Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

DNS issue with Cloudflare

hi everyone, I am currently testing the free version of Jira Software and it seems very good!

I am thinking to upgrade to the pro version, but I am a bit confused about what is happening with DNS verication.  I have added (as suggested) all the values on my Cloudflare, but only one has been validated. I tried to take a look at the community but I haven't found anything helpful. Is there someone else who faced and solved it?

Any help would be much appreciated!

Thank you in advance,

AngeloScreenshot 2022-08-16 085842.jpg


2 answers

1 accepted

1 vote
Answer accepted
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Aug 17, 2022


The free vs paid site won't make a difference here.  It looks like you are trying to follow the steps in

But I can see that you are missing several expected DNS records here.  For example, when I ran a terminal command to lookup the DNS txt and cname records of your domain, such as

% dig CNAME

; <<>> DiG 9.10.6 <<>> CNAME
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2836
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 4096

;; AUTHORITY SECTION: 2818 IN SOA 2286121512 10000 2400 604800 3600

^ there are no entries in the ANSWER section which would seem to indicate you don't have the 3 CNAME records we expect to see on your domain.


And for

dig txt

; <<>> DiG 9.10.6 <<>> txt
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64661
;; flags: qr rd ra; QUERY: 1, ANSWER: 10, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: Message has 60 extra bytes at end


;; ANSWER SECTION: 300 IN TXT "MS=[redacted]" 300 IN TXT "atlassian-domain-verification=[redacted]" 300 IN TXT "MS=[redacted]" 300 IN TXT "google-site-verification=[redacted]" 300 IN TXT "apple-domain-verification=[redacted]" 300 IN TXT "atlassian-sending-domain-verification=[redacted]"

The last record is correct, and verifies according to your screenshot, but the TTL (time to live) values are extremely low (300).  Our documentation indicates we expect a value of 86400 instead.  The problem can be with low TTL here is that our services would have to invalidate the cache of DNS records within 5 minutes, requiring a new lookup to your DNS server each time.  If that fails for any reason, it can also cause the check to fail.

So to fix this, you will need to copy the values on your screenshot and create the appropriate DNS records on your domain.  Once that is done, it could take a few hours for our services to automatically attempt to check this and verify again.

Hi Andy,

thanks for your reply, I really appreciate it.

I've just noticed the SPF record took a while for validation, and now is fine. CNAMEs are still showing an error, even though I have added them on Cloudflare, am I missing something?


Screenshot 2022-08-17 224930.jpg


Screenshot 2022-08-17 225310.jpg 

Thank you in advance for your precious help,


Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Aug 18, 2022

Thanks for the screenshot.  It looks like the CNAME records are being proxied.  This would explain why they are not being propagated to other DNS servers yet.  I found another guide some users made over in which indicates you need to

Note: For CNAME Records, turn off the proxy status if you’re using Cloudflare.

I suspect you will need to make that change to get this to work.  Right now it looks like the value is 'proxied' but instead should be 'DNS only'.

Try that.

Hi Andy,

I have turned off proxy for CNAMEs , but weirdly after 24 hours nothing is working, even TXTs which were working previously.

Please note I haven't changed TXT as they were working before CNAME change.


Thanks again for your help,

AngeloScreenshot 2022-08-19 102428.jpgScreenshot 2022-08-19 102506.jpg

Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Aug 19, 2022

Please review

It can take up to 72 hours for your domain to verify after the DNS changes take effect.


But again, you need to increase the TTL (Time to live) values of these TXT records.  According to my DNS server, your value is still 500.  But our documented guide states this value should be 86400.  Having such a low value will cause your records to time out prematurely.  Also our system is limited in regards to how often our system will check for new records.  With a very low value like yours, the record has expired before we will look it up again.  That is why the TXT records were working before but stopped now. 

Thanks a lot for your help Andy!!!

it worked!!!!

Angelo SerraScreenshot 2022-08-20 160934.jpg

Like Andy Heinzer likes this

I just wanted to echo Andy's comments about TTL and Proxying related specifically to Cloudflare. Leaving the TTL set to "Auto" is not sufficient and you must increase the TTL.

Andy's comments were very helpful in troubleshooting issues we had with domain verification. After making the changes below, our domain was verified within 5 minutes.

  • Set TTL to "1 day" for all records
  • Disable Proxy and set to "DNS only" for all records
  • Optional: Add a tag to each DNS entry for easier reference in the future



Suggest an answer

Log in or Sign up to answer
Site Admin
AUG Leaders

Atlassian Community Events