SOLVED: Cannot Create _TLS SRV Record in CloudFlare

If you use CloudFlare for DNS and you need to create a SRV record using the TLS protocol you will find that their interface does not support it.  The GUI only shows _TCP and _UDP in the protocol drop down.  Fortunately there is an easy way around this problem.

You can easily import a Zone file into CloudFlare and that will accept _TLS.

If you are working with Office 365’s DNS setup you can simply export the DNS Zone that they want you to add:

  1. Export a Zone File from Office 365 Admin PortalSurf to and sign in with administrators account
  2. Click SETUP
  3. On the GET YOUR CUSTOM DOMAIN SETUP click VIEW (even if it has a green check mark and shows Completed)
  4. Click MANAGE
  5. Click on the domain name you are having problems with
  6. Click the EXPORT OPTIONS drop down and select ZONE FILE
  7. Then you can open the .zone file with a text editor (like Notepad++ or Notepad) and strip out everything but the lines that are not already added
    1. You don’t have to strip out the dups but if you leave them in CloudFlare will give you errors when you attempt the import

Alternately, you can just create your own zone file using a text editor (like Notepad++ or Notepad).  Copy and paste the following entry below into your text editor and adjust the domain.  This is the entry we needed for our new domain : 3600 IN SRV 100 1 443

cloudflare import dns zone _tlsThen perform the import by:

  1. Surf the and sign in
  2. Select the domain you care about
  3. Click DNS
  4. Click ADVANCED
  5. Drag your zone file into the box
  6. Bingo

Questions or Comments?