Error 525 with Gsuite custom URLs

rogerberkley · April 27, 2020, 12:47am

Hello,

Gsuite allows an admin to set custom URLs to apps. That means, instead of having my organization’s email at mail.google.com/companyname I can set it to mail.companyname.com

Setting up a custom URL in Gsuite dashboard instructs that new CNAME records are required in DNS settings at the domain host.

Once CNAMEs are set up correctly, and they are, then the subdomain should be live.

I’m getting an Error 525 from Cloudflare when I load the new URL.

Cloudflare support page says to contact the host (i.e. Google) to make sure there’s an active SSL certificate in place.

Google says to contact Cloudflare…

Right now I have an open ticket with Gsuite customer support, and I’m looking for some information from Cloudflare community or support team.

How to resolve Error 525

Judge · April 27, 2020, 1:26am

GSuite custom URLs only work with Cloudflare (proxied) when loaded via Google’s servers over http, ie. when both the browser and Cloudflare connect over non-SSL connection. This requires the url be http:// as well as your zone not having “always use HTTPS” turned on. If either of these are false Cloudflare will error.

Note that GSuite’s custom URLs don’t do anything other than provide a convenient redirect to a page that limits the account switcher to emails on your domain.

Since it’s just a redirect, my solution is to leave the “Custom URLs” part of the admin console at their default values, and either have a page rule or Cloudflare Worker active on that subdomain to perform the redirect.

A worker for that would look like this:

let to_url = "https://mail.google.com/a/EXAMPLE.COM";
addEventListener('fetch', event => {
  event.respondWith(handleRequest(event.request))
})
async function handleRequest(request) {
  return new Response('', {status: 301, headers: {'location': to_url}})
}

(create the worker, save and deploy, then add a route on your zone with the route set to mail.example.com. Also make sure a DNS record exists for the subdomain mail as an A record with the value set to 192.0.2.1)

rogerberkley · April 27, 2020, 1:44am

That’s a big compromise to make, not an option.

Yes, agreed.

Awesome, this works. Thanks.

system · May 27, 2020, 1:44am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Using "mail.mydomain.com" to access Gmail with Cloudflare Getting Started dash-ssl-tls , dash-errors , dash-troubleshooting	7	3369	July 5, 2019
Subdomain for hosted google mail DNS & Network dash-ssl-tls	3	5338	June 18, 2021
Ghs.googlehosted.com CNAME not working on DNSSEC Enabled DNS & Network	7	7447	January 16, 2020
G Suite and custom URLs via CNAME and DNS DNS & Network dns , dash-ssl-tls	15	3777	January 4, 2019
I have no idea what to do about it DNS & Network	5	2230	November 20, 2020

Error 525 with Gsuite custom URLs

Related topics