We run a Shopify store. Customers can access fine but gives users a ERR_CERT_COMMON_NAME_INVALID error message.

We’ve followed the Cloudflare/Shopify tutorial pretty closely but we selected Flexible instead of Full (Strict).

I’m just really confused how any of this is supposed to work. The www domain uses the * certificate; but how can that certificate work with the www domain? The Shopify certificate SAN does not list the www domain either (but this is probably expected).

The non-www domain works fine because it uses our own certificate. How are these certificates configured for each domain? Is it on Route 53/Cloudflare/Shopify?

PS: Had to replace the sites with the www domain/non-www domain due to the new user posting rule.

1 Like

Looks like Cloudflare is not involved whatsoever here (other than DNS). It’s likely shopify just forgot or misconfigured it to where a LetsEncrypt certificate wasn’t provisioned for the www.

If you’d like to redirect all www to non-www, you can turn on proxying for the www subdomain (click the :grey: grey cloud to turn it orange :orange:) then set up a page rule that targets* and set the rule to “forwarding url” → 302 →$1.
If you want both to work, or only www to work, you would need to take this up with shopify.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.