Activate Domain without interruption

I read the whole guide about switching to Cloudflare without interruption (Change your nameservers (Full setup) · Cloudflare DNS docs).

My remaining question is:
When I prepare all DNS entries with “DNS only” so that Cloudflare gets bypassed, what happens if the HTTPS certificates are not issued early enough?
As far as I understand, Cloudflare only issues the General Certificates if the domain gets activated.
So how can I make sure that the certificates are IN PLACE as soon as traffic arrives at Cloudflare?


If you use “DNS only” then requests go direct to your origin so the timing of the Cloudflare edge SSL certificate won’t be a problem.

You can set up a test subdomain that is proxied if you want to check the SSL certificate is working OK before proxying your public site.

1 Like

Thanks. I was not sure if “DNS only” also bypasses the HTTPS requests. So you say it is really passing through the whole traffic? What is then the difference to “Pause Domain” from Cloudflare compared to “DNS only” ?

“DNS only” can be set for individual records. “Pause” will bypass Cloudflare for all records (without changing the individual switches) for debugging or bypassing Cloudflare for everything without having to change nameservers away.

If you just have 1 or 2 DNS records, you can do either. Some people have 100s or 1000s of records, and a mix of proxied and “DNS only” so a global pause is easier there.

1 Like

Thank you!

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.