I’m having issues with some subdomains forcing HTTPS even when they don’t have or need a certificate. The strange thing is this is only happening on a few domains, but works perfectly on most of them even when the settings are identical as far as I can tell.
Specifically I set up a subdomain as an alias of sendgrid.net to allow link tracking. Sendgrid rewrites the url’s in the emails to point to that subdomain and then redirects the user to the actual url. This Sendgrid server supports HTTP only.
For most domains when I click on a link in an email to the links.domainname.com it redirects me to the actual url with no problems. For a few domains it redirects to HTTPS which then causes a “Your connection is not private NET::ERR_CERT_COMMON_NAME_INVALID” error in Chrome. I don’t think this is happening on Sendgrid’s servers, so it must be Cloudflare.
I am using Cloudflare only for CNAME flattening and managing DNS entries so nearly everything is disabled or left at default settings. Traffic is not routed through Cloudflare on any subdomains. SSL is set to flexible and all certificates are installed directly on the various servers we use.
Any ideas what I should check and what the difference might be that causes some domains to work fine and some don’t? Thank you!