GAE Managed SSL is NOT working with Cloudflare (CDN).
I have tried Managed SSL and it works out of the box except for the domains that are proxied via cloudflare's CDN.
To be more specific, the DNS provider for my domain (
example.com) is Cloudflare and my DNS configuration is as follows:
The difference in this two DNS configuration is that when you ping
api.example.com, it returns a Google(GAE) IP address while pinging
www.example.com returns a Cloudflare IP address, simply because
www.example.com passes through the cloudflare's CDN first.
So, when I enabled GAE managed SSL on these two domains,
api.example.com worked, but
www.example.com never worked - it just keeps waiting endlessly for activation.
The reason why one works and the other failed is very clear to me.
As for
api.example.com, it worked because google's backend was able to verify its SSL certificate after deployment, since the
api.example.com points to GAE's A/AAAA DNS record. On the other hand,
www.example.com failed, simply because it is proxied via Cloudflare's CDN, which means that
www.example.com points to Cloudflare's A/AAAA DNS record, which would ofcourse stand in the way of google from verifying the deployed SSL certificate.
I quite understand the cause of this problem, but am writing this as a feedback to google engineers, since GAE Managed SSL is still in BETA. Maybe they can find something to do about it, considering the fact that a lot of websites use Cloudflare DNS and infact, most sites that use Cloudflare DNS, use it majorly because of their CDN proxying.