Issue with domain ownership validation of AWS Certificate Manager

I requested certificate with multiple domains:
example.net
*.example.net
*.alpha.example.net
*.dev.example.net
*.qc.example.net
*.uat.example.net

I created all necessary CNAME records in Cloudflare and set them to DNS Only
But a day later only example.net and *.example.net were verified.

Maybe Cloudflare has some issues with subdomains of 3 level and above?

For DNS only there is no issue with multiple levels.

Did you create records for *.subdomain.example.com, or for subdomain.example.com?

no, I assumed that to verify I should just create a suggested by AWS CM CName record.

But when I’m trying to create a record like *.subdomain.example.com cloudflare doesn’t allow to proxy it and switches to DNS Only.
Does it mean that I won’t be able to use Cloudflare features like DDoS mitigation if domain will be resolved by the record with wildcard?

Correct. Only the Enterprise plan allows for proxying wildcard records, on all other plans you need to manually create the needed records to proxy.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.