Different SSL certificate for not proxied subdomain

I use full encryption mode for main domain and two subdomains (cert was generated in CF for main domain and two subdomains - not wildcard). No I’d like to serve subdomain with different cert (from server) bypassing CF proxy (grey icon). On server subdomain is configured with correct cert. Whenever I try reach this third not proxied subdomain I see SSL error related to main domain cert from CF

NET::ERR_CERT_AUTHORITY_INVALID

Url - https://testproxy.actionintegration.net/

On the server everything is configured correctly. It looks like CF still do proxy even though it’s turned off i panel.

Any suggestions?

Best regards

That subdomain is using a Cloudlfare Origin Certificate. When you use these, that hostname needs to be proxied by Cloudflare, as it’s not a publicly recognized certificate.

Is there any way to serve not proxied subdomain (with proxied www and other subdomains) via https?

There sure is. Put a valid certificate on your server for that subdomain.

We misunderstood each other. I meant I put on the server certificate different than CF for that not proxied subdomain (let’s encrypt) but it still is related to CF one

I solved the problem. CF origin cerificate still persisted on my server even after deletion in mmc -> certs.

cmd -> netsh http show sslcert
showed that removed CF cert was still bound to public IP and port 443.

cmd -> netsh http delete sslcert ipport=

Solved the problem and now not proxied sub domain has https configured on server

This topic was automatically closed after 30 days. New replies are no longer allowed.