Can't Disable SSL on Sub Domain

Hi, i have setup a CNAME entry “DNS only” but when i get preview i get security error for example check this link http://1ef6fa-572e6.preview.reck.app browser automatically change http to https, note that i have disabled force https and also i tried to setup rule *.preview.reck.app/* SSL: Off but no use … can anyone tell me how to fix this issue … in short i don’t want to use SSL on whatever.preview.reck.app hope you get my point.

I am on team ‘Encrypt All The Things’, so it safe to assume my recomendation is to enable SSL support that origin. That said, you are going to need to disable HSTS on your subdomains, and wait for it to age out.

From the message displayed by the browser when visiting the URL you shared:

You cannot visit 1ef6fa-572e6.preview.reck.app right now because the website uses HSTS

Thanks for your reply but HSTS is already disabled on the domain and i never enabled before …

You may not have HSTS enabled in Cloudflare, but the domain definitely has HSTS enabled.

1ef6fa-572e6.preview.reck.app, preview.reck.app and reck.app are currently preloaded. That means they are on the list of sites that are hardcoded into Chrome as being HTTPS only.

https://hstspreload.org/?domain=preview.reck.app

Even if you are able to update the HSTS preload status of the domain, it will still take time to reach the browsers. Your best move is going to be to put a valid cert for your hostname on that server and kick the plain HTTP to the curb.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.