🐛 tunnel is not handling subdomain properly

[eximius313]

Describe the bug When I create my tunnel, then:

• foo.mydomain.com is working fine (I can connect to it)
• foo-bar.mydomain.com is working fine (I can connect to it)
• bar.foo.mydomain.com is not working (tunnel is being shown as "Active" but I can't connect to it)

To Reproduce Steps to reproduce the behavior:

1. cloudflared tunnel route dns -f <UUID> foo.bar.mydomain.com (or use Cloudflare GUI)
2. in .ssh/config

   Host foo.bar.mydomain.com
   ProxyCommand cloudflared access ssh --hostname %h

3. ssh user@foo.bar.mydomain.com

Expected behavior Tunnel works

Environment and versions

• OS: Linux
• Architecture: Arm64
• Version: 2022.6.3

Logs and errors

2022-07-05T20:29:54Z ERR failed to connect to origin error="websocket: bad handshake" originURL=https://foo.bar.mydomain.com
websocket: bad handshake
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535

[SayakMukhopadhyay]

I believe this is due to second level subdomains not being supported by the free certificates offered by cloudflare.

[sudarshan-reddy]

@SayakMukhopadhyay is correct.

[eximius313]

So how can I make bar.mydomain.com as "primary domain", so foo.bar.mydomain.com becomes "first level" instead of "second level"?

[ninjadev64]

Oh, god. I've spent 3 hours trying to fix this, and just found this. ughhh