Err_name_not_resolved for subdomain

Hi,

I am really lost in SSL and DNS Settings.

Currently I am using DNS Services from Cloudflare for my domain ortega-it.com
Everything seems to be working well, however I created a subdomain that is pointing to my local network.

DDNS is working fine, the A record is updated with the correct IP - and the IP itself is reachable.

However I now created an origin certificate that I also deployed to my local server and turned on Full(Strict) SSL Encryption mode, Universal SSL as well as , always redirect to HTTPS.

The universal cert is pointing to *.ortega-it.com, ortega-it.com
The origin cert is pointing to the subdomain only, since I have a bought one for the ortega-it domain.

The main domain is answering and working, but the subdomain returns a timeout on my local network - and an err_name_not_resolved error using the global network.

What am I doing wrong :frowning:
I tried all kind of possibilities and the only one working was to turn off the cloudflare proxy for this domain.

nslookup displays the same address results as for the main domain.

Help…

Did your site work fine on HTTPS before you added it to Cloudflare?

1 Like

Hi yea if i turn off cloudflare proxy (dns only = true) for this subdomain, it works.

Then ssl is showing “Cloudflare Origin Certificate is not trusted” , but the page appears.
(NET::ERR_CERT_AUTHORITY_INVALID)

but that makes sense to me, because the origin certificate must be only known between cloudflare and my server I guess…

That’s right, an Origin certificate will only be trusted by Cloudflare, but if you have an Origin certificate installed and your encryption mode is Full Strict, you should be actually good to go.

The domain seems to load.

sitemeer.com/#https://www.ortega-it.com/

There’s a 404, but that’s coming from the server. The DNS records themselves appear to be configured correctly.

I found the issue…

My subdomain was redirecting for https to a different port - and guess what, its not in the allowed list:
https://developers.cloudflare.com/fundamentals/get-started/network-ports

Now its working… Thanks for investing time with me…

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.