wide dew
Hello, I have a .it domain registered on a local italian registrar and would like to enable Cloudflare One on a specific subdomain - I am not allowed to transfer the domain or change the root NX records.
I did already setup a tunnel to my endpoint, which shows up as "Healthy".
I created a policy to allow specific emails within a fixed list.
In addition to all the above, assisted by AI which was repeating with full confidence that my desired setup was definitely possible on cloudflare, I did the following with respect to my domain:
- I started manual onboarding of my domain (note: the onboarding is only possible for the root domain);
- I chose to manually enter DNS records;
- On my local italian registrar, I created NX records for the subdomain, and pointed them to the cloudflare DNS servers;
- I created a CNAME record on the cloudflare "DNS Records" page for my domain, pointing the subdomain to the
[UUID].cfargotunnel.comFQDN - the tunnel ID seems to be recognized correctly, and the tunnel name is shown in the "Content" column
Now, this setup is not working because I cannot create a self-hosted application with a public hostname, referencing my policy and using one-time pins as login method.
- If I try to use the "default" input method on the GUI (for the self-hosted application), the root domain does not show up in the dropdown, probably because of its invalid state - more on this later;
- If I try to use the "custom" input method, and provide the full FQDN of my subdomain, when I try to save, i get this error:
Error configuring your application: Error: access.api.error.invalid_request: domain does not belong to zone;
Any ideas what to do?
Thanks in advance
heady depot
