a subdomain of my original website has a SSL error: the protocol works but the common name is incorrect.
Without Cloudflare I can also visit the sub website bypassing the SSL error.
When I enable Cloudflare fot that subdomain, I receive an error telling me the server (my website) and client (Cloudflare proxy) don’t agree with each other.
The likely issue is that the domain is a second subdomain, eg sub2.sub1.example.com. The SSL certificate only matches *.example.com, and a second subdomain would require a certificate matching *.*.example.com, something Cloudflare doesn’t provide. Let us know if this isn’t the issue.
Make sure your DNS entry for your domain name or the subdomain www is orange cloud in the dashboard. This will serve files with Cloudflare’s SSL certificate. Then make sure the SSL setting in the SSL/TLS app is set to “flexible”, this will contact the origin server over HTTP (non-SSL) but serve files to the visitor as HTTPS.
I use Cloudflare only for a third-level domain, because I can’t edit the NS of the second-level domain.
So I create a subdomain on my website and assigned it to Cloudflare.
Now I can use Cloudflare only for a third-level domain, and here I have problems with the SSL certificate.
In http mode (not ssl) it works fine, but in ssl mode there is the problem.
The subdomain is http://dist.sharecontacts.org/
In http mode it works, in https mode I get an error, and in SSL/TLS settings I’ve turned off the ssl mode.
I’ve already written that the second-level domain isn’t assigned to Cloudflare, but I’ve assigned the third-level.
I can’t edit the authoritarian NS of the second-level domain.
Here you can see how the DNS query for the third-level domain is assigned to Cloudflare.
Are you sure the domain is properly set up with Cloudflare in the first place? Can you post a screenshot of the overview screen showing your domain’s status?
As you can see, I can’t assign the second-level domain to Cloudflare, but I assigned only the dist subdomain, and about DNS, it works.
The problem is on my origin, the certificate doesn’t authenticate the subdomain “dist”, and I can do anything.
I’ve turned off the ssl, but the https -> http redirect doesn’t work.
Let me try to retrace what you - presumably - did.
You created a Cloudflare zone for sharecontacts[dot]org but, not being under your control, did not actually change the nameservers and hence did not fully activate it. Then you created a dist host and proxy it through Cloudflare to the actual server?
Is that correct? If it is, it would be a somewhat peculiar setup and I’d assume the certificate would not work because your domain never validated within Cloudflare.
In short, I am afraid but I guess that setup wont be possible.
I have another domain hosted on Cloudflare, and this is hosted correctly.
As you can see https://www.scitcdn.ga/ is correctly visitable without SSL errors.
But yet, on the origin server, the certificate is headed to another domain, and I have not problems.
This is the SSL/TLS app on Cloudflare: