Hi there i tried follow the tutorial for ( SSL/TLS not working on subdomain ) but still not working
Main domain is working fine
www.marketinginstitute.com but courses.marketinginstitute.com
And the ssl is set to be full ssl ,but subdomain will not work on the full ssl
it will work only on flexible and if i turned the flexible on the main domain will not work
so one will work and other will not ,is there a way to set different ssl for the subdomains?
Possibly related to:
Please note, this tutorial post contains links to external sites. I am not endorsing any external links.
This tutorial post covers the first steps you should take if SSL is working on your main domain, but not on a subdomain.
1. Is there a DNS record for it?
Check the DNS app in your Cloudflare dashboard to see if there is a DNS record there for that subdomain.
2. Check that the DNS record is working correctly
You can use a tool such as
https://dnschecker.org, enter the subdomain.domain.com …
This tutorial covers a possible reason for the SSL_ERROR_NO_CYPHER_OVERLAP and ERR_SSL_VERSION_OR_CIPHER_MISMATCH errors (Firefox and Chrome respectively) when seen on a subdomain.
The Cloudflare universal certificates cover example.com and *.example.com. This means that it covers any subdomain one level below the domain you signed up with.
It will cover www.example.com and subdomain.example.com, as these are one level below the root domain, example.com.
The certificate will not cover www.sub…
May I ask what SSL option you have got selected under the
SSL/TLS tab at Cloudflare dashboard for your domain ( Flexible, Full, Full Strict … )?
There seems to be an issue with the SSL certificate at your origin host / server.
Before moving to Cloudflare, was your Website working over HTTPS connection?
If so, did you have a valid SSL certificate installed at your origin host / server which covers both your naked (root) domain and any other needed sub-domain like www, mail, etc.?
Could you please re-check if all including the naked domain, www, mail, and your sub-domain (possibly some more) are covered by your SSL certificate and the one installed at your origin host is still valid?
Here is a way to re-check if you correctly setup the SSL for your domain with Cloudflare:
This tutorial covers getting SSL working with Cloudflare in various different scenarios.
This assumes you already have your website set up on Cloudflare with all your DNS records set to
, if not - please visit Step 1.
Do you want the website to use HTTPS?
YesDo you already have a valid SSL certificate installed on your server (i.e. does it already load over HTTPS with a )?
If your website already works over HTTPS, you can just set your SSL mode in Cloudflare to Full (strict)…
Nevertheless, for proper security and HTTPS connection between the user-Cloudflare-origin the SSL option in the Cloudflare dashboard should be set to
Full (Strict) SSL:
Unencrypted & unverified connections
Imagine you open Paypal and suddenly get that warning
Would you continue? Probably not. For decades leaders in IT security have advocated that people upgrade their sites from unencrypted HTTP to secure HTTPS. And for a reason, everything you send via an HTTP connection is sent in plain text and can be intercepted at any point between you and the server.
Equally, you’d probably not proceed if you got such a warning, right?
That’s when th…
Well, it could be achieved by
using Page Rules:
If you require a different SSL mode for a subdomain, you can achieve this with page rules.
If, for example, you want SSL on your root domain (cloudflareexample.cf) set to Full (strict), but want the subdomain subdomain.cloudflareexample.cf to have SSL Off, you should set the SSL mode under SSL/TLS in your Cloudflare dashboard to Full (strict). You can then set the subdomain SSL mode to Off via a page rule.
SSL mode Full (strict):
Page rule to set subdomain SSL to ‘Off’
Flexible SSL is really not recommended and not secure as far as there are known issues with it:
The connection between your visitor and Cloudflare is secured, but the connection between Cloudflare and your server is not. You will not need a certificate on your server for this mode. This option is NOT RECOMMENDED.
Flexible makes your site only partially secure - it encrypts the connection between the visitor and Cloudflare - this means they see the
in their browser and the site leaves the impression to be secure! However the connection between Cloudflare and your origin se…
In case you do not have an SSL certificate, you can use Cloudflare SSL, if so, kindly make sure you follow the instructions as follows on the below article to setup an SSL certificate using Cloudflare Origin CA Certificate:
Maybe you need to renew your SSL certificate at the origin host / server, if using Let’s Encrypt or AutoSSL (cPanel), etc.
Hi there my current SSL is set to be FULL
Here is the page rule that was given to me from the learning platform where i should be using flexible and point to
not it works fine but only on flexible,what page rule i should do so it work on full SSL
Should be set to Full (strict). Kindly, re-read my first post.
Here is the page rule
I would remove this Page Rule.
I linked the tutorial for “Setting SSL/TLS Mode using Page Rules.” in my first post too in case if needed.
Generally, I would
correct my SSL settings and make sure it’s set to
Full (Strict) for both my naked domain, my www and my sub-domains and make sure to have the SSL certificate installed at my origin host / server which covers all the needed.
Therefore, no need to use a custom
Page Rule for a different SSL mode (unsecure!?) for my sub-domain, which makes my sub-domain even
Otherwise, you have issues.
Kindly, consider below cite:
Hi there Fritex
Some steps worked
I did convert it to strict and primary domain
www.marketinginstitute.com worked fine and i added page rule for ssl for subdomain as flexible yet this time it seem opening but a blank page only appear
attaching also video recording
Okay, from now on we could have issues we might not be able to resolve then as it seems so from below as you make it so:
What does the Developer Console (F12) in your Web browser say, if any error?
Or, rather that’s comming from the origin host / server itself, like some PHP, etc.
Or even it’s the Website builder which you are using?
You might also need to contact the hosting/service provider to resolve it. Maybe there is some SSL options in their interface to re-check too.
What happens when you temporary Pause Cloudflare for your site? Does it work then over HTTPS or not?
should we more page rule to fix the issue or no need
526 error for the resources.
mixed content and redireciton loops.
There is also WebSockets
wss:// usage, and you have Flexible, which “seems” to be on HTTPS (WSS) while actually “working” over HTTP (WS) - mixed.
May also ask is the
WebSockets option enabled at Cloudflare dashboard for your domain
under the Network tab → WebSockets option ?
Does your app work over an supported and compatible port with the Cloudflare proxied (
Ports list compatible and supported when using
cloud (proxy mode) on Cloudflare can be found here:
That’s really not good.
Still not working when turned off
Hi i turned off the websocet same issue,the app is not mine it is for
gurucan.com i am using their platform (DNS
wondering what can we tweak to have it workv
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.