Strategies to Move From a www Subdomain And Use Free TLS Cert

Hello Everyone!

I want to use Cloudflare on a few websites, one of which has a subdomain:

After reading this post, I understand that the free Cloudflare certificates only cover the 1st subdomain, and I’d need to purchase a certificate to get to work.

Instead of paying for the certificate, I’d rather update my subdomain site to I don’t see any way to do this without Cloudflare breaking though.

My problem is that many people have the site in their favorites with the www included ( Even if I update my webserver config to force the URL to, it is going to give them an cipher match error before my webserver can remove the www.

Besides posting a message to my users asking them to update their favorites after I remove the www on the webserver, what are my options? I’ve tried page rules “Forwarding URL,” and that didn’t work either.

Thank you!


Absent a valid SSL certificate anyone who visits a hostname without a valid cert on https is going to get a certificate warning error unfortunately.

Thanks for the response! I set up a test environment here:

You’ll notice that the portal website gives an “ERR_SSL_VERSION_OR_CIPHER_MISMATCH” error.

If you use, then it is able to actually touch the server. I guess what I’ll have to do is update the URL on my webserver (Remove the www), post a message telling people to update their favorites, and THEN enable Cloudflare. I’m sure some people will still not pay attention, but at least I gave it a try. :confused:

Unless you have any other ideas (Besides paying for the cert), I think that is the best plan.


I ended up removing the www from all of my URLs, and posted an announcement on the portal subdomain. It is unfortunate that Cloudflare can’t handle a person typing in www on a subdomain (With the free TLS certificates). Seems really flaky.

Don’t get me wrong, I really love Cloudflare, and appreciate the free option, but I wish it could handle a user’s error by doing a simple redirect or something like that. The user won’t know what they did wrong and would assume that site is down. I tried using page rule redirects, and that did not work.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.