Cloudflare Origin CA certificates Question

Hi, I’ve been asked to setup a Cloudflare Origin Certificate on one of our servers, I’ve followed the guide and have done section 1 successfully, section 2 however has me completely stumped. It sends me off to DigiCert which starts to guide me through requesting a certificate and then buying one from them. Is this the correct step? If so what is the point of the p7k file and private key I just made on Cloudflare? I’m getting really confused with this, I assumed it would allow us to just download a certificate and apply it to our server. I’m using IIS 10 if it makes any difference.

Can you show us the link to the guide?


Hey, its this one:

I didn’t see DigiCert mentioned in the documentation. I’m not sure how this documentation sends you to DigiCert website. But if you are following the 4 steps under “Deploy an Origin CA certificate” section, it should be fine.

In section 2 part 2 theres a link for IIS 10 which goes to DigiCert:

I don’t know if this needs to be done or if this section can be skipped?