I am changing my hosting from one provider to another provider. SSL certification is issued from cloudflare. My question is when I will change the A record to point domain to new hosting server do I also need to re-issue SSL certificate from cloudflare or the old SSL will work as it is and my website will smoothly work on https:// without reissuance of SSL?
urgent response needed. Thanks
If you are talking about Edge Certificate then you don’t have to re-issue it if you change the value of A record.
Anyway, what SSL encryption mode you are using?
Ok. Yes I have Edge Certificate. So I just change the A record to point my domain to new hosting and SSL will remain work as it is.
it is Flexible
I see, but not a good practice. Flexible still does not ensure full encryption for your traffic because communication between Cloudflare and your server is in HTTP only.
Consider installing Cloudflare Origin Certificate in your server and set SSL mode to Full (strict). It’s free.
Ok. Thanks for your suggestion. I will do that. But first I want to switch my hosting to new provider. and than I will change the SSL to origin server. By the way what is origin server means here? Do I also need something to do on my hosting end?
If you want full encryption (not using Flexible mode), yes you need to install another SSL certificate on your hosting side. Just generate one from Cloudflare (the screenshot that I showed you earlier) and install it on your hosting side.
Thank you so much. I appreciate your help.
so what my action items:
change A record of new hosting. website will still be working without problem. no need to reissue SSL.
generate origin server certificate. and install it at hosting.
And also number 3:
- after installation of origin cert, switch to Full (strict) SSL mode.
Currently I have changed the A record and edit the IP. Result it stopped my website. Do I need to do cache purge?
What error you get? You may try purge the cache.
This page isn’t working
**website.com" redirected you too many times.
Custom Purge or Purge everything?
Is your SSL mode still in Flexible mode? I think redirect loop is not related to cache issue, but you still can try Purge everything.
Yes I did not change the mode yet. I wanted to run my site first with new A record. and than to change SSL origin thing
Can you let us know your website domain? If not we can’t assist you further.
It could be something misconfigured on your server, or your server already supports HTTPS and keep redirecting HTTP traffic to HTTPS traffic.
oh ok Thats amazing you explained it very well. So should I stop SSL at hosting or stop SSL at cloudflare to avoid this loop?
Assume that your hosting side already has SSL certificate, try switch to Full (strict) SSL mode. If you get Error 525 or 526, then switch to Full SSL mode.
For both options Full strict and Full giving this error 525
It seems like your hosting side already has SSL certificate (but invalid SSL certificate).
I guess you can directly proceed to this and solve the issue.