Issues with .app domain HTTPS (using free Cloudflare Origin Certificate)

My .app domain is returning a 502 error.

I generated a free Origin certificate & key under the SSL/TLS app and assigned it to my domain via cPanel. The certificate has an active status. Its been close to 48hrs since the SSL cert was active and Name Servers changed to the ones issued by Cloudflare

I spoke with the company that I host my domain with (since I was getting a 502 error) and was told everything looks good at their end. So to test, I removed the Cloudflare Name Servers and changed them back to the ones issued by the Hosting company, and the website loads (however, with a “Not Secure” warning). The 502 error occurs only when I use Cloudflare’s Name Servers.

Since .app domains require an SSL cert, I do have to route through Cloudflare.

Always use HTTPS: ON
I also uploaded a .htaccess file to redirect http to https, to the root directory.

Automatic HTTPS Rewrites: ON

If anyone has had similar issues or has a solution to this issue, I’d greatly appreciate your help.


You have several issues:

  1. Your origin server isn’t listening on port 443.
  2. Your origin server is redirecting your root domain to both https and to the www record.
  3. The www record doesn’t point to your origin.
  4. The server it does point to doesn’t listen on port 443 either, hence the 502 error.
  5. Your SSL is currently set to Flexible, once your host has fixed issue #1 you should probably set it to full.
1 Like

This topic was automatically closed after 14 days. New replies are no longer allowed.