Please note, this tutorial post contains links to external sites. I am not endorsing any external links.
This tutorial post covers the first steps you should take if SSL is working on your main domain, but not on a subdomain.
1. Is there a DNS record for it?
Check the DNS tab of your cloudflare dashboard to see if there is a DNS record there for that subdomain.
2. Check that the DNS record is working correctly
You can use a tool such as https://www.ultratools.com/tools/dnsLookup, enter the
subdomain.domain.com that should be working and check that DNS records are found for it.
3. Check that the subdomain is not too deep
Cloudflare universal certs cover
*.yourdomain.com, this means they can cover
sub.domain.com, but can’t cover
sub.sub.domain.com. If you need a subdomain that isn’t covered by the universal cert, you will need to purchase a dedicated certificate.
There is now a specific tutorial on this: Subdomain too deep
4. Check that the DNS record is set to
In the DNS tab of your Cloudflare dashboard, check that the DNS record for your subdomain is set to , not .
5. Check that HTTPS doesn’t work
If you manually enter
https://sub.domain.com, does it load with the Cloudflare certificate? If so, you are probably not forcing HTTPS, enable ‘Always use HTTPS’ in the crypto tab of your Cloudflare dashboard.
6. Do you see a certificate from your server?
If you see a cert from your server rather than from Cloudflare, you may be bypassing CF and connecting straight to the server. You can also check for Cloudflare headers in dev tools. If you are not going through Cloudflare, this may be a local caching issue.
If you still need further help, please post the outcomes of these steps and your domain and subdomain and the community can try and help