Domain Forwarding Issue

Website, Application, Performance
1

Hi,

I have two domains (DNS in Cloudflare) . One is a primary website xyz dot com hosted in GoDaddy servers. The secondary domain abc dot com (DNS in Cloudflare) and do not have any servers or website.

I’ve forwarded my second domain to primary domain xyz dot com using page rules.

However, I’ve come across an issue with the ‘https request’ . Upon visiting secondary domain it throws error - This site can’t provide a secure connection.

But with http request, the site forwards to primary domain.

How do I fix this?

4

Can you provide the 2 domain names?

If they aren’t proxied by Cloudflare then the page rules won’t do anything and if the DNS for abc.com points at xyz.com, the message probably means the origin certificate doesn’t cover xyz.com. But could be a mix of things so the domain names would help narrow it down.

5

Primary Domain - scalans dot com
Secondary Domain - scalanlabs dot com

6

Assuming you have the usual setup, you can try to turn off Universal SSL for scalanlabs.com, wait a while, then turn it back on again.

Certificates were issued for the domain but Cloudflare isn’t responding with one. Turning it off and on again may fix it.

7

Ok. I have turned off the SSL

Screenshot 2023-11-13 082353
Screenshot 2023-11-13 0823531177×719 35.1 KB

Do note that SSL, Client, Edge or Origin Certificates are not created for secondary domain as I do not have hosting for second domain.

8

No, don’t turn it off there, that needs to be set to Full (strict).

You need to turn it off and on here… “disable universal ssl”

https://dash.cloudflare.com/?to=/:account/:zone/ssl-tls/edge-certificates

Screenshot 2023-11-13 at 14.39.37
Screenshot 2023-11-13 at 14.39.372668×813 206 KB

1 Like
9

Made it FullStrict and Disabled Universal SSL as well.

Issue persists with https request but works with http request .

10

Now re-enable the universal SSL.

1 Like
11

Re-enabled. Appears to have the issue. Can you check once please?

12

I’m not getting any answers to a query for that hostname.

https://toolbox.googleapps.com/apps/dig/#A/scalanlabs.com

13

That is strange. mxtoolbox shows records

14

It’s resolving for me, but not on any of the usual resolvers. Looks like a DNSSEC issue. Whois shows domain was updated yesterday.

@iSaacm, did you change your nameservers yesterday? You may need to turn off DNSSEC at Godaddy.

dig scalanlabs.com @1.1.1.1

; <<>> DiG 9.18.19 <<>> scalanlabs.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 26639
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; EDE: 9 (DNSKEY Missing): (no SEP matching the DS found for scalanlabs.com.)
;; QUESTION SECTION:
;scalanlabs.com.			IN	A

;; Query time: 9 msec
;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
;; WHEN: Mon Nov 13 15:54:51 UTC 2023
;; MSG SIZE  rcvd: 97
15

That it does.

https://dnsviz.net/d/scalanlabs.com/dnssec/

Or turn it on at Cloudflare and update the values at GoDaddy to match those provided by Cloudflare.

16

The DNS was moved from GoDaddy to CLoudflare yesterday.

I have enabled DNSSEC in Cloudflare and added the DS records on GoDaddy.

Should I wait for sometime to reflect all the changes I’ve made in last couple of hours.?

1 Like
17

You are looking good on the DNSViz results, the Google dig tool, and the DNS Hero app on my mobile. Anywhere else that wasn’t resolving earlier should be soon if not already.

18

Guess it’s all set.

Thank you so much for your assistance.

1 Like