Setup SSL/TLS on a subset of subdomains?


How I set the SSL/TLS to Flexible only on a subset of my subdomains?

DNS: Proxied (or not) + Flexible SSL/TLS

DNS: DNS Only (if the server has an ssl for it good, if not, also good)

If you’re only proxying a subset that will be flexible, there isn’t much more to it, the non-proxied ones bypass Cloudflare anyway.

Beyond that, you can use page rules to change flexible/full/strict.


So if I understand correctly, only the DNS records that do not bypass cloudflare (orange DNS) can use the cloud flare SSL/TLS, correct?

Problem is, if I set the SSL/TLS to Flexible, it also seems to apply to the subdomains bypassed by cloud flare…

Is that a DNS replication issue or something?

You shouldn’t be using Flexible in the first place. With that setting your site is still insecure.

You should only use Full strict.

The flexible SSLs is for html only sites

It is not important what you serve. If you do not have a certificate on your server your site cannot be secure by definition. You need “Full strict”.

This topic was automatically closed after 30 days. New replies are no longer allowed.