R2 custom domain intermittently returns ERR_CERT_AUTHORITY_INVALID
📙DNS🔐SSL/TLS
Hi, we are experiencing an intermittent SSL / certificate validation issue with an R2 custom domain, which appears to be related to IPv6 edge handling.
Custom domain: uploads.domain.com (R2 custom domain, proxied)
Symptoms:
IPv4 access works consistently.
Some users intermittently receive ERR_CERT_AUTHORITY_INVALID in browsers.
The issue only affects certain networks / clients.
Diagnostics:
curl -4 uploads.domain.com → works
curl -6 uploads.domain.com → fails with:
“The requested name is valid, but no data of the requested type was found”
openssl s_client -6 also fails to resolve/connect.
Additional info:
Edge certificates are Active.
Universal SSL is enabled.
DNS is proxied via Cloudflare.
No AAAA record is configured.
IPv6 cannot be disabled at the zone level.
This looks like an IPv6 edge / DNS / certificate propagation issue specific to R2 custom domains.
Has anyone seen similar behavior, or can someone from the R2 team take a look at IPv6 handling for this setup?
Custom domain: uploads.domain.com (R2 custom domain, proxied)
Symptoms:
IPv4 access works consistently.
Some users intermittently receive ERR_CERT_AUTHORITY_INVALID in browsers.
The issue only affects certain networks / clients.
Diagnostics:
curl -4 uploads.domain.com → works
curl -6 uploads.domain.com → fails with:
“The requested name is valid, but no data of the requested type was found”
openssl s_client -6 also fails to resolve/connect.
Additional info:
Edge certificates are Active.
Universal SSL is enabled.
DNS is proxied via Cloudflare.
No AAAA record is configured.
IPv6 cannot be disabled at the zone level.
This looks like an IPv6 edge / DNS / certificate propagation issue specific to R2 custom domains.
Has anyone seen similar behavior, or can someone from the R2 team take a look at IPv6 handling for this setup?
Welcome to the official Cloudflare Developers server. Here you can ask for help and stay updated with the latest news
85,042Members
Resources
Similar Threads
Was this page helpful?
