We have a few domains already hosted on Cloudflare DNS under the free account and some that were not yet moved onto Cloudflare. One of these domains has a subdomain hosted by a SAAS providerwho includes the Cloudflare WAF as part of their solution under their account. We migrated the domain using the service provider’s cloudflare waf and now their config can’t verify the TXT code. Is this a limitation by design or a bug that support might be able to fix?
Just so I have this correct, you use a SAAS application with a vanity domain like
saas.example.com which is a CNAME for
example.customers.saasprovider.com. At some point, your SaaS provider asked you to create a TXT record in your DNS for
saas.example.com with a random string like
ca3-1234567890abcdef. Everything has worked fine so far, and your SaaS provider has a certificate on their Cloudflare account for
saas.example.com, and is using the SSL for SaaS product from Cloudflare.
You now want to add the entire domain
example.com to Cloudflare.
I don’t understand what you mean by:
Can you explain?
There should be no issue with you having a free account for your domain, while having a CNAME to a SSL for SaaS provider for one or more of your subdomains.
Sorry, my sentences didn’t come out right on that one.
I’m not sure yet what product the SAAS provider is using, but maybe it’s easier to describe with a comparison of before/after:
example.comDNS hosted on 3rd party
- verify txt record in
example.comDNS on 3rd party
saas.example.comrunning through Cloudflare WAF - not configured by us so we have no visibility
example.comDNS hosted in Cloudflare on our account, separate from any config SAAS provider has done
- verify record in DNS on Cloudflare
- saas provider says their config says our site is moved, wants us to verify the txt record exists.
dnschecker.orgquery shows that the txt record is resolving globally with the correct value
Thank you, @jeff121 for closing the loop with Support.
For anyone who comes across this, working with the saas vendor we found the solution.
This vendor ended up standing up a separate account using the standard plan offerings, instead of the SAAS offerings. This caused a conflict when we moved our DNS into cloudflare that we couldn’t have the same TLD in two different accounts.
We merged the configuration into a single account to solve the issue.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.