Skip to content

Document wildcard TLS certificate requirement for sandbox preview URLs#28315

Merged
ghostwriternr merged 1 commit intoproductionfrom
sandbox/preview-url-tls-docs
Feb 13, 2026
Merged

Document wildcard TLS certificate requirement for sandbox preview URLs#28315
ghostwriternr merged 1 commit intoproductionfrom
sandbox/preview-url-tls-docs

Conversation

@ghostwriternr
Copy link
Member

Workers deployed on a subdomain (e.g., sandbox.yourdomain.com) produce second-level wildcard preview URLs (*.sandbox.yourdomain.com) that Universal SSL doesn't cover. This causes TLS handshake failures with no actionable guidance in the docs — the troubleshooting section just said "wait a few minutes."

Adds a caution callout to the production deployment guide with three options (apex domain, ACM, or a free Let's Encrypt cert), and fixes the preview URLs concept page which implied TLS is always automatic.

Universal SSL only covers first-level wildcards. Workers deployed
on subdomains produce second-level wildcard preview URLs that need
either ACM, a custom certificate, or deploying on the apex domain.
@github-actions
Copy link
Contributor

This pull request requires reviews from CODEOWNERS as it changes files that match the following patterns:

Pattern Owners
/src/content/docs/sandbox/ @whoiskatrin, @ghostwriternr, @cloudflare/pcx-technical-writing, @cloudflare/ai-agents

@ghostwriternr ghostwriternr enabled auto-merge (squash) February 13, 2026 11:23
@ghostwriternr ghostwriternr merged commit c9a041c into production Feb 13, 2026
12 checks passed
@ghostwriternr ghostwriternr deleted the sandbox/preview-url-tls-docs branch February 13, 2026 11:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants