Cloudflare Docs
Cloudflare for Platforms
Cloudflare Docs
Cloudflare for Platforms
GitHub icon
Edit this page on GitHub
Set theme to dark (⇧+D)
  1. Products
  2. Cloudflare for Platforms
  3. ...
  4. ...
  5. Provider guides
  6. Salesforce Commerce Cloud

Salesforce Commerce Cloud (SFCC)

Cloudflare partners with Salesforce Commerce Cloud to provide Salesforce Commerce Cloud customers’ websites with Cloudflare’s performance and security benefits.

If you use Salesforce Commerce Cloud and also have a Cloudflare Enterprise plan, you can use your own Cloudflare Zone to proxy web traffic to your Zone first, then Salesforce Commerce Cloud’s (the SaaS Provider) Zone second. This configuration option is called Orange-to-Orange (O2O).

​​ Benefits

O2O’s benefits include applying your own Cloudflare Zone’s services and settings - such as WAF, Bot Management, Waiting Room, and more - on the traffic destined for your Salesforce Commerce Cloud environment.

​​ How it works

For additional detail about how traffic routes when O2O is enabled, refer to How O2O works.

​​ Enable

You can only enable O2O on the Cloudflare Enterprise plan.

To enable O2O for a specific hostname within a Cloudflare Zone, create a Proxied CNAME DNS record with a target of the CNAME provided by SFCC Business Manager, which is the dashboard used by SFCC customers to configure their storefront environment.

The CNAME provided by SFCC Business Manager will resemble commcloud.prod-abcd-example-com.cc-ecdn.net and contains 3 distinct parts. For each hostname routing traffic through SFCC, be sure to update each part of the example CNAME to match your configuration:

  1. Environment: prod should be changed to prod or dev or stg.
  2. Realm: abcd should be changed to the Realm ID assigned to you by SFCC.
  3. Domain Name: example-com should be changed to match your domain name in a hyphenated format.
TypeNameTargetProxy status
CNAME<YOUR_HOSTNAME>commcloud.prod-abcd-example-com.cc-ecdn.netProxied

​​ Product compatibility

When a hostname within your Cloudflare Zone has O2O enabled, you assume additional responsibility for the traffic on that hostname because you can now configure various Cloudflare products to affect that traffic. Some of the Cloudflare products compatible with O2O are:

For a full list of compatible products and potential limitations, refer to Product compatibility.

​​ Additional support

If you are a Salesforce Commerce Cloud customer and have set up your own Cloudflare Zone with O2O enabled on specific hostnames, contact your Cloudflare Account Team or Cloudflare Support for help resolving issues in your own Zone.

Cloudflare will turn to Salesforce Commerce Cloud if there are technical issues that Cloudflare cannot resolve.

​​ Resolving SSL errors using Cloudflare Managed Certificates

If you encounter SSL errors when attempting to activate a Cloudflare Managed Certificate, verify if you have a CAA record on your domain name with command dig +short example.com CAA.

If you do have a CAA record, verify that it permits SSL certificates to be issued by the certificate authorities supported by Cloudflare.