tldr; I use cloudflare for DNS and after setting up a wildcard custom domain in render I’ve had constant SSL issues - after removing the wildcard custom domain the site no longer works:
$ curl -i https://api.domain.com/health ✔ main ✱
curl: (35) error:14004458:SSL routines:CONNECT_CR_SRVR_HELLO:tlsv1 unrecognized name
non-tldr
We use cloudflare for DNS/proxy for all of our applications. At domain we were running a shopify shop, at foo.domain we had a react app and api.domain was the API (hosted on heroku) for that react app. I needed to introduce another application that caught all other subdomains and redirected them based on some business rules - cloudflare only offer this service on their enterprise plan and after seeing render offered this with SSL I wanted to try it out.
I setup the new app on render, setup the custom wildcard domain (*.domain) and added the suggested entries to cloudflare. From that point on the shopify shop stopped working as well as our API and react app at foo.domain and a few other apps running on subdomains all complaining about SSL errors. The redirect app was working as expected though.
Given render was the last change I removed the custom domain and was greeted with a nastier SSL error:
$ curl -i https://api.domain.com/health ✔ main ✱
curl: (35) error:14004458:SSL routines:CONNECT_CR_SRVR_HELLO:tlsv1 unrecognized name
I have now deleted the web service in render and the problem still persists. It feels like render is taking precedence over our entries in cloudflare. I don’t understand how that’s possible but I’m hoping there is something obvious that I’m not aware of.
I’d rather not expose the domains that I’m working on as they’re pre-launch products. My email here is the same as my account on render.
Thanks in advance for any help.