We are planning to move our API endpoints to be protected by Cloudflare. All endpoints are accessible using HTTPS using SSL certificates provided by Cloudflare. All applications which will access API should be able to validate these SSL certificates.
Our questions are following:
- Which CA should be added to the application keystore in order to validate any SSL certificates provided by Cloudflare?
- Is there any documentations about Cloudflare SSL provided certificates?