Issues with Proxy and CNAME Records

I recently migrated to Cloudflare and am having an issue I could use some help understanding with DNS Proxy. I have an A entry with several CNAMEs pointing to that A entry for different applications that we are running behind a reverse proxy. I have DNS proxy on for the A entry which works fine however whenever i try to turn on DNS Proxy for a CNAME routing seems to fail on that record and never reaches our host.

Hi @EverDreamNetworks,

I need more information to properly investigate, so if you have any specific error or screenshot that you can include, that will be very helpful (just be careful with sensitive information).
However, from your account, I can see that your A record points to a subdomain and according to our documentation:

Universal SSL certificates only support SSL for the root or first-level subdomains such as and

At this point it all looks good, you can see more information here:

Since your CNAME records are pointing to a subdomain already, that makes all the CNAME records a second-level subdomain, and following with the documentation above:

To enable SSL support on second, third, and fourth-level subdomains such as or , you can:

This means that SSL is not covering any of your CNAME records, that is why when you proxy them, you could be experiencing errors.
With the information I have, I suggest starting with any of the 2 options mentioned before. If you still have problems, please feel free to share them here.

Hi Ipedroza

I’m only trying to obscure my host IP, not apply an SSL Certificate. I have a SSL cert managed and applied on my reverse proxy that the A entry is pointing towards. When I enable DNS Proxy on the CNAME Entry I receive a 522 Error. This does not happen when I disable DNS Proxy on the CNAME or if I use an A entry instead of a CNAME.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.