HTTP Status Code 526 – Invalid SSL Certificate

HTTP Status Code 526 – Invalid SSL Certificate

The HTTP status code 526 indicates that the SSL certificate presented by the server is invalid. This status code is used by reverse proxy services like Cloudflare when the server provides an invalid SSL/TLS certificate.

Description

An SSL certificate is essential for establishing a secure connection between the client and the server. When a client attempts to access a server using HTTPS, the server is expected to present a valid SSL certificate. If the certificate is invalid due to reasons such as being expired, self-signed without proper trust, or not matching the domain, the server might respond with a 526 status code.

Examples

Example 1: Self-Signed Certificate

HTTP/1.1 526 Invalid SSL Certificate
Content-Type: text/html
Date: Wed, 25 Oct 2023 12:30:00 GMT
Connection: close

<html>
  <head><title>526 Invalid SSL Certificate</title></head>
  <body>
    <h1>Invalid SSL Certificate</h1>
    <p>The SSL certificate presented by the server was self-signed and could not be verified.</p>
  </body>
</html>

In this example, the server presents a self-signed SSL certificate without proper trust chain verification, leading to a 526 status code. This is common when a certificate has not been signed by a trusted Certificate Authority (CA).

Example 2: Expired SSL Certificate

HTTP/1.1 526 Invalid SSL Certificate
Content-Type: text/html
Date: Thu, 26 Oct 2023 14:30:00 GMT
Connection: close

<html>
  <head><title>526 Invalid SSL Certificate</title></head>
  <body>
    <h1>Invalid SSL Certificate</h1>
    <p>The SSL certificate presented by the server has expired. Please contact the server administrator.</p>
  </body>
</html>

In this scenario, the SSL certificate has expired, causing the server to return a 526 status code. Certificates need regular renewal to maintain a secure connection.

Example Scenario 3

# Client sends a request example.
GET /example HTTP/1.1
Host: www.example.com

# Server Response
HTTP/1.1 526 526 Invalid SSL Certificate
Date: Wed, 09 Oct 2024 23:14:02 GMT
Server: ExampleServer/1.0
Content-Type: application/json

{
    "error": "Description of the error for 526"
}

Example Scenario 4

# Client sends another example request.
POST /another-example HTTP/1.1
Host: www.example.com

# Server Response
HTTP/1.1 526 526 Invalid SSL Certificate
Date: Wed, 09 Oct 2024 23:14:02 GMT
Server: ExampleServer/1.0
Content-Type: application/json

{
    "error": "Detailed message for 526"
}

Summary

The 526 Invalid SSL Certificate status code highlights issues with the SSL/TLS certificate used by a server. It often occurs when using reverse proxy services and typically indicates problems such as self-signed, expired, or improperly configured certificates. Ensuring certificates are valid and properly configured is crucial for maintaining secure HTTPS connections.

I am the founder of SEO Leaders and have been involved in the internet and web development in one way or another for over 20 years. Since founding SEO Leaders some 6 years ago I have been heavily involved in web develepment, Digital PR and technical SEO for a wide variety of projects. I hope to enlighten you on a wide range of topics related to my chosen profession!

Back To Top