Issues with adding a domain that is on the PSL

Hi, I own the domain cat.ax, and am having trouble adding the domain to Cloudflare. When attempting to add the site, I get the error “We were unable to identify cat.ax as a registered domain. Please ensure you are providing the root domain and not any subdomains (e.g., example.com, not subdomain.example.com)”.

I’ve followed the standard troubleshooting steps on this page already, the domain does appear to have NS records set, currently I have them pointed to digitalocean nameservers.

I believe Cloudflare is refusing to let me add this domain as it is an unusual case as it is on the public suffix list. Is there any way I can add my domain to Cloudflare anyways? How do I get in contact with support?

Yes, cat.ax has been listed as public SLD since 2020 - Add Voxel.sh DNS public suffixes by miyuuli · Pull Request #1014 · publicsuffix/list · GitHub

You’ll only be able to add a sub-domain of cat.ax but not the domain itself.

If you own that domain you’ll first need to get it off PSL. You need to follow through on Submit amendments to the Public Suffix List

2 Likes

Get it removed from the PSL is the correct way. Is there a reason the domain is on the PSL? I recall this being discussed previously, and I think you cannot have a certificate issued for a domain that is on the list.

I would like the domain to remain on the PSL as I will allow people to host content on subdomains of my domain.

Then you won’t be able to add the SLD itself. Under an Enterprise plan you might be able to do so, but that’s something you will need to clarify with sales.

You should be able to add “www” as sub-domain of it.

You could also try adding this hostname to an existing account using SSL for SaaS. (I have not tested this workaround.)

Effectively in this care you are asking Cloudflare to host DNS for a TLD unless you just wanted Cloudflare to proxy web requests for specific sites in a CNAME setup while you continue to host DNS elsewhere.

Which scenario are you trying to achieve.

Even a CNAME setup should not work here, as the OP won’t be able to add the SLD in the first place.

I’d imagine only with

Perhaps not through the UI, but that’s hardly the only process available hence my request for clarification. :wink:

How would you do it apart from the UI? :wink:

I am not sure Cloudflare would jump through hoops if it wasn’t on an Enterprise plan (after all, it’s not a .gov domain :wink:) and that would mean you couldn’t turn on the CNAME setup in the first place.

Of course, if we consider other options, it will be perfectly possible to add an SLD, but then it would be equally possible to add a TLD :slight_smile:

nslookup -type=ns com a.root-servers.net
Server:  UnKnown
Address:  198.41.0.4

com     nameserver = jack.ns.cloudflare.com
com     nameserver = jill.ns.cloudflare.com

Adam Sandler would certainly approve.

Why would you ask a magician to reveal their secrets?

It would be wouldn’t it? :face_with_monocle:

Let’s wait on a response from OP before we start solution design. :slight_smile:

I’ve always like Val Valentino better than David Copperfield :wink:

Well, he wants to have the cake and eat it :slight_smile:

If he wants to keep the domain as SLD, he can only either add www or go Enterprise. I am sure Cloudflare will accomodate that on Enterprise :slight_smile:

Never underestimate the universe of the possible or assume that the offerings of Cloudflare are limited to the things they put on their blog and marketing sites.

An Enterprise plan may be the answer, but Cloudflare is like the coyote from Native American mythology.

Now you just sound like the Boob Lady. Not saying that Cloudflare won’t drop these restrictions at some point, only that it’s currently not possible.

I would like them to host DNS for the TLD (cat.ax). I don’t see why it matters that it is on the PSL.

Because of what I already mentioned a week ago. If a domain is listed there it cannot be added. We are really only rehasing at this point and I’d suggest you check out the first response :wink:

If the Enterprise plan is an option, contact sales and they might just accomodate that.

That seems unlikely.

In this case, it may be that the TLD is so small that it wouldn’t be difficult to manage if Cloudflare were to decide to do so, but would one really expect that the operator of .com could drop their TLD onto Cloudflare without some kind of planning and coordination?

In this case at a minimum Cloudflare would need to be able to ensure that nay child domains using the service weren’t negatively impacted by the nameserver pair assigned to the parent.

Is there no way to get the issue escalated and contact tech support without being on an enterprise plan? The domain is low traffic and there will likely just be a single wildcard A record (*.cat.ax). The reason for me wanting it to remain on PSL is that users will be able to host content on subdomains of their choosing on it, and I would like to keep security features that being on the PSL offers, such as cookie scoping.

I’m not sure what you expect support to do. As has already been said several times, the only way you could add this to Cloudflare is with an Enterprise plan.