Does SSL for a subdomain require a paid plan?

Website, Application, Performance Security
1

Summary: I have a free Cloudflare account and am trying to set it up with domain.com and store.domain.com. I installed the Cloudflare origin certificate on the origin server. What I find is that this works for the root domain. However, when I navigate to the subdomain, I get “Error 526: Invalid SSL certificate.” Is this because a paid account is required for the subdomain?

NOTE: Due to Cloudflare stating that “new members cannot post more than 2 links” (which I was not doing - please fix this), I use the term “domain” to refer to the root domain. And I use the word “store” to refer to the subdomain.

More details: I added the A records for both domain and store in the DNS area of Cloudflare. I then created an origin SSL certificate and installed it on the origin server. Initially, I created one that only included *.domain and domain. (In my thinking, *.domain should cover store.) However, since I got the invalid SSL error, I revoked that and created a new certificate that includes *.domain, domain, and store. I then installed this on the origin server. I still get the same result.

Now I did all of this probably within the span of 30 minutes. Is there perhaps a wait time?

2

No, you wouldn’t need to pay anything to get this to work.

The wildcard cert would have been enough. But ‘store’ also works, though not as good an option as ‘*’.

As for the 526 error, it could be that the origin isn’t yet properly configured, or need the server process to be restarted/reloaded to pick up the new cert.

3

Hmm, thank you. It looks like there might be a problem because we’re using a custom domain name with Storenvy (basically a marketplace to sell things like Etsy). This is implemented by having the A record for store go to Storenvy’s IP address.

Just to test this out, I created a new subdomain, “test”, and added it to the Cloudflare DNS records. This works correctly, so it must have something to do with using Storenvy. Thanks for your help; I did not think to try this out until I read your reply.

1 Like
4

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.