Unless CF provides some way of rewriting the Host: header, it won't work because ultimately Google will reject the naked domain request. A long time ago CF actually provided this ability, but then they removed it for reasons I do not understand. You can always ask to bring it back.
We use CF for SSL (see http://blorn.com/post/20185054195/ssl-for-your-domain-on-google-app-engine), but we wouldn't try this trick with naked domains even if it worked - you'd be permanently dependent on CF. I like being able to yank them out of the pipeline if necessary. Jeff On Thu, Apr 10, 2014 at 2:44 PM, PK <[email protected]> wrote: > I have read in this list that others have gotten this to work. However, I > have not pursued it because the state of the art of this integration means > that traffic from CloudFlare Data Center(s) to Google Data Center(s) will be > unencrypted and this does not pass my end to end security standards. > > PK > http://www.gae123.com > > On April 10, 2014 at 12:31:53 PM, Dan ([email protected]) wrote: > > Thanks for the info. Interesting that naked domains may work with > CloudFlare's Flexible SSL option. > > Can anyone confirm this? I don't want to spend $20 for their pro plan just > to find out it does not work. CloudFlare's support has not been that great. > The support guy still thinks it should all just work even without SSL turned > on and advised me to 'check my settings on GAE'... > > On Thursday, April 10, 2014 7:30:53 PM UTC+1, barryhunter wrote: >> >> >> >>> >>> I have set up the entry as so 'myapp.appspot.com CNAME mydomain.com' but >>> with no success. >> >> >> That doesnt work on its own, because CloudFlare's proxy will send the HTTP >> Host header, still set to mydomain.com back to the origin (AppEngine) - in >> that situation, AppEngine has no way of knowing what appid, is meant to >> serve the domain. >> >> >> >> >>> >>> >>> If you have made naked domains work with GAE, how did you do it? >> >> >> You need a proxy, capable of rewriting the http host header. There are >> commerical services that offer this. >> >> I've done it previously using Varnish on a small VPS. quite easy to setup >> if have some basic linux knowledge. >> >> >> And I do know edgecast CDN does offer http header rewriting, but not tried >> it with AppEngine. >> >> >> People using CloudFlare with AppEngine, I think is using the SSL option, >> where the Flexible SSL option may well offer host header rewriting (because >> it reterminates SSL) - so using the SSL option, even if you dont strictly >> need SSL, might work. >> >> > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/google-appengine. > For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/google-appengine. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/google-appengine. For more options, visit https://groups.google.com/d/optout.
