I had a frustrating time setting up a second subdomain with Cloudflare.
one virtualhost worked, but the other did not
In particular, I had set up docs.trentsonlinedocs.xyz, and that was working fine. No problem. But then I set up blog.trentsonlinedocs.xyz, with exact same configuration, and Cloudflare wouldn’t validate the connection to the origin server. Cloudflare was resolving the subdomain, but attempting to configure the subdomain as a virtualhost broke everything with a 525 error.
an additional origin ca specifically for the second virtualhost / subdomain
After some frustrating time futzing with the Apache configs, I finally stumbled onto a solution. This fix was to log into the Cloudflare dashboard, create an additional origin ca, and then specify the particular cert and key files in the virtualhost definition, overriding (apparently), the default-ssl.conf.