Using an .af TLD with Blot (via Cloudflare)

Published July 13, 2018

I recently found Blot and made the jump. I spent time reading the docs and creating a theme for my blog. David has been very helpful answering questions I’ve encountered through the process.

One such issue I encountered was getting my domain,, setup with Blot. This is a general overview of that issue.

Using Cloudflare

Blot’s docs on using a custom domain specify using an ALIAS DNS record for an apex (e.g. vs domain. An ALIAS record specifically is only available via DNSimple — a paid service. However, Cloudflare supports CNAME flattening which will also work. Having used Cloudflare previously (on their generous free tier) I opted for that route.

After updating the nameservers to point to Cloudflare & adding the domain in Blot it was time to play the game of How Fast Can DNS Propagate™. However, when trying to reach my site I was getting a cryptic SSL error:

Cryptic SSL errorCryptic SSL error

I also noticed that within Cloudflare my Universal SSL Status was marked as Ineligible for SSL which was odd. On a whim, I updated the DNS records as DNS only”, as opposed to the default DNS & CDN (routes traffic through Cloudflare).

Oddly enough, this worked. But why?

The Culprit

I put in a support ticket with Cloudflare to get to the bottom of this issue. Several days later, I got a response:

Universal SSL does not currently support issuing for the .af ccTLD.

This is due to a restriction from Comodo:

Ideally I would’ve liked to see this issue presented more clearly in Cloudflare’s dashboard UI — as opposed to making a support request to get to the bottom.

tl;dr If using an .af TLD on Cloudflare you’ll probably want to set your DNS records as DNS-only (i.e. the grey cloud in the UI).

I love hearing from readers so please feel free to reach out.

Reply via email

Last modified July 9, 2024  #dev   #blot   #dns 

← Newer post  •  Older post →