Do I need to enable https in NGINX along with SSL support on cloudflare?

ssl

#1

SSL noob here with some questions. I run a NGINX webserver with http://example.com/, http://pma.example.com/, ect a few subdomains. From my understanding cloudflare free supports SSL over just the http://example.com/ part without the subdomain, and to have a subdomain protected I need to either upgrade, or use my own certificate then disable cloudflare for that subdomain. Sounds OK to me.

Now, I read somewhere that Ryan posted about having SSL between the origin server and the cloudflare server. It would be great if someone could explain this, but the first question is.

Do I need to enable https support in nginx with cloudflare ssl enabled on http://example.com/?

Is NGINX with SSL enabled the part that takes care of the SSL connection between the origin server and the cloudflare server?

Hoping my question makes sense. Thanks


#2

Cloudflare’s free SSL also supports subdomains, such as “www” and “pma,” and so on.

I would definitely enable SSL on your NGINX server. It will complete the secure path from your server to your visitors by using Cloudflare’s Full SSL mode.


#3

Thanks for the reply. That helps.

This means I need my own SSL certificate (lets encrypt) for NGINX, and then have the cloudflare one enabled correct?


#4

Yes. You need both for Full SSL.