connection. This
would result in the certificate (intended for use only between a user and
Cloudflare) not being valid.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/52614#comment:9>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list