Getting www. working on a subdomain without SSL error

#1

Hello Cloudflare Community

We recently started using Cloudflare for the free CDN which has helped loads :slight_smile:

We have two websites under our domain and one of them sits on a subdomain.

Then main website loads fine with and without www which was originally achieved using an A record but during my messing around I have changed this to a CNAME and this still works.

However, the sub domain does not load with the www and this is what I have tried;
-Adding an A record for the www.subdomain which I quickly realised was incorrect so I removed it.
-I’ve added a CNAME record for www.subdomain to point to subdomain.domain.co.uk which from what I can find online is the correct way of doing things however I receive the following error;

This site can’t provide a secure connection

www.subdomain.domain.co.uk uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Unsupported protocol
The client and server don’t support a common SSL protocol version or cipher suite.

Before we started to use cloudflare we added our subdomain to our hosting platform as a site in it’s own right which allowed us to use 2 free SSL certificates, one for each website.

After moving here and starting to use cloudflare’s SSL it seems we may not be able to cover both websites with the SSL and have www CNAMES setup?

I don’t fully understand this, hence the post but if anybody can point me in the right different or help me with any possible solutions it would be greatly appreciated.

Chris

0 Likes

#2

This is too deep a subdomain for the Cloudflare universal SSL, it covers *.example.com but not *.*.example.com, i.e. it covers media.example.com but not www.media.example.com.

You should probably redirect any requests for www.media.hi-impact.co.uk to media.hi-impact.co.uk where the certificate should work fine. The other option is a dedicated certificate which covers this hostname, but the redirect should be fine.

1 Like

#3

Thanks domjh. I’m going to find give that shot with a simple redirect!

Edit: Still trying to set up this redirect using the page rules but not having much look. Is this how it is done within cloudflare?

0 Likes

#4

Are you able to tell me…I see there are two other levels of SSLs that are offered. a $5 and $10 one. would either of these allow me to add the subdomain too that that it covered the www.?

0 Likes

#5

Turns out the redirect won’t work because the SSL error triggers before the redirect.

Looking like a dedicated SSL might the only way I can achieve this.

0 Likes

#7

As the OP noted, if it’s set to :orange:, then it needs Cloudflare SSL.

You can either:

  1. Get that $10 cert with custom hostnames
  2. Set it to :grey: and have your server do the redirect.
1 Like

#8

Thinking sbout it more, Should this not be the case, @sdayman… I have a page rule redirecting www.sub.domain.com to another domain and it works fine with an A record for www.sub, pointing to 192.0.2.1 set to :orange:

Seems to work…

0 Likes

#9

If www.sub.example.com is set to :orange: and you hit it via HTTPS, it needs a valid certificate to respond to the request.

If you find otherwise, let me know and I’ll experiment when I get home.

1 Like

#10

Oh… I see! I had SSL disabled on that subdomain, that makes sense! Hadn’t realised that :slightly_smiling_face:

1 Like

#11

Thanks sdayman and domjh.

You have both helped me get to the bottom of this!

I’m going to explore both options and see which workd best for me!

Thanks again!

2 Likes