How to enable https support on custom domains 2

I registered a domain: tunnaduong.com. The main domain is used for online CV. The subdomain I want to connect with my Github Pages (duongtunganh.github.io) is blog.tunnaduong.com. I only added 1 CNAME record on CloudFlare but not 4 A records for apex domain. It is: blog.tunnaduong.com is an alias of duongtunganh.github.io. I tried deleting CNAME file on my Github repo and re-adding my custom subdomain but it still says “Unavailable for your site because your domain is not properly configured to support HTTPS”. I have waited for 1 week and it still said like that. What can I do?

Below is the transcript among me and the virtual assistant of Github. It stuck on the What domain would you like to publish your site on? question. I can’t continue.

Transcript:

  • from_agent : Hi, @tunnaduong.
  • from_agent : Are you having trouble loading or publishing your GitHub Pages site on a custom domain? Yes No
  • from_user : Yes
  • from_agent : What domain would you like to publish your site on?

Hello,

Cloudflare acts as an HTTP proxy and as such, when it is configured, Pages will not be able to request a certificate on your behalf. While we do show an error today (we will improve the validation logic in the near future), it should still let you association the custom domain (with a CNAME file or directly in the Pages settings page of your repository).

Please try again to associate the custom domain.

You will not be able to enable the Pages option to enforce HTTPS (we just don’t support that today when Cloudflare is in the middle) but you should be able to configure that on Cloudflare’s side. They do handle your TLS certificate for you, and as you can see on your main domain, they are giving you a wildcard certificate that will work for your blog as well: