I have set up my digital ocean hosed website to Cloudflare DNSs. In the Crypto section, I have set up all incoming traffic to be redirected to HTTPS version of the site, as well for SSL to be full strict.
It works for my main domain well, however, it does not work for any subdomain, in which case the page is served just like it is…and not https version.
In addition, I have set up a dedicated A record in DNS section for wildcard subdomain redirection, and I used the Cloudflare API as well to set up SSL Let’s Encrypt certificate (as Cloudflare does not provide free wildcard SSL certificates jet).
I have also tried redirecting through .httacess, however, it seems unaffected or bypassed by Cloudflare settings. All that said, I can get https.sub.mysite.com only if manually enter it in the address bar, however, if I just enter sub.mysite.com it stays unredirected to https.
What have I done wrong?
Appreciate any suggestion.
Wildcards cant be proxied, so you’d have the handle the TLS configuration and redirect on your server.
The cert you see if you manually add HTTPS to the address of the subdomain is your Let’s Encrypt one and not the Cloudflare one.
Yes that is right, the SSL actually work nice when the subdomain url is entered with https:// prefix manually. The issue is when the user enter it without the prefix, eg: sub.bookingsready.com, in which case there is no regular redirection to the https:// version (https://sub.bookingsready.com) as the desired result.
Any ideas ?
Can you please elaborate on this, or share some resources with more information on how that should be done ("for dummies ?
What is unclear about what I wrote? Your DNS records are not proxied and hence hit your server directly, hence any HTTPS redirects have to happen there too.
As I stated in my initial question, I have tried to redirect on the server/hosting side as well through both setting the dns and .htacess there, but with no results. That is why I need some further advice.
I am afraid that question would be beyond this forum’s scope in this case. You’d need to ask it in a forum/group for general server administration.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.