Do I need to REMOVE my OLD SSL certificate?

Hello

I just added CLOUDFLARE to my website.
I did change the DNS to point to CLOUDFLARE DNS

Do I need to REMOVE my OLD SSL certificate that I have on my server
(it is an EV CERTIFICATE from SECTIGO)
I mean will it be a problem with UNIVERSAL SSL from CLOUDFLARE with my SSL on my server ?

Please let me know

Welcome to the Cloudflare Community. :logodrop:

It will be a problem only if you remove it. You need to keep a valid certificate on your origin site to protect the traffic between that server and Cloudflare. Universal SSL only protects the traffic between Cloudflare and your visitors.

Be sure to replace your origin certificate before it expires. It does not need to be an EV certificate, but it does need to be issued by either a publicly trusted certificate authority or the Cloudflare Origin CA.

Hello
Thanks a lot for your rapid answer.
The problem is when I go to my website I still see SECTIGO SSL, the one on my server.
Shouldn’t I see the CLOUDFLARE SSL ?

Also I don’t see my images beeing delivered by cloudflare.
When I run F12 console network, all my images are delivered by SERVER : APACHE, it should say CLOUDFLARE, why is that ? Is it linked to my SSL problem ?

It could be, but let’s focus on one issue at a time.

No. The certificate will not have any reference to Cloudflare on it if that is what you are asking.

If your hostname is set to :grey: DNS Only, you will see the certificate that your origin uses.

If you can share your domain name, we can review it instead of guessing at what may be wrong.

Hello
Thanks for your help and time.
My website is www.livedeco.com
I still see the SSL SECTIGO from my server, not a Let’s Encrypt or Google SSL from CLOUDFLARE.
No my servers IPs are all PROXIED (not DNS ONLY)
My Edge Certificates are all active (UNIVERSALL and ADVANCED)
I did take the Advanced - Total TLS for 10 usd per month

But in console I cannot see index.html page coming from SERVER : CLOUDFLARE
Is there a way to check URL to see if CLOUDFLARE works on it ?

You may have hardcoded you origin IP somewhere on your workstation or your local network DNS. I see Cloudflare IPs returned when I query your hostname and I am presented a Google Trust Services certificate when I visit.

Hello
Yes I get a Google Trust Services certificate now.
I guess it is now activated and cloudflare connect to my SECTIGO SSL server.
I did not have hardcoded my origin IP server.
How can I know my website is all cached ? for images and all static pages / files ?
Can you check if my files are well cached I cannot see it on Console.
Please let me know how to check it

Best regards

The answers to your cache questions are rather involved and will be better revisited in a new topic after you have some time to read about how the Cloudflare cache works.

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.