CloudFlare provides free CDN with full SSL support. It is powerful and userful. But sometimes one can run into problems with it.
When CloudFlare CDN is set to on, CloudFlare will be proxying access to the origin server. The connection between CloudFlare and origin server could be either HTTP or HTTPS. This could be controlled in SSL/TLS tab.
If SSL is set to Flexible, CloudFlare will connect to the origin server via HTTP. Now if origin server is configured to redirect all HTTP access to HTTPS, CloudFlare will insist connecting via HTTP, and after multiple retries this error happens. Under this case, SSL should be set to Full (strict) which prompts CloudFlare to use HTTPS for connection to origin server.
This is caused by Multi-Level Subdomain DNS. CloudFlare free tier provides SSL certificates for
*.example.com. The 4th subdomains will not match any valid certificate due to a limitation in SSL.
To solve this problem, CloudFlare provides (paid) dedicated certificates. But if you stick with the free plan, you can only use 3rd subdomains with CloudFlare CDN.