Flexible SSL redirect loop with Google Firebase

Hey I have a subdomain I want to point to my google firebase app which uses google’s firebase ip’s. They require the subdomain have an A record set to their ips.

I have flexible ssl set up on the parent domain like so:

with parent domain rules:

And I get a redirect loop when I visit the url. Additionally, in the Google Firebase console it says that my domain is verified (as I have done with a txt record check) but it cannot be connected. More specifically, it says ‘unable to load domains’.

I have tried disabling these rules one by one and in combination and deleting the cache but so far no success.

I have set up Firebase apps with custom domains before, just not using Cloudflare. Any insights on how to circumvent the redirect loop are appreciated. Thanks.

I should add as well, that during the setup Google issues its own ssl cert on a per-app basis on their end.

It seems that redirect loop often happen when Flexible SSL is used and the origin is set to redirect HTTP to HTTPS.

If you read the above support page, they said that you’ll need to disable redirects at the origin. But, Firebase requires SSL to be used at all time, so I don’t think you can disable the redirect.

So, I would recommend switching to Full SSL Mode since Google issues a certificate for your site.


Thank-you @tanto259 for your suggestion. For others with the same issue using the above page rules with ssl set to ‘full’ makes Cloudflare to play nice with firebase hosting.


If I set SSL to “full” and redirect rewrites from “http” to “https” as well, I will not to use Firebase certificate? 0.o

I’m not familiar with firebase, but if it has its own SSL certificate, then that’s great! You will have an end-to-end secure connection.

Sorry, I’m late to answer.

Using Cloudflare - “Page Rules” option

If I set SSL to “full” and enable Automatic HTTPS rewrites from “http” to “https” as well, I’m not using firebase certificate to my own domain because in this case it was setted my own domain in firebase as well (and my own domain is using SSL)

I think what @sdayman was referring to is, that you support encryption from firebase to Cloudflare to your webserver and vice-versa (if I understand it correctly).
Either way, it is up to you which certificate you use, both are currently trustworthy(-ish).