Installing from the GitHub source ZIP on a Cyberpanel installation with Litespeed. Usually a simple case of pointing the vHost Conf to the public directory.
I’ve applied my CloudFlare SSL cert & key to CyberPanel, and this works when pointing to the old " public_html" folder. Just as soon as I point it to the InvoiceNinja/public folder I’m met with a “Invalid SSL certificate Error code 526” message.
Any clues?
Not to be insulting, I’m only asking because I’ve done this before. Does the certificate name match your Apache2 or nginx config? Does the certificate match what you have in your .env file?
Oh I had no idea that the cert was required in the .env. Quite used to Symfony but cant say I saw it. Taking a look now.
Can’t say i see a cert param in the .env - cert is definitely right when the directory is not set to /public
No, there is no cert parameter in there. It’s just making sure the URL you have in your .env matches your cert.
The most common reasons for a 526 certificate error are as follows:
There are other possible causes, but they are far less common, albeit not unheard of. Additionally, if you’re using Cloudflare in strict mode, that is also known for causing problems, even if the certificate is issued by them.
Even Cloudflare help staff say the 3 most common reasons are number 2 and 3 above or using their own services in strict mode.
You shouldn’t need to point the cert to the public folder. Can you please share what your Apache2 or nginx config look like?
The “Invalid SSL certificate Error code 526” occurs when Cloudflare cannot validate the SSL certificate on your server, usually due to Cloudflare’s SSL mode being set to Full (strict). To resolve this, ensure that your SSL certificate on CyberPanel is correctly installed and matches the domain, especially for the InvoiceNinja/public directory. Consider setting Cloudflare’s SSL mode to “Full” instead of Full (strict) to bypass strict validation requirements. Also, check the vHost configuration, clear caches, and ensure there are no redirects or mixed content issues. If problems persist, consider using a 1win Cloudflare Origin CA certificate for compatibility.