Still seeing Cloudflare SSL certs when proxy set to DNS only?

ben30 · December 19, 2019, 12:08pm

Hi,

Im confused as to what is happening with my current setup. I have a subdomain api2.mydomain.com as a CNAME record that points to my origin server. I have this set to Proxy Status: DNS Only. I have SSL/TLS mode set to full.

However, if I go to this subdomain api2.mydomain.com in my browser, I get a certificate error in Chrome:

NET::ERR_CERT_AUTHORITY_INVALID
Subject: CloudFlare Origin Certificate
Issuer: CloudFlare, Inc.
Expires on: 8 Oct 2033
Current date: 19 Dec 2019
PEM encoded chain:

I was under the impression that with the proxy status set to DNS Only, Cloudflare is only doing the DNS resolution. Can anyone explain why the browser is still seeing a Cloudflare certificate in the chain?

Thanks!

sandro · December 19, 2019, 12:33pm

That is correct and you actually dont get a Cloudflare proxy certificate here, but the Cloudflare Origin certificate configured on your own server.

system · January 18, 2020, 12:33pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cloudflare SSL Issues Security	4	1929	July 31, 2020
Can't get Cloudflare SSL Origin Cert to work for cPanel service subdomains Security	5	953	May 21, 2023
Cloudflare SSL Cert not being trusted in Cert Chain Security dns , dash-ssl-tls	3	2610	May 2, 2019
SSL certificate works with subdomain host proxy disabled? Security	2	1528	June 20, 2022
Need Help DNS Configuration Doesn't Allow Auto SSL Update DNS & Network	14	3756	July 26, 2020

Still seeing Cloudflare SSL certs when proxy set to DNS only?

Related topics