From 24ab0adef50b031766703b9fa40fc71fefd699bb Mon Sep 17 00:00:00 2001 From: Kate Tungusova Date: Fri, 24 Jan 2025 19:13:39 +0000 Subject: [PATCH 1/2] [CF1] public hostname error --- .../get-started/create-remote-tunnel.mdx | 3 ++- .../docs/cloudflare-one/faq/troubleshooting.mdx | 6 ++++++ .../cloudflare-one/tunnel/add-public-hostname.mdx | 10 ++++++---- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel.mdx b/src/content/docs/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel.mdx index 290a4e33f4263b3..8930e2c6e8317be 100644 --- a/src/content/docs/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel.mdx @@ -26,6 +26,8 @@ Follow these steps to connect an application through your tunnel. If you are loo +If you add a multi-level subdomain (more than one level of subdomain), you must [order a Advanced Certificate for the hostname](/cloudflare-one/faq/troubleshooting/#i-see-this-site-cant-provide-a-secure-connection). + The application is now publicly available on the Internet. To allow or block specific users, [create an Access application](/cloudflare-one/applications/configure-apps/self-hosted-public-app/). ## 2b. Connect a network @@ -43,4 +45,3 @@ To configure Zero Trust policies and connect as a user, refer to [Connect privat After saving the tunnel, you will be redirected to the **Tunnels** page. Look for your new tunnel to be listed along with its active connector. ![Tunnel appearing in the Tunnels table](~/assets/images/cloudflare-one/connections/connect-apps/tunnel-table.png) - diff --git a/src/content/docs/cloudflare-one/faq/troubleshooting.mdx b/src/content/docs/cloudflare-one/faq/troubleshooting.mdx index 16d9c86888c408d..37c07fdd6e841c3 100644 --- a/src/content/docs/cloudflare-one/faq/troubleshooting.mdx +++ b/src/content/docs/cloudflare-one/faq/troubleshooting.mdx @@ -180,3 +180,9 @@ If you need to unblock port `25`, contact your account team. This issue can occur when communicating with an origin that partially supports HTTP/2. In these scenarios, the connection from Gateway to the website starts using HTTP/2 but requests a downgrade to HTTP/1.1 for some requests. For example, servers such as [Microsoft Internet Information Services (IIS)](https://learn.microsoft.com/iis/get-started/whats-new-in-iis-10/http2-on-iis#when-is-http2-not-supported) do not support authentication over HTTP/2. When errors occur, the website may send back a `RST_STREAM` frame with the error code `HTTP_1_1_REQUIRED`, which indicates that the browser should retry the request over HTTP/1.1. Gateway translates any received upstream `RST_STREAM` frames to a pseudo socket close, so this appears as a `502 Bad Gateway` exception page. The browser will not indicate why it failed. Gateway does not support this downgrade mechanism. When receiving the `HTTP_1_1_REQUIRED` error code, Gateway will not reissue requests over HTTP/1.1. To make the connection from Gateway to the website successfully, you will need to disable HTTP/2 at the origin. + +## I see `This site can't provide a secure connection.` + +If you see an error with the title `This site can't provide a secure connection` and a subtitle of ` uses an unsupported protocol`, you must [order an Advanced Certificate](/ssl/edge-certificates/advanced-certificate-manager/manage-certificates/#create-a-certificate). + +If you added a [multi-level subdomain](/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/#2a-connect-an-application) (more than one level of subdomain), you must order an [Advanced Certificate for the hostname](/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/#2a-connect-an-application) as Cloudflare's Universal certificate will not cover the public hostname by default. diff --git a/src/content/partials/cloudflare-one/tunnel/add-public-hostname.mdx b/src/content/partials/cloudflare-one/tunnel/add-public-hostname.mdx index ef82712df33af66..7e0198db04e9548 100644 --- a/src/content/partials/cloudflare-one/tunnel/add-public-hostname.mdx +++ b/src/content/partials/cloudflare-one/tunnel/add-public-hostname.mdx @@ -3,10 +3,12 @@ --- -1. In the **Public Hostnames** tab, choose a **Domain** and specify any subdomain or path information. +1. In the **Public Hostnames** tab, select **+ Add a public hostname**. -2. Specify a service, for example `https://localhost:8000`. +2. Enter a subdomain and select a _Domain_ from the dropdown menu. Specify any subdomain or path