SSL certificate not working on subdomain

Hi guys,

web is http2://

I have Universal Cloudflare Certificate for *,, but the subdomain seems to not be working - as it’s still displaying expired Let’s Encrypt certificate from my hosting servers.

I added dev2 to my DNS records on Cloudflare, but it did nothing. Even tho Diagnostics show The hostname has no DS records.

So now I’m lost at what to do next. Any help is appreciated. Thank you.

I don’t see option to edit the post anywhere, so I’m just gonna reply to correct the web address

It’s of course

Works for me.

curl -Iv
*   Trying
* Connected to ( port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-CHACHA20-POLY1305
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=*
*  start date: Jun  7 20:30:29 2021 GMT
*  expire date: Sep  5 20:30:29 2021 GMT
*  subjectAltName: host "" matched cert's "*"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fd9ce808800)
> Host:
> User-Agent: curl/7.64.1
> Accept: */*
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 200
HTTP/2 200
AS      | IP               | AS Name
13335   |     | CLOUDFLARENET, US
1 Like

You should fix that ASAP.

Oh, so now it works… Okay, thank you. Now I just need to resolve the origin Let’s Encrypt and switch to Full Strict

Thanks. I finally found a way to do it with my hosting provider.

All looks well now. Thanks guys

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.