308 Redirect loop when using CF Proxy on recently parked domain.
For a while I had my domain parked with a page rule that did a 308 to a different site and had a CNAME. Now I'm wanting to use this domain, I've converted the CNAME to an A record and deleted the redirect rule. When the proxy is ON I am stuck in a redirect rule, when the proxy is off the site behaves as expected. Any suggestions on where I should look to fix this? Thank you!
6 Replies
Things I've checked: SSL/TLS is flexible, HSTS is off, Authenticated origin is off, page rules are empty. Any help would be appreciated.
change ssl/tls -> full (strict)
if that doesn't fix it, share website url or the response headers
Trying it now
Ah fun, the cluster was using an internal cert. Gonna fix that and see if the larger issue is solved.
Cloudflare has free certs up to 15 years long trusted by proxy under ssl/tls -> origin server
Yep, just getting into the k8 now
What bit me is we have certmanager going with our own internal PKI, which shows valid to me 😛
That was in fact the issue! Thank you!
Any idea why the default behaviour is to redirect in on itself like that?
Flexible means http to origin from Cloudflare, your origin responds upgrading to https, Cloudflare helpfully proxies that redirect back to the user and declares its job done. Recycle and repeat