Problems setting up https on subdomain

Hi! I am new to cloudflare, i’m attempting to expose a service in GKE (Google Kubernetes Engine) so i create a Load Balancer and set up an A record in cloudflare to point a first level subdomain to my LoadBalancer’s IP. The A record works on HTTP but I can’t seem to make it work over HTTPS and my application does require the security.

Currently i have my SSL/TLS set to Full, i’ve disabled forced https and checked my universal certificate a million times, could someone help?

Was this working with HTTPS before you added the subdomain to Cloudflare?

Can’t say it was since moving the DNS to cloudflare. It used to work back in AWS. I’ve tried most everything i’ve found. If there’s more relevant info i can provide you with i’d be happy to, i’m a bit lost :frowning:

For now, set that hostname to :grey: DNS Only. It takes up to five minutes to take effect. Then make sure it’s working with HTTPS. Once that’s all set, make sure you SSL/TLS mode here is set to Full (Strict) and re-enable the :orange: Proxy.

Right away! My SSL/TLS has been set to full this whole time. I’m setting the subdomain to :grey: DNS Only and waiting to see what happens. Does my GKE instance need to have an SSL certificate on it? I thought Cloudflare’s DNS would take care of it…

You said your application requires the security of HTTPS. SSL at the origin is required for that security.


Taking it from where we were yesterday, i installed a Certificate of Origin i generated on Cloudflare into my GKE LoadBalancer, with the A record set to :grey:. It now does work on https, kinda…

Should i try turning proxy on?

You probably let your browser accept an unfamiliar certificate. If you :orange: Proxy that record, Cloudflare will accept that origin certificate in Full (Strict) SSL mode.


All i had to do was request an Origin Certificate in cloudflare and install it in my GKE LoadBalancer, your advice helped me get there so i’m marking this comment as “solution”, many many thanks friend, hats off to you!


This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.