Native Certificate vs Advanced Certificate

Hello There, I need help understanding how cloudflare differentiate certificates. We have a native type certificate for our main domain (and its wildcard) and a advanced type certificate for various sub domains and wildcards (including lots of “two level” subdomains like,, etc).

For our main certificate (native) I can “get it valid” on AWS ACM (using the request and inputting the generated cname on cloudflare), but for the certificate on subdomains (advanced) it won’t get validated on AWS, doing the exact same process, is there some kind of limitation on this certificate “type”?


Both certificates are pretty much the same. They specify the hostnames they’re valid for, either a specific hostname (,, or a subdomain wildcard (*, *

You may run them through SSL Server Test (Powered by Qualys SSL Labs) for a closer look.

This post was flagged by the community and is temporarily hidden.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.