I am using the cloudflare “Origin Certificate Installation”, which gives me the Origin Certificate, and the “Private key”, I then get the “Cloudflare Origin CA” from here: https://support.cloudflare.com/hc/articles/115000479507
I paste the 3 PEM texts into AWS Certificate Manager, and each time, no matter what I try (RSA or ECC), it fails on the Cloudflare Origin CA part.
It is reading the certificate - as It is seeing the correct domain names, and the expiry date is correct, but it does not like the Cloudflare Origin CA:
I tried the certificate created by AWS Certificate Manager - that is where you add a cname record to your sites DNS?
It just didnt feel the same as installing a certificate onto the server, just a link through DNS?
Also - it was only valid for 1 year, compared to the 15 years of a cloudflare origin certificate, and i was not sure how to renew the AWS Certificate (or if it auto-renews).