information. -3. Under **Additional application settings**, specify any [parameters](/cloudflare-one/connections/connect-networks/configure-tunnels/origin-configuration/) you would like to add to your tunnel configuration. +3. Specify a service, for example `https://localhost:8000`. -4. Select **Save tunnel**. +4. Under **Additional application settings**, specify any [parameters](/cloudflare-one/connections/connect-networks/configure-tunnels/origin-configuration/) you would like to add to your tunnel configuration. + +5. Select **Save hostname**. \ No newline at end of file From 0e6851e4fd74c838278e3fae3f3571d3e2f5d08b Mon Sep 17 00:00:00 2001 From: Kate Tungusova <70746074+deadlypants1973@users.noreply.github.com> Date: Mon, 27 Jan 2025 11:20:05 +0000 Subject: [PATCH 2/2] Apply suggestions from code review pcx edits Co-authored-by: Patricia Santa Ana <103445940+patriciasantaana@users.noreply.github.com> Co-authored-by: ranbel <101146722+ranbel@users.noreply.github.com> --- .../connect-networks/get-started/create-remote-tunnel.mdx | 2 +- src/content/docs/cloudflare-one/faq/troubleshooting.mdx | 2 +- .../partials/cloudflare-one/tunnel/add-public-hostname.mdx | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel.mdx b/src/content/docs/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel.mdx index 8930e2c6e8317be..e3f91cbe5ff87ae 100644 --- a/src/content/docs/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel.mdx @@ -26,7 +26,7 @@ Follow these steps to connect an application through your tunnel. If you are loo -If you add a multi-level subdomain (more than one level of subdomain), you must [order a Advanced Certificate for the hostname](/cloudflare-one/faq/troubleshooting/#i-see-this-site-cant-provide-a-secure-connection). +If you add a multi-level subdomain (more than one level of subdomain), you must [order an Advanced Certificate for the hostname](/cloudflare-one/faq/troubleshooting/#i-see-this-site-cant-provide-a-secure-connection). The application is now publicly available on the Internet. To allow or block specific users, [create an Access application](/cloudflare-one/applications/configure-apps/self-hosted-public-app/). diff --git a/src/content/docs/cloudflare-one/faq/troubleshooting.mdx b/src/content/docs/cloudflare-one/faq/troubleshooting.mdx index 37c07fdd6e841c3..7a5dad59db6e3f0 100644 --- a/src/content/docs/cloudflare-one/faq/troubleshooting.mdx +++ b/src/content/docs/cloudflare-one/faq/troubleshooting.mdx @@ -185,4 +185,4 @@ Gateway does not support this downgrade mechanism. When receiving the `HTTP_1_1_ If you see an error with the title `This site can't provide a secure connection` and a subtitle of ` uses an unsupported protocol`, you must [order an Advanced Certificate](/ssl/edge-certificates/advanced-certificate-manager/manage-certificates/#create-a-certificate). -If you added a [multi-level subdomain](/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/#2a-connect-an-application) (more than one level of subdomain), you must order an [Advanced Certificate for the hostname](/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/#2a-connect-an-application) as Cloudflare's Universal certificate will not cover the public hostname by default. +If you added a [multi-level subdomain](/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/#2a-connect-an-application) (more than one level of subdomain), you must [order an Advanced Certificate for the hostname](/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/#2a-connect-an-application) as Cloudflare's Universal certificate will not cover the public hostname by default. diff --git a/src/content/partials/cloudflare-one/tunnel/add-public-hostname.mdx b/src/content/partials/cloudflare-one/tunnel/add-public-hostname.mdx index 7e0198db04e9548..a06546576bf4e31 100644 --- a/src/content/partials/cloudflare-one/tunnel/add-public-hostname.mdx +++ b/src/content/partials/cloudflare-one/tunnel/add-public-hostname.mdx @@ -3,9 +3,9 @@ --- -1. In the **Public Hostnames** tab, select **+ Add a public hostname**. +1. In the **Public Hostnames** tab, select **Add a public hostname**. -2. Enter a subdomain and select a _Domain_ from the dropdown menu. Specify any subdomain or path information. +2. Enter a subdomain and select a **Domain** from the dropdown menu. Specify any subdomain or path information. 3. Specify a service, for example `https://localhost:8000`.