SOLVED: Cannot Create _TLS SRV Record in CloudFlare

If you use CloudFlare for DNS and you need to create a SRV record using the TLS protocol you will find that their interface does not support it.  The GUI only shows _TCP and _UDP in the protocol drop down.  Fortunately there is an easy way around this problem.

You can easily import a Zone file into CloudFlare and that will accept _TLS.

If you are working with Office 365’s DNS setup you can simply export the DNS Zone that they want you to add:

  1. Export a Zone File from Office 365 Admin PortalSurf to portal.office.com and sign in with administrators account
  2. Click SETUP
  3. On the GET YOUR CUSTOM DOMAIN SETUP click VIEW (even if it has a green check mark and shows Completed)
  4. Click MANAGE
  5. Click on the domain name you are having problems with
  6. Click the EXPORT OPTIONS drop down and select ZONE FILE
  7. Then you can open the .zone file with a text editor (like Notepad++ or Notepad) and strip out everything but the lines that are not already added
    1. You don’t have to strip out the dups but if you leave them in CloudFlare will give you errors when you attempt the import

Alternately, you can just create your own zone file using a text editor (like Notepad++ or Notepad).  Copy and paste the following entry below into your text editor and adjust the domain.  This is the entry we needed for our new domain ElectricCadi.com :

_sip._tls.electriccadi.com. 3600 IN SRV 100 1 443 sipdir.online.lync.com.

cloudflare import dns zone _tlsThen perform the import by:

  1. Surf the CloudFlare.com and sign in
  2. Select the domain you care about
  3. Click DNS
  4. Click ADVANCED
  5. Drag your zone file into the box
  6. Bingo

Leave a Reply