*GAE Managed SSL is NOT working with Cloudflare (CDN).* I have tried Managed SSL and it works out of the box except for the domains that are proxied via cloudflare's CDN.
To be more specific, the DNS provider for my domain (example.com) is Cloudflare and my DNS configuration is as follows: www.example.com is setup to proxy via Cloudflare's CDN api.example.com by-passes the Cloudflare's CDN proxy Both www.example.com and api.example.com is setup as a custom domain under my GAE project. The difference in this two DNS configuration is that when you ping api.example.com, it returns a Google(GAE) IP address while pinging www.example.com returns a Cloudflare IP address, simply because www.example.com passes through the cloudflare's CDN first. So, when I enabled GAE managed SSL on these two domains, api.example.com worked, but www.example.com never worked - it just keeps waiting endlessly for activation. The reason why one works and the other failed is very clear to me. As for api.example.com, it worked because google's backend was able to verify its SSL certificate after deployment, since the api.example.com points to GAE's A/AAAA DNS record. On the other hand, www.example.com failed, simply because it is proxied via Cloudflare's CDN, which means that www.example.com points to Cloudflare's A/AAAA DNS record, which would ofcourse stand in the way of google from verifying the deployed SSL certificate. I quite understand the cause of this problem, but am writing this as a feedback to google engineers, since GAE Managed SSL is still in BETA. Maybe they can find something to do about it, considering the fact that a lot of websites use Cloudflare DNS and infact, most sites that use Cloudflare DNS, use it majorly because of their CDN proxying. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/713a8e28-7c4b-4ce1-af90-bf8c30277072%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
