Still seeing Cloudflare SSL certs when proxy set to DNS only?

Hi,

Im confused as to what is happening with my current setup. I have a subdomain api2.mydomain.com as a CNAME record that points to my origin server. I have this set to Proxy Status: DNS Only. I have SSL/TLS mode set to full.

However, if I go to this subdomain api2.mydomain.com in my browser, I get a certificate error in Chrome:

NET::ERR_CERT_AUTHORITY_INVALID
Subject: CloudFlare Origin Certificate
Issuer: CloudFlare, Inc.
Expires on: 8 Oct 2033
Current date: 19 Dec 2019
PEM encoded chain:

I was under the impression that with the proxy status set to DNS Only, Cloudflare is only doing the DNS resolution. Can anyone explain why the browser is still seeing a Cloudflare certificate in the chain?

Thanks!

That is correct and you actually dont get a Cloudflare proxy certificate here, but the Cloudflare Origin certificate configured on your own server.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.