My web server is an AWS EC2 instance behind a network load balancer (ELB). I’m managing my DNS using cloudflare.
- “Always used HTTPS” setting turned on.
- The ELB on AWS is configured to listen on port 443 using another wildcard certificate (
*.development.mydomain.com), issued by AWS
- The CNAME records on Cloudflare DNS have been updated
The URL I’m trying to reach is a second level subdomain
- I can reach
https://myapp.development.mydomain.combut I get no response when I try to reach
http://myapp.development.mydomain.com. With always use HTTPS, shouldn’t the http be automatically redirected as https by cloudflare?
Cloudflare’s diagnostic test
Check if redirecting unencrypted HTTP traffic works fails with the message
Your request failed because the web server did not respond.
When I use the
https://myapp.development.mydomain.comsite and look at the certificate issuer, it is AWS. I would have expected it to be cloudflare. Am I doing something wrong here?
The Universal certificate is only valid for 1 level of the subdomain. However I do see a secure icon despite the fact that I have not ordered an Advanced Certificate. Does this mean that I may have a security hole, since the documentation states:
Blockquote Universal SSL certificates only support SSL for the root or first-level subdomains such as example.com and www.example.com . To enable SSL support on second, third, and fourth level subdomains such as dev.www.example.com or app3.dev.www.example.com , you can:
Hoping someone can help me address these.