Michael,
I appreciate the clarification and the help. I am changing my rule from *subdomain.domain.com to just https://subdomain.domain.com. The idea was to try to catch both HTTP and HTTPS requests, but I can see now that I made things worse by trying to do that.
With that said, the rule set up this way should work, correct?
Edit: I changed the rule and it is still throwing a 522. Any other ideas? Thank you.