Can't configure let's encrypt with Cloudflare subdomain

I have a WordPress website hosted by HostGator and I want a subdomain of it to redirect to my Application server. The problem is that after adding the subdomain (type “A” in the dns list I get a 521 error. After reading troubleshoot, the probable cause is the SSL configs, since the server is nare NGINX + Node.js hello world without ssl configs and typing its IP in the browser it answers. The Cloudflare troubleshoot docs tells to configure a CA origin and I would need to pay annually to DigiCert, but I want it free using let’s encrypt. I couldn’t configure let’s encrypt, it returns this error (I faked the address for this post)

   Domain: www.aaa.bbb.ccc
   Type:   None
   Detail: DNS problem: NXDOMAIN looking up A for www.aaa.bbb.ccc -
   check that a DNS record exists for this domain; DNS problem:
   NXDOMAIN looking up AAAA for www.aaa.bbb.ccc - check that a DNS
   record exists for this domain

says that hostgator gives free SSL certificates for wordpress customers,

do you have a wordpress package or do you have a server that you can connect to via terminal / ssh?

That’s a good start. How about http://www.aaa.bbb.ccc in your browser, does that work?

I have both. An institutional site, using Wordpress/hostgator (ssl working ok - the bbb.ccc), and a AWS server that I want to add ssl (url: aaa.bbb.ccc)

No, I get the 521 error

@contact.prali

Did you troubleshoot using this #CommunityTip

None of these solutions seems to be related to the problem. The webserver is up, since when typing the ip of my application (the elastic IP from AWS) in browser it works. I set up port 443 and 80 as allowed both in AWS security groups and in my server (using ufw), and I didn’t block any ip

The webserver responding on the IP is a good start, but it also needs to be correctly configured to respond to the hostname.

One way to test is to set that hostname to DNS only :grey:, wait 5 minutes, then see if the hostname works. If not, the problem is on your webserver (as Cloudflare is no longer involved). If the hostname still works then it could be something in the Cloudflare configuration (or it could still be the other issues listed in the link above such as the webserver refusing connections from Cloudflare).