I'm trying to wrap my head around how SSL for SaaS is supposed to work... Trying to set up Cloudflare (with SSL for SaaS) in front of an AKS cluster. I have a main domain, app.mydomain.com that customers in my SaaS platform can use. They can also setup their own vanity domains, like app.customerdomain.com, and use that instead. I've got the current setup: - Partial CNAME setup in Cloudflare for mydomain.com - CNAME record in AWS for app.mydomain.com -> app.mydomain.com.cdn.cloudflare.net - CNAME record in Cloudflare for app.mydomain.com -> myakscluster.cloudapp.azure.com - CNAME record in AWS for app.customerdomain.com -> app.mydomain.com (vanity url for customers) - Fallback Origin in Cloudflare set to app.mydomain.com - Custom Hostname in Cloudflare for app.customerdomain.com - Generated a Cloudflare CA cert for *.mydomain.com and using that in the AKS cluster app.mydomain.com is working, but app.customerdomain.com is giving a "526 Invalid SSL certificate". I'm guessing that is because the cert in AKS is generated for *.mydomain.com, but I'm not allowed to generate a cert for app.customerdomain.com (since it's not part of the Cloudflare setup). What are my options? Do I have to use Full ("not strict") SSL mode, or what is the recommeneded way of solving this issue?`Preformatted text`
Looks like I accidentally put all of it in a blockquote… And I guess there’s no edit button? Well, hope you can read it anyway
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.