To use mailgun it is suggested to add a subdomain for the emails (so I could use my base domain) so I get mail.example.com, now when I add tracking in mailgun it becomes email.mail.example.com.
Now I get a bad SSL certificate, “SSL_ERROR_BAD_CERT_DOMAIN”.
I suspect it happens because Cloudflare doesn’t wildcard second sub domains (email.mail…)
Is there any way I can solve this?
That record should probably be set to 
DNS Only.
1 Like
Yeah I set it to that, it still doesn’t work. I’m pretty sure it is because the certificate doesn’t work on *.*.mydomain.com
and only on *.mydomain.com
Origins should always use valid SSL certificates. It looks like this one doesn’t, and you’ll have to ask them to fix that.
My cname of email.mail.mydomain.com points to mailgun.com, so the cert isn’t handled by cf?
Is there anything else I need to do in CF other than removing the proxy?
Is there anything else I need to do in CF other than removing the proxy? (like page rule or something?)
Just that. Everthing else is up to Mailgun. Unless they tell you to set a different DNS record.
Mailgun replied this:
Thank you for contacting Mailgun support. Since your tracking domain is a 2nd level subdomain you’d need to contact CF to set up that SSL certificate as noted in the article. You could use the root domain to make the tracking domain a 1st level subdomain and that should work if you would like to avoid contacting CF.
Please let us know if you have any additional questions.
Can CF solve this for me?
Not safely. If Mailgun can’t provide SSL for that hostname, it will be insecure at the origin. I strongly suggest that you not use a second level domain for tracking. Bump it up to a standard subdomain and it should work better.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.