I activated Cloudflare on my site, as I wanted to replace Amazon cloudfront, and so far, have seen good improvement in my site speed. But I have a few questions before I move towards paid plans
- SSL:
I have seen that under " Domain Summary" SSL is live as “Full” and when I clicked on Full I was redirected to Crypto > Manage cryptography settings for your website? SSL > Full
From here I selected Off as I my site is on Namecheap and I have a Comodo SSL/ But when I selected OFF: My site went down. So, I immediately re-selected Full in Crypto > Manage cryptography settings for your website? SSL > Full, and my site was on.
So, my question is that, is my site now on Cloudflare SSL? And what if I want to use my own purchased SSL, what settings I should update?
- Website development issues:
My site is on WordPress CMS and we use Avada WordPress theme on it. I just noticed that my page builder feature just stopped working, and because of that I am not able to create any new pages on my site.
Now I have read that I should de-activate the developer mode from Cache, and yes that worked for me all the page-builder features on my site start working.
But my question is that whenever we have to do some web development work like creating pages, we have to de-activate developer mode from Cache? And when we do that, is the Cloudflare features gets paused?
Regards,
Jatin Chhabra
Director at Santram Holidays Pvt Ltd
@josealves
please check this few Scenario.
- I have domain in godaddy and NS record registered in Cloudflare.
- I am using free universal certificate as of now but i have purchase godaddy SSL and want to integrate this with cloudflare register DNS.
- What are the steps for same & how to integrate also verify same.
- Any additional costing from cloudflare for same scenario, like if i purchase ssl from godaddy and integrate & upload in cloudflare.
please let me know this.
Hi:
# Manage custom certificates
This page lists Cloudflare requirements for custom certificates and explains how to upload and update these certificates using Cloudflare dashboard or API.
## [](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/uploading/#certificate-requirements) Certificate requirements
Before accepting custom certificates, Cloudflare parses them and checks for validity according to a list of requirements.
Full list of requirements
Each custom certificate you upload must:
* Be encoded in PEM format (PEM, PKCS#7, or PKCS#12). See [Converting Using OpenSSL](https://www.sslshopper.com/article-most-common-openssl-commands.html)
* for conversion examples.
* Not have a [key file password](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/remove-file-key-password/).
* Not be expiring in less than 14 days from time of upload.
* Have a subject alternative name (SAN) matching at least one hostname in the zone where it is being uploaded.
* Use a private key greater than or equal to a minimum length. Currently, 2048 bit for RSA and 225 bit for ECDSA.
* Be publicly trusted by a major browser. This does not apply for certificates that specify `User Defined` as their [bundling methodology](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/bundling-methodologies/).
* Be one of the following certificate types:
* Unified Communications Certificates (UCC)
* Extended Validation (EV)
* Domain Validated (DV)
* Organization Validated (OV)
---
## [](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/uploading/#upload-a-custom-certificate) Upload a custom certificate
* [Dashboard](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/uploading/#)
To upload a custom SSL certificate in the dashboard:
1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com)
1. and select your account.
2. Select your application.
3. Go to **SSL/TLS**.
4. In **Edge Certificates**, select **Upload Custom SSL Certificate**.
5. Copy and paste relevant values into **SSL Certificate** and **Private key** text areas (or select **Paste from file**).
If doing this manually, include the `---BEGIN CERTIFICATE---` and `---END CERTIFICATE---` like the placeholder text.
6. Choose the appropriate [**Bundle Method**](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/bundling-methodologies/).
7. Select a value for [**Private Key Restriction**](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/#geo-key-manager-private-key-restriction).
8. Select a value for **Legacy Client Support**, which toggles [Server Name Indication (SNI)](https://developers.cloudflare.com/fundamentals/glossary/#server-name-indication-sni) support:
* **Modern (recommended)**: SNI only
* **Legacy**: Supports non-SNI
9. Select **Upload Custom Certificate**. If you see an error for `The key you provided does not match the certificate`, contact your Certificate Authority to ensure the private key matches the certificate.
10. (optional) [Add a CAA DNS record](https://developers.cloudflare.com/ssl/edge-certificates/caa-records/).
---
## [](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/uploading/#update-a-custom-certificate) Update a custom certificate
* [Dashboard](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/uploading/#)
*
To update a certificate in the dashboard:
1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com)
1. and select your account.
2. Select your application.
3. Go to **SSL/TLS**.
4. In **Edge Certificates**, locate a custom certificate.
5. Select the wrench icon and select **Replace SSL certificate and key**.
6. Follow the same steps as [upload a new certificate](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/uploading/#upload-a-custom-certificate).
To update the **Private Key Restriction** setting of a certificate, delete and re-add the certificate.