> ## Documentation Index
> Fetch the complete documentation index at: https://docs.osto.one/llms.txt
> Use this file to discover all available pages before exploring further.

# Troubleshooting Common Issues

> Solutions to common problems you may encounter with the Osto platform.

If you hit a problem, review these common issues and fixes before contacting support.

## Website not loading after onboarding

* **DNS configuration:** Confirm your domain's DNS points to Osto as directed during setup.
* **Certificate:** Verify a valid certificate is issued/assigned — either Osto-generated (CNAME added) or your uploaded one.
* **Firewall:** Ensure your origin server allows the connections Osto needs.
* **Policy conflicts:** Check your Website Protection policies aren't blocking legitimate traffic — try **Detect Mode** to confirm.
* **Propagation:** Clear your local DNS cache or allow time for DNS changes to propagate (up to 24 hours).

## Certificate not applying correctly

* **Use a ZIP archive:** Uploaded certificates must be a ZIP containing valid certificate files (`.crt`/`.pem`) and private-key files (`.key`/`.pem`).
* **Domain match:** Ensure the certificate's common name (CN) or subject alternative name (SAN) matches the domain you're securing.
* **Not expired:** Confirm the certificate is still valid.
* **Re-upload:** Re-upload the archive and re-assign it to the website.
* **Or auto-generate:** Let Osto issue the certificate by adding the provided CNAME record to your DNS instead.

## Security policies not applying

* **Correct assignment:** Confirm the policy is assigned to the right users, groups, or websites.
* **Saved:** Make sure you clicked **Save** after editing.
* **Priority/precedence:** For Secure Server Access, a higher-priority policy can override your rule — check for conflicts.

## Secure server connection issues

* **Installation script:** Confirm the generated script ran on the server without errors.
* **Connectivity:** Ensure the server can reach the Osto platform.
* **MFA & access:** Verify multi-factor authentication is satisfied and you're using the correct access for the connecting user.

## Scanner shows no results

* **Scan still running:** Web and app scans run asynchronously — results populate once the scan completes.
* **Right target:** Confirm you selected the correct domain (Web Scanner) or uploaded a supported build — `.apk` or `.ipa`, up to 100 MB (App Scanner).

## SAST isn't picking up repositories

* **Provider connected:** Confirm your GitHub, GitLab, or Bitbucket connection is active under **Code Security → SAST → Integrations** (use **Test**).
* **Repositories synced:** Use **Sync** to refresh the repository list, then start a scan from the Repositories or Scans tab.

***

<Tip>
  Still stuck? Contact your Osto representative at [connect@osto.one](mailto:connect@osto.one) or post in your shared support channel.
</Tip>
