Error 502 When Accessing Origin via Public Hostname Tunnel

I have a web portal I’m attempting to move behind Access using a public hostname tunnel. The tunnel is setup and the corresponding CNAME record has been created in our domain’s DNS. When I attempt to access the portal I get “Error 502 Bad Gateway”. We are using a non CF SSL wildcard cert on the origin. Our SSL/TLS encryption mode is set to Full on our domain. What am I missing?

I resolved this issue by enabling “No TLS Verify” on the public hostname page of the tunnel under “Additional applications settings” | “TLS”.

Thank you eric … I have been struggling with this for a week or more. Knew how to do it via CLI, but that introduced additional issues! Knew there had to be a way via the UI, but couldn’t find where it was located. Found it after reading this post thru the Public Hostname Edit/additional Application Settings!
Thx again for pointing me in. the right direction