Third Partied Hosted site --> access via subdomain

Website, Application, Performance Security
1

Hello,

I have my wordpress site hosted on a VPS with SSL activated via letsencrypt.
I have partnered with a third party (kowledgebase.ai) who basically provides us with a service (host a database of Q&As that our customers may want to look at before asking help from our support). Essentially, they give us an opportunity of selected a subdomain of our choice and point it to their servers.

For example:

Webpage: aisg.help.kb will be masked with support.solarsecuritysys.com
When people access support.solarsecuritysys.com they would actually see the page aisg.help.kb

I have setup a CNAME record on my DNS which points to aisg.help.kb but having the Cloudflare DNS is giving me issuesd. I get error: 525.

Any help will be greatly appreciated.

2

That makes me think that they don’t have a valid certificate for your subdomain assigned to that aisg server. Some hosts do this, but others may force you to set SSL to Full (not strict).

Did you configure their service to let your specific “support” subdomain CNAME to them?

3

You are more than likely correct. I do not thing they have SSL for a subdomain.
See the attached pic of the ONLY thing I was able to pull out from their docs!

So how can I accomplish this. I have Vultr with nginx as the server setup.

Screen Shot 2020-04-05 at 2.28.56 PM
Screen Shot 2020-04-05 at 2.28.56 PM827Ă—924 94.6 KB

4

Try this:

5

Did you mean set SSL to full on cloudflare? If yes, then I actually have it at Full. Still no luck.

6

Yes, I meant Full (not strict).

solarsecuritysys doesn’t seem to be using Cloudflare now. It’s using Vultr name servers.

And support.solarsecuritysysCOM immediately returns a 400 error from Cloudfront.

7

yes. I have removed from Cloudflare now and trying to see if just running it on my VPS will solve.
I think the issue might also be other than the SSL.

Don’t have much experience in nginx but I wonder if i need to add any server blocks for the subdomain that points to third party domain

8

A CNAME isn’t even going to reach your server.

Their instructions say your CNAME should point to public.kb.help, so I don’t know where that SUB.help.kb comes from.

9

I am guessing they meant to say to replace the “public”.help.kb with what they assigned you with.

In my case that would be
https://aisg.kb.help → works if i hit this in the browser
then I get my own url for the above related to my domain

support.solarsecuritysys.com which points to aisg.kb.help in my DNS setting as a CNAME.

I doubt I need to add anything to my nginx server config as the subdomain never touches my server.
I guess i need to proxy pass the subdomain to aisg.kb.help somehow …

10

I’m just going by what they tell you to do, which is what other services do. A common subdomain that you point your CNAME at.

11

so further trying this out …

Removed all Cloudflare CDN (temporary)
CNAME on my DNS
support points to aisg.kb.help
nothing added in my nginx config

Now i get
**support.solarsecuritysys.com** sent an invalid response. ERR_SSL_PROTOCOL_ERROR

Which is more than likely a sign that there is no SSL Certificate set for the subdomain (support.solarsecuritysys.com) ?

12

I suggest you get it working before you move it back to Cloudflare.

1 Like
13

This topic was automatically closed after 30 days. New replies are no longer allowed.