Edge certificate and Proxy

Hello I use the edge certificate function with a universal certificate I would like to use this certificate on my services (Proxmox - Pfsense - Rocket.chat - Dolibarr …) How do I do this? my sites become inaccessible when I use the Cloudflare certificate.

I am afraid your question is not overly clear. How exactly would you like to use it? The proxy certificates are publicly trusted certificates and you shouldn’t have any issue connecting to an address with such a certificate.

If you mean you’d like to configure it on your origin, then you won’t be able to do that as the proxy certificate stays on the proxies. Cloudflare offers Origin certificates for that, but you can actually get any publicly trusted certificate for that as well, e.g. Let’s Encrypt.

I use pfsense, i’ve a message : Invalid Certificate. pfsense uses its own certificate

Can you post a screenshot of that error?

I assume you’ll have a broken certificate on your server and would need to fix that. Your site needs to be working properly on HTTPS before you add it to Cloudflare.

You might want to pause Cloudflare altogether for now (Overview screen, bottom right), fix any SSL issues, and only unpause once everything is working.

as soon as i activate strict mode it does not accept cloudflare certificate

Yes, that’s the precise error I referred to. That’s not an error with the Cloudflare certificate.

And yes, you do have a broken certificate on your server and need to fix that. Best to pause for now.

i’ve got a self signed certificate

And that’s exactly the issue.

As I already said.

That won’t work.

We are going in circles. You really need to read what I wrote.

I don’t understand, what should I do on pfsense to fix the problem?

For now pause Cloudflare and make sure your site loads fine on HTTPS.

Pfsense is in https but not with cloudflare :confused:

In that case you will have added that certificate to your browser and hence don’t get a warning.

Bottom line, you can’t use a self-signed certificate.

pfsense apparently does not know the certificate and I imagine that for security reasons it refuses the connection

Once more, you need to install a proper and valid certificate on your server.