The hostname is using Cloudflare and cannot be activated with an TXT or HTTP validation token.
Hi all,
I'm in the process of onboarding one of our customers to the SaaS zone using an apex domain. The verification step has completed successfully, but we're running into an issue when setting the CNAME on the customer's domain to point to the SaaS zone.
Initially, we get a DNS error, followed by this message:
"The hostname is using Cloudflare and cannot be activated with a TXT or HTTP validation token. To activate the custom hostname, the DNS target needs to point to the SaaS zone."The customer is using Cloudflare for CNAME flattening at the apex level. I have a few questions I’m hoping someone can clarify: Are there any additional settings we need to be aware of when working with Cloudflare in this configuration? Should the CNAME record be set to DNS only or Proxied? Is this type of configuration even possible with an apex domain? If not, would requesting a dedicated SaaS IP address for customers using apex domains be a better approach? Any insights or tips would be greatly appreciated!
1 Reply
Hi,
I do recommend you to set the CNAME to only dns, otherwise your waf rules and any other settings won't apply to theirs domain.
Also so far I am aware there are only two methods for verify, txt or http. I do use http validation and have no issue wtih it at all.
I do actually having issue with this , ppl are setting proxy for the cname, and whenever there is ddos, my waf rules does not apply.
#Custom Hostname Proxy Issue