Cloudflare Nameserver only for subdomain specified

Hi, I am setting up a subdomain with cloudflare for https to https. I initially set up the A & CName with my registrar Name Cheap for the custom subdomain, but it made the secure subdomain tanya-owens.pixels.com insecure when it pointed to fineart.tanyaowens.com. So, I set up two NS for Cloudflare on Name Cheap and deleted the CName for fineart. And added the fineart CName to Cloudflare and left the A for fineart at Name Cheap because Cloudflare said it was a duplicate. However, fineart.tanyaowens.com is still not secure.

I do not want the root domain proxied by cloudflare just the subdomain fineart. The root domain and other subdomains and eMail are hosted by different hosts. They are secure already. I only need the ssl for fineart.

Should I be doing something differently?
How can I make this work so that fineart.tanyaowens.com has https?

Any site should be working with HTTPS before you add it to Cloudflare. If it’s a custom (sub)domain somewhere, they should be able to provision a certificate for that hostname.

Which subdomain the pixels subdomain tanya-owens dot pixels dot com or the fineart dot tanyaowens dot com subdomain? The pixels.com site is already provisioned. I am just pointing to it. When I check both urls in SSL checker there is a mismatch:
The SSL Checker for fineart.tanyaowens.com - There are 2 issues: 1. Hostname doesn’t match common name or/and SANs & 2. chain issues: the order of certificates is invalid or certificates cannot build certification path.

This is the SSL Checker for tanya-owens.pixels.com - There are no issues
https://decoder.link/sslchecker/tanya-owens.pixels.com/443

Support from the pixels site instructs us to set up a cloudflare account. But that did not resolve the https issue.
I am at a loss as to what I should do next.

This is the root cause. If Pixels is going to let you alias to them, they also need to provide a valid SSL certificate. As I look at the results of that SSL checker, it shows many other custom hostnames. Just not yours.

Thanks. Yeah, I figured something funky was going on. When I look at https://decoder.link/sslchecker/tanya-owens.pixels.com/443 everything is fine. I don’t know why when I followed their steps to point my custom subdomain to this pixels subdomain it resolves differently. I’ve not had this issue with any other subdomain that I have used a custom domain with.

Thanks for your help. I’ll circle back with FAA/Pixels.

1 Like

That’s because they issued an SSL certificate for their “tanya-owens” subdomain, not your “fineart” subdomain under your domain.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.