I keep getting ERR_SSL_VERSION_OR_CIPHER_MISMATCH when trying to redirect it, even with a page rule. I have my SSL settings as full strict.
As long as you are on HTTP that is no problem. Considering that you are talking about HTTPS however, no there isnt. Cloudflare only supports free Universal certificates one level down from the registered domain. You will need a paid upgrade in this case or bypass Cloudflare and go straight to your server with a regular certificate.
Cloudflare’s free universal SSL certificate covers example.com and *.example.com. It’s not possible to issue a certificate which covers ..example.com so a dedicated certificate is required to cover *.foo.example.com.
When a user’s browser connects to a website over https the SSL handshake is the first thing that happens (before any redirection has the option to kick in… that ensures the server doing the redirection is the ‘right one’ based on the SSL handshake). So absent a dedicated SSL cert that redirection can’t happen for https as @sandro mentioned.
I’d pay for the certificate if it was reasonable…but $5/month for a certificate? Too expensive and overpriced for me… with letsencrypt certificates are free now…
Same with page rules, I need just 1 more page rule, but I would have to pay for 4 more rules I’d not need. I’d pay 1 dolar for 1 page rule no problem, but paying $5 and using just 1 is not worth it.
The real question is why I can’t do redirects using DNS like other registrars can?
I guess I’m not familiar with that process/ feature. Can you provide an example?
How can you redirect via DNS?
But that isn’t redirect using DNS, it’s simply a different UI for implementing a webserver returning a redirect at the DNS connection. It’s basically a bit like bit.ly or similar.
Cloudflare sticks more to the spec for DNS splitting it from the actual webserver stuff.
If you put in anything there and there check for the record you will see exactly what I mean. It’s going to their server and then returning a 301/302 to the URL you put there.
What about this?
Same exact thing. There are no possible ways to do a redirect using only DNS. It’s not contemplated in the spec.
Ok thanks. I wish the certificate or page rules were more reasonable then…but thanks.
The certificate is as large as it can be. You can’t issue a double wildcard domain for all subdomains of any possible subdomain of a domain (e.g.
*.*.example.com), they would have to issue a certificate for every possible subdomain which are infinite making it impossible. As far as page rules you can buy additional, you can implement your own redirect in Workers, use a third party service for redirection…
This topic was automatically closed after 31 days. New replies are no longer allowed.