While that works it's not completely secure, only Full SSL (strict) or Full SSL (origin ca)* is, not plain Full SSL. In Full SSL mode Cloudflare doesn't verify the common name on the certificate served by AppEngine which is why it works as you described. If I enable Full SSL (strict) using the setup you described it fails because the certificate AppEngine is serving is for example.appspot.com and not example.com.
What I had hoped to do was enable managed security on AppEngine so that AppEngine served a certificate with the correct common name. But it seems like AppEngine does DNS checks before allowing the certificate to work. Is there anyway to make this work? Leigh * Note: Full SSL (origin ca) is also not supported by AppEngine, because AppEngine doesn't allow the use of certificates that have been signed by a CA that isn't a trusted CA. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/aef479df-e23a-42c8-b9a1-9e4a6326de8d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
