I purchased both the domain name and SSL from GoDaddy and have properly setup. Recently I change to Cloudflare’s DNS to take advantage of the CDN. So certainly I must turn on the proxy on Cloudflare. When I was trying to verify a domain in order to provide Apple Pay on my website, it showed the error message:
“Domain verification failed. Review your TLS Certificate configuration to confirm that the certificate is accessible and a supported TLS Cipher Suite is used.”
Then I turned off the proxy on Cloudflare and verified again, it was successful. Although the status is now “verified” I’m afraid that if I turn on the proxy again will result in failure when paying via Apple Pay on my website.
What could I do if I hope to provide Apple Pay on my website and also hope to use Cloudflare’s proxy?
Hi - i am also trying to fix this problem - i read on a forum here that you had to buy a dedicated SSL certificate for $10/mon now which i did, but verification is still failed as I’m not sure how to set up the cipher suites to mach up. did you have to do that as well?
I guess you refer to this topic this topic. I was not sure how it could be done after changing to the $10/mon pro plan so I had not taken action accordingly. Besides I reviewed the pro plan, but I did not see anything relating to cipher included in the additional features (maybe it does include that feature but just not highlighted). I raised this topic in order to make sure that there is a solution for Apple Pay and CF’s proxy to be compatible. If not, I will consider not to continue adding Apple Pay to my website for now.
Thank you for joining this discussion, hope we can find the solution soon.
Hi thanks for your response, yes i saw in that thread and a previous one of someone who had just bought the pro SSL certificate and it worked fine for them. Could you link back to here if you get a response on it? thanks
Certainly I will get back here if I find the solution or workaround. I am considering to file a support ticket about this issue, but not sure whether it is helpful. You can do the same too and, since you have the pro plan, you may expect to get a quick response. I do not know yet how to file a ticket but I find it is instructed here.
Hi,
I checked the SSL grade via Qualys SSL Labs, and the result is “Grade B”, and that is what CF’s free plan provides. I read in other forum that it is required to have Grade A+ to us Apple Pay on Web, but I am not sure if that is true since I did not see this prerequisite in Apple’s official document. However it might be helpful to test the grade of the pro plan SSL if you’ve got one.
Hi,
two weeks ago I raised the question about Apple Pay domain verification. Now I have the payment feature implemented successfully on our website and it works. The most important thing to share is that you have to turn off the CF’s proxy while doing domain verification on apple developer’s back stage. But then you can turn CF’s proxy back on, Apple pay can work normally through CF’s proxy.
Just to share the result I found, however I do not understand the detailed mechanism. Hope this helps those who have the same concern.