Still seeing Cloudflare SSL certs when proxy set to DNS only?


Im confused as to what is happening with my current setup. I have a subdomain as a CNAME record that points to my origin server. I have this set to Proxy Status: DNS Only. I have SSL/TLS mode set to full.

However, if I go to this subdomain in my browser, I get a certificate error in Chrome:

Subject: CloudFlare Origin Certificate
Issuer: CloudFlare, Inc.
Expires on: 8 Oct 2033
Current date: 19 Dec 2019
PEM encoded chain:

I was under the impression that with the proxy status set to DNS Only, cloudflare is only doing the DNS resolution. Can anyone explain why the browser is still seeing a cloudflare certificate in the chain?


That is correct and you actually dont get a Cloudflare proxy certificate here, but the Cloudflare Origin certificate configured on your own server.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.