Already have a SSL on my donain, so whould I de-activiate cloudflare SSL?

I activated Cloudflare on my site, as I wanted to replace Amazon cloudfront, and so far, have seen good improvement in my site speed. But I have a few questions before I move towards paid plans

  1. SSL:

I have seen that under " Domain Summary" SSL is live as “Full” and when I clicked on Full I was redirected to Crypto > Manage cryptography settings for your website? SSL > Full

From here I selected Off as I my site is on Namecheap and I have a Comodo SSL/ But when I selected OFF: My site went down. So, I immediately re-selected Full in Crypto > Manage cryptography settings for your website? SSL > Full, and my site was on.

So, my question is that, is my site now on Cloudflare SSL? And what if I want to use my own purchased SSL, what settings I should update?

  1. Website development issues:

My site is on WordPress CMS and we use Avada WordPress theme on it. I just noticed that my page builder feature just stopped working, and because of that I am not able to create any new pages on my site.

Now I have read that I should de-activate the developer mode from Cache, and yes that worked for me all the page-builder features on my site start working.

But my question is that whenever we have to do some web development work like creating pages, we have to de-activate developer mode from Cache? And when we do that, is the Cloudflare features gets paused?

Regards,
Jatin Chhabra
Director at Santram Holidays Pvt Ltd

Hi @santramholidays,

  1. To use your own SSL certificate you can do the following:
  • Log in to your Cloudflare account and navigate to the SSL/TLS tab.
  • Under the “Edge Certificates” section, click the “Order SSL Certificate” button.
  • On the next screen, select “Custom SSL” to upload your own Comodo certificate.
  • Follow the prompts to enter the necessary information, such as the domain name and the SSL certificate and private key files.
  • Once the certificate is uploaded and activated, select it from the dropdown list and save the changes.
  • It may take some time for the certificate changes to propagate across the Cloudflare network. After the changes have taken effect, your website should be using your own SSL certificate instead of Cloudflare’s default certificate.
    2)Website development:
    When the page builder stopped working did you had any error message on the “network” or “console” tabs on your browser developer tools? You could do this, as it will be very helpful to debug the error.
    Deactivating Developer mode from cache activates Cloudflare cache mode and not the other way around, so as a general rule you should have this deactivated.

Hope this helps

@josealves

please check this few Scenario.

  1. I have domain in godaddy and NS record registered in Cloudflare.
  2. I am using free universal certificate as of now but i have purchase godaddy SSL and want to integrate this with cloudflare register DNS.
  3. What are the steps for same & how to integrate also verify same.
  4. Any additional costing from cloudflare for same scenario, like if i purchase ssl from godaddy and integrate & upload in cloudflare.

please let me know this.

Hi:
# Manage custom certificates

This page lists Cloudflare requirements for custom certificates and explains how to upload and update these certificates using Cloudflare dashboard or API.

## [​​](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/uploading/#certificate-requirements) Certificate requirements

Before accepting custom certificates, Cloudflare parses them and checks for validity according to a list of requirements.

Full list of requirements

Each custom certificate you upload must:

* Be encoded in PEM format (PEM, PKCS#7, or PKCS#12). See [Converting Using OpenSSL](https://www.sslshopper.com/article-most-common-openssl-commands.html)

* for conversion examples.
* Not have a [key file password](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/remove-file-key-password/).
* Not be expiring in less than 14 days from time of upload.
* Have a subject alternative name (SAN) matching at least one hostname in the zone where it is being uploaded.
* Use a private key greater than or equal to a minimum length. Currently, 2048 bit for RSA and 225 bit for ECDSA.
* Be publicly trusted by a major browser. This does not apply for certificates that specify `User Defined` as their [bundling methodology](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/bundling-methodologies/).
* Be one of the following certificate types:
  * Unified Communications Certificates (UCC)
  * Extended Validation (EV)
  * Domain Validated (DV)
  * Organization Validated (OV)

---

## [​​](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/uploading/#upload-a-custom-certificate) Upload a custom certificate

* [Dashboard](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/uploading/#)


To upload a custom SSL certificate in the dashboard:

1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com)

1. and select your account.
2. Select your application.
3. Go to **SSL/TLS**.
4. In **Edge Certificates**, select **Upload Custom SSL Certificate**.
5. Copy and paste relevant values into **SSL Certificate** and **Private key** text areas (or select **Paste from file**).

If doing this manually, include the `---BEGIN CERTIFICATE---` and `---END CERTIFICATE---` like the placeholder text.

6. Choose the appropriate [**Bundle Method**](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/bundling-methodologies/).
7. Select a value for [**Private Key Restriction**](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/#geo-key-manager-private-key-restriction).
8. Select a value for **Legacy Client Support**, which toggles [Server Name Indication (SNI)](https://developers.cloudflare.com/fundamentals/glossary/#server-name-indication-sni) support:
  * **Modern (recommended)**: SNI only
  * **Legacy**: Supports non-SNI
9. Select **Upload Custom Certificate**. If you see an error for `The key you provided does not match the certificate`, contact your Certificate Authority to ensure the private key matches the certificate.
10. (optional) [Add a CAA DNS record](https://developers.cloudflare.com/ssl/edge-certificates/caa-records/).

---

## [​​](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/uploading/#update-a-custom-certificate) Update a custom certificate

* [Dashboard](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/uploading/#)
*

To update a certificate in the dashboard:

1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com)

1. and select your account.
2. Select your application.
3. Go to **SSL/TLS**.
4. In **Edge Certificates**, locate a custom certificate.
5. Select the wrench icon and select **Replace SSL certificate and key**.
6. Follow the same steps as [upload a new certificate](https://developers.cloudflare.com/ssl/edge-certificates/custom-certificates/uploading/#upload-a-custom-certificate).

To update the **Private Key Restriction** setting of a certificate, delete and re-add the certificate.