Im confused as to what is happening with my current setup. I have a subdomain api2.mydomain.com as a CNAME record that points to my origin server. I have this set to Proxy Status: DNS Only. I have SSL/TLS mode set to full.
However, if I go to this subdomain api2.mydomain.com in my browser, I get a certificate error in Chrome:
NET::ERR_CERT_AUTHORITY_INVALID Subject: CloudFlare Origin Certificate Issuer: CloudFlare, Inc. Expires on: 8 Oct 2033 Current date: 19 Dec 2019 PEM encoded chain:
I was under the impression that with the proxy status set to DNS Only, cloudflare is only doing the DNS resolution. Can anyone explain why the browser is still seeing a cloudflare certificate in the chain?