Well I can kick myself, as after many hours of renewing SSL certs, and changing how I created SSL certs, I just figured out what caused the SSL cert issues on my gadgeteer.co.za domain sites for the last 15 hours or so… And yes, of course I was ripping everything to pieces, rebooting stuff, etc. I did learn how to issue an Origin Server SSL cert though via CloudFlare, so maybe that was a plus!
What I noticed three times, was that in the DNS records, I found the IP address had changed to my private home IP address. I thought this had something to do with what I had been enabling or disabling, or with the pulling through of SSL cert files etc. But why my home address when I was doing all the work from the server side address?
So every time I thought I had fixed it and waited for DNS propagation, I found it broken.
And 10 minutes ago I realised I had done a test installation last night of Home Assistant in a docker container on my server at home, and of course I enabled every integration I could see, including a Cloudflare integration. I recalled giving it write access to the Cloudflare DNS. That integration had been picking up the home server IP address, and then changing the DNS records IP address to point to my home server instead of the VPS server. Yes I’d linked it to my gadgeteer.co.za domain intending to keep an eye on what was up or down etc. If it was linked to my other domain that points to the home server anyway, that would not have created an issue like this, or if it was read-only access. I did not realise that this HA integration was going to be doing that to the DNS.
So yes I broke it all myself, and I just hope now that with the Origin Server cert I’ve created, it all works OK and settles down now.
So apologies to anyone trying to access any of my gadgeteer.co.za sites. I did notice that Cloudflare was auto-serving the backup pages from The Wayback Machine, so it was interesting to see that in action.
#siteupdate