Api system with HTTPS: what/how should I configure?

Hi all,
I’ve some questions since I played around with the tools but I can’t get my head around them.

Briefly: we have a system that serves API mostly, we have few webpages. We have HTTPS certificates on our website (lets encrypt) I’ve set up the DNS to be NON-PROXIED.

Now:

  • the nice Cloudflare tools, such as firewall, analytics, etc, works only if I PROXY the DNS? It seems the case but from the Interface and docs, I did not find any help on this.
  • if I proxy the DNS, should I set up the SSL/TLS page in some sort? if so what? since I’ve https, do I need that part? or is it only for whoever does not have HTTPS on the server? will let’s encrypt certificate works? or since they are from authorized CA the only way to make them work is via Enterprise plan?
  • since we have few webpages, such as the website, or where we place the static, should I proxy that DNS record and or do anything on that side?
  • are there documentation or use cases that shows how cloudflare can help with that?
  1. Yes, Cloudflare features only work when the hostname is set to :orange:
  2. It sounds like you already have TLS on the server, so you just need to make sure TLS at Cloudflare is set to Full (Strict) and enable “Always Use HTTPS”. Auto HTTPS Rewrites may be handy as well.
  3. If your pages work now, they’ll most likely work with Cloudflare set to :orange:.

But to set to strict do I need a Enterprise account?

Is this all HTTP/S traffic? If so, then you shouldn’t need Enterprise. Business/Enterprise lets you upload your own certificate, but it shouldn’t come to that. Cloudflare already provides a certificate.

Ok, I found the problem. I’ve subdomains such as website.test.MYDOMIN.COM and that does not work.
it would be better if the UI tells you that rather than allowing one to enable it but blocking all the traffic afterwards.

You can use a sub-subdomain, but you’d need a custom certificate.

This topic was automatically closed after 31 days. New replies are no longer allowed.