Skip to main content
If you hit a problem, review these common issues and fixes before contacting support.

Website not loading after onboarding

  • DNS configuration: Confirm your domain’s DNS points to Osto as directed during setup.
  • Certificate: Verify a valid certificate is issued/assigned — either Osto-generated (CNAME added) or your uploaded one.
  • Firewall: Ensure your origin server allows the connections Osto needs.
  • Policy conflicts: Check your Website Protection policies aren’t blocking legitimate traffic — try Detect Mode to confirm.
  • Propagation: Clear your local DNS cache or allow time for DNS changes to propagate (up to 24 hours).

Certificate not applying correctly

  • Use a ZIP archive: Uploaded certificates must be a ZIP containing valid certificate files (.crt/.pem) and private-key files (.key/.pem).
  • Domain match: Ensure the certificate’s common name (CN) or subject alternative name (SAN) matches the domain you’re securing.
  • Not expired: Confirm the certificate is still valid.
  • Re-upload: Re-upload the archive and re-assign it to the website.
  • Or auto-generate: Let Osto issue the certificate by adding the provided CNAME record to your DNS instead.

Security policies not applying

  • Correct assignment: Confirm the policy is assigned to the right users, groups, or websites.
  • Saved: Make sure you clicked Save after editing.
  • Priority/precedence: For Secure Server Access, a higher-priority policy can override your rule — check for conflicts.

Secure server connection issues

  • Installation script: Confirm the generated script ran on the server without errors.
  • Connectivity: Ensure the server can reach the Osto platform.
  • MFA & access: Verify multi-factor authentication is satisfied and you’re using the correct access for the connecting user.

Scanner shows no results

  • Scan still running: Web and app scans run asynchronously — results populate once the scan completes.
  • Right target: Confirm you selected the correct domain (Web Scanner) or uploaded a supported build — .apk or .ipa, up to 100 MB (App Scanner).

SAST isn’t picking up repositories

  • Provider connected: Confirm your GitHub, GitLab, or Bitbucket connection is active under Code Security → SAST → Integrations (use Test).
  • Repositories synced: Use Sync to refresh the repository list, then start a scan from the Repositories or Scans tab.
Still stuck? Contact your Osto representative at connect@osto.one or post in your shared support channel.