Why does the SSL protocol of the host not work after enabling free domain name resolution and CDN?
This is because Cloudflare's free version only provides wildcard certificates for the main domain and first level subdomains (such as example. com and *. example. com), and does not support second or multiple level subdomains. If the subdomain you bind is not within the scope of the certificate, SSL is not supported or the certificate is incorrect.
What are the SSL certificate restrictions for Cloudflare's free version?
The certificate coverage provided by the free version is limited
example.com
*. example.com
Test.sub.exe. com (Second level or multi-level subdomains are not supported)
If the accessed subdomain exceeds the scope of the certificate, it will report that the certificate is untrusted/SSL is not supported.
Why does the host still encounter errors when accessing subdomains even though SSL is enabled?
Because Cloudflare replaces its own certificate in proxy mode. If the subdomain does not have a matching Cloudflare certificate, the certificate will become invalid, even if your host itself has SSL.
What are the current solutions?
Solution: Turn off Cloudflare's CDN proxy and allow the domain to directly connect to the host, or use other CDN services that support SSL. In this case, you can use the host's own configured SSL certificate.
- 0 Users Found This Useful
