2 months ago
Hello, I'm trying to connect a custom domain hosted on Cloudflare.
Currently, my backend has the following configurations:
Within "api.alquiclean.com" it indicates:
In Cloudflare, I have:
SSL Full strict
Domain config:
- Type: CNAME
- Name: api
- Proxy: DNS only
- TTL: auto
I need help because when I access the following URL, I get an HTTPS error: https://api.alquiclean.com/api/health
1 Replies
2 months ago
Unfortunately, we can't have full strict mode (Cloudflare) enabled because it breaks the http challenge.
Internet -> Cloudflare -> Railway
If Cloudflare is in the middle here and strict mode is enabled, it requires TLS to Railway. This is an issue when performing ACME challenges since the HTTP request to verify you own a domain at your webserver will be over an unencrypted channel due to not having a certificate yet..
In other words, need cert for strict mode. can't make cert without a single unencrypted request to make cert.
Reference:
Additionally, your TXT verification record (_railway-verify.api) is missing from Cloudflare DNS, which is required for ownership verification. You need to add that TXT record with the value shown in the Railway dashboard before the certificate can be issued.
Status changed to Awaiting User Response Railway • about 2 months ago
Status changed to Solved mayumana22 • about 2 months ago