I have a 3rd party database management portal sat behind IIS ARR that can be accessed via a subdomain through cloudflare. The portal itself requires HTTP Basic Auth and handles the negotiation. If I attempt to access the site via Cloudflare with the proxy (Orange Cloud) enabled I get a HTTP 400 response. If I disable the proxy (grey cloud) I am presented with the basic auth dialog in my browser and I can successfully login to the management portal. At this point the browser shows the site as ‘Not Secure’ because my IIS server is presenting the Cloudflare Origin certificate back to the browser.
Everything works fine (except ‘Not Secure’ SSL) until I enable the Cloudflare Proxy
Does Cloudflare (proxy enabled) support this setup?
Do I need to set a page rule up to deal with this on the subdomain?
Anything else Im doing wrong?