Can't use AWS certificate manager with cloudflare

We are trying to add SSL to an elastic beanstalk endpoint for a subdomain of a domain with DNS on cloudflare, but we can’t get it verified.

It’s stuck in “pending validation”

we’ve confirmed the same settings/process works on google domains, but does not work on cloudflare

When looking at the NSlookup, the CNAME records look different from google’s.

You need to have SSL on your server first. Cloudflare won’t help here.

@sandro I think it’s because the CNAME we’re adding to cloudflare is “proxied” so amazon can’t see it?

Im looking at your other answer here:

The issue is cloudflare isn’t letting me add a CNAME record that isn’t proxied…

Does it currently work on HTTPS?

Does what currently work on HTTPS?

  • I have a elastic beanstalk server with an aws generated HTTP
  • I need to give it a custom domain with HTTPS
  • To do this, I need to use AWS cert manager
  • The cert manager wants me to confirm I own the domain, but adding a CNAME RECORD
  • Once I do that, I can create an HTTPS domain with cert manager, and apply it to the application load balancer

At least that’s my understanding. We have been able to do this with google domains… but not cloudflare

AWS can’t read the CNAME record. I’m guessing it’s because like you said in the other thread, it wont read it if the CNAME is proxie-- it needs to be “dns only”

The issue is I see no option to add a CNAME and make it DNS only

Your site, your server. That’s what I meant before, you need to configure that for HTTPS first.

I found how to change proxie to DNS only!

its bad UX but if you click the cloud, it’s actually a button that will show a dropdown.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.