I tried to enable authenticated origin pulls on one of the domains I manage, by following the steps in this article: https://support.cloudflare.com/hc/en-us/articles/204899617
This domain already uses Full (strict) encryption mode and is working fine.
I downloaded the origin pull CA certificate and configured Apache2 to require client verification and made sure that Authenticated Origin Pulls is set to ‘On’ on the ‘Origