I have the domain [mydomain.com]* (This is just an example) configured in Cloudflare.
The SSL/TLS is configured to: Full (Strict)
I want to point a subdomain called [custom.mydomain.com]* to a partner subdomain ([custom.partnerdomain.com]* - This is also just an example of name) via CNAME as requested by the partner:
My new CNAME DNS record is like:
[custom.mydomain.com]* >>>>> CNAME >>>> [custom.partnerdomain.com]*
Note that the partner subdomain [custom . partnerdomain . com] works in https.
When I visit [https://custom.mydomain.com] it gives me a warning that the website is not secure.
Is there a way to get this scenario working and have[https://custom.mydomain.com] working for users visiting this url?
Added spaces because I could not create the post (more than two links!?)
The should be technically possible without issues. I assume the partner domain is not on Cloudflare, right? Is that record on your side proxied or not? You’ll probably have to configure the webserver to accept your domain as well however.
Alright. Yes, that record is unproxied and a regular CNAME pointing to the configured host. As I mentioned before you will need to configure the target host properly, so that requests for your domain a correctly accepted/handled. That also includes a valid certificate for your domain on that server.
It doesnt have to. That particular target host is not on Cloudflare, so you can easily proxy it, but that wont change the fact that you will need to configure the target server properly. What you could avoid in this case is the necessity to also configure a certificate for your domain on their server, as the target host’s certificate will be accepted in this case as well.
This is interesting. Just to make things clear for me and to summarize for me and other people having the same issue: We have two options (Correct me if I am wrong):
Condition: Target host is not on Cloudflare.
Option 1:
CNAME record on Cloudflare: Not Proxied
Configure the target server properly.
The necessity to also configure a certificate for your domain on their server.