Domain Forwarding Issue


I have two domains (DNS in Cloudflare) . One is a primary website xyz dot com hosted in GoDaddy servers. The secondary domain abc dot com (DNS in Cloudflare) and do not have any servers or website.

I’ve forwarded my second domain to primary domain xyz dot com using page rules.

However, I’ve come across an issue with the ‘https request’ . Upon visiting secondary domain it throws error - This site can’t provide a secure connection.

But with http request, the site forwards to primary domain.

How do I fix this?

Can you provide the 2 domain names?

If they aren’t proxied by Cloudflare then the page rules won’t do anything and if the DNS for points at, the message probably means the origin certificate doesn’t cover But could be a mix of things so the domain names would help narrow it down.

Primary Domain - scalans dot com
Secondary Domain - scalanlabs dot com

Assuming you have the usual setup, you can try to turn off Universal SSL for, wait a while, then turn it back on again.

Certificates were issued for the domain but Cloudflare isn’t responding with one. Turning it off and on again may fix it.

Ok. I have turned off the SSL

Do note that SSL, Client, Edge or Origin Certificates are not created for secondary domain as I do not have hosting for second domain.

No, don’t turn it off there, that needs to be set to Full (strict).

You need to turn it off and on here… “disable universal ssl”

1 Like

Made it FullStrict and Disabled Universal SSL as well.

Issue persists with https request but works with http request .

Now re-enable the universal SSL.

1 Like

Re-enabled. Appears to have the issue. Can you check once please?

I’m not getting any answers to a query for that hostname.

That is strange. mxtoolbox shows records

It’s resolving for me, but not on any of the usual resolvers. Looks like a DNSSEC issue. Whois shows domain was updated yesterday.

@iSaacm, did you change your nameservers yesterday? You may need to turn off DNSSEC at Godaddy.

dig @

; <<>> DiG 9.18.19 <<>> @
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 26639
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 1232
; EDE: 9 (DNSKEY Missing): (no SEP matching the DS found for
;			IN	A

;; Query time: 9 msec
;; WHEN: Mon Nov 13 15:54:51 UTC 2023
;; MSG SIZE  rcvd: 97

That it does.

Or turn it on at Cloudflare and update the values at GoDaddy to match those provided by Cloudflare.

The DNS was moved from GoDaddy to CLoudflare yesterday.

I have enabled DNSSEC in Cloudflare and added the DS records on GoDaddy.

Should I wait for sometime to reflect all the changes I’ve made in last couple of hours.?

1 Like

You are looking good on the DNSViz results, the Google dig tool, and the DNS Hero app on my mobile. Anywhere else that wasn’t resolving earlier should be soon if not already.

Guess it’s all set.

Thank you so much for your assistance.

1 Like