Cloudflare mTLS rule not being applied

I just migrate our services from digitalocean app platform to railway. In digitalocean app platform we had an issue that made impossible to set up mTLS rules for our backend directly from the CF edge. This is from cloudflare's support:
Sorry that I overlooked this earlier, but it seems that the issue we're looking here is due to (OUR DOMAIN) being delegated to DigitalOcean App Platform (DIGITALOCEAN APP PLATFORM DOMAIN) which also using Cloudflare.
In this configuration, DigitalOcean's Cloudflare configuration will be used instead of your domain's.
Sorry that I overlooked this earlier, but it seems that the issue we're looking here is due to (OUR DOMAIN) being delegated to DigitalOcean App Platform (DIGITALOCEAN APP PLATFORM DOMAIN) which also using Cloudflare.
In this configuration, DigitalOcean's Cloudflare configuration will be used instead of your domain's.
Does railway have the same issue? Is there a way to solve it? From my tests the mTLS rule is still not working even under railway but maybe you guys are able to do something about it?
18 Replies
Percy
Percy2y ago
Project ID: a4ade34f-e90e-482a-81c8-bc6be2a6d782
Percy
Percy2y ago
⚠️ experimental feature
Davide
Davide2y ago
a4ade34f-e90e-482a-81c8-bc6be2a6d782
Brody
Brody2y ago
this shouldn't be a problem on railway, railway does not use cloudflare for your services
Davide
Davide2y ago
I guess I'll wait for an answer on CF side then thank you! oh I have another question since I'm here. When I generate a domain for my service, I get a random domain. my-service.up.railway.app If I then add my OWN domain to that service (mydomain.com), it gives me another random domain to CNAME to. Is it the same if I CNAME to the random previous domain (my-service.up.railway.app) instead of the one indicated? Also, is it possible to see it again after closing the modal window?
Brody
Brody2y ago
damn i sure wish i knew the answer to that, i was confused about that myself too, all i can say is use the first domain railway generates for you, the one based on your project name, ive seen people have issues with that random generated one
Davide
Davide2y ago
got it! We're planning on using railway for our startup, which already has quite a bit of traffic. Do you think railway is at a stage where it's stable enough to be used in production?
Brody
Brody2y ago
ill be honest the services are plenty stable, but the databases are not stable
Davide
Davide2y ago
For the databases (for now at least) we're planning on using external services (clickhouse.cloud, planetscale..). We are planning on using railway mostly for the backend and redis, and maybe postgres but for dev environments Our app is full rust so the resource usage is minimal. We won't need to horizontally scale anytime soon, vertically scaling is more than enough for now tho it would be cool to have HA with a failover server railway, not scaleway sorry lol typo
Brody
Brody2y ago
you had me there
Brody
Brody2y ago
Davide
Davide2y ago
ive been trying and using so many services lately my brain can't take it anymore hopefully railway will fit our needs, so far ive been very happy with it
Brody
Brody2y ago
and railway is working on a database systems overhall, so stable databases at some point, and they are also working on horizontal scaling and regions, so good stuff is coming
Davide
Davide2y ago
is there a very rough eta on that? like, is it planned on happening this year or next one?
Brody
Brody2y ago
the database stuff, no, they want to take their time and do it right. multi-region this year according to what ive heard, but im unsure of exact timelines for anything
Davide
Davide2y ago
what about horizontal scaling?
Brody
Brody2y ago
in the works, no eta for that though sorry i cant give better timelines, only the team knows that stuff
Davide
Davide2y ago
makes sense Alright, I'll wait for a response from CF about the mTLS issue and let you know if I can find a fix
Want results from more Discord servers?
Add your server