Hi Community,
We have setup a load balancing origin pool. I’ve enabled health monitoring for this and the Origin CF certificate is installed on the host. I’ve currently turned off “Don’t verify SSL/TLS certificates (insecure)” because we’re reaching our Origin server via our public IP address and not an FQDN to our CF domain. What I’m seeing as a catch 22 is we want to hide our real IP address with CF proxy on the DNS A record but at the same time provide a secure way to use the health check (TLS verified). Right now, if I turn on proxy on the DNS A record, the check will fail because it only reaches CF IP addresses, not our real server. If I turn off proxying then we’re exposing our public IP address. Is there a right way to make this work or is using our public IP address on the health check the only way to do this?