CNAME/A Record for Subdomain Resolving to Unknown IP
Hi, I am not sure what is causing this. Everything was setup and working for months now, but all the sudden when I go to my subdomain, I get a Error Code 526 Invalid SSL certificate.
Bluehost has a valid certificate, however when I go to SSL/TLS status, for my subdomain it shows error "The domain support.mydomain.com resolved to an IP address 104.21.xx.xxx that does not exist on this server". This IP seems to be Cloudflare's.
I have an A record pointing to bluehost's server IP. Why is it resolving to Cloudflare's IP? It was working fine for months up until now.
14 Replies
Why is it resolving to Cloudflare's IP?Because you have proxy enabled on the record
Error Code 526 Invalid SSL certificate.This means the cert its serving it, isn't valid. If you don't want/need proxy benefits (caching, waf, etc), disabling proxy would show the actual cert from your origin and help you directly fix it as well
Thanks for your response. I had tried disabling Proxy, waited an hour and this still did not resolve the issue. Is there another step I should take after disabling proxy?
Also, I previously had proxy enabled, and it was not an issue before.
From that screenshot, you disabled proxy on
www.support, and you're visiting supportHi. Even if I visit support.mydomain.com, i still get same error. I don't know why we have a TXT record for www.support anyways. So maybe I can delete it and just use the CNAME. I will see if this works. I have reached out to Zoho as well as my webhost and everyone is saying it is an issue with DNS. So I just want to know what do I need to do to fix?
No, I was saying to disable proxy on support.mydomain.com to remove CF from the equation
Ok I will try this again. Last time I did this, it did not work!
This is what happens when I disable proxy from support.mydomain
cool, so you can see the issue is your origin. Click on not secure and see the certificate they're serving. If you contact their support now, they can no longer blame Cloudflare for being in the middle either
Ok. So I contact bluehost? They are the ones that issue the certificates. Sorry for all the questions, I am really new to this stuff.
Yes. If you can share the URL I could try to see any more info about it, but with just the information given so far, I would contact them and say the certificate for your website is invalid and gives an error, and go from there
Ok, if they still can't resolve I'll share domain with you, I don't mind. Thank you for your time ❤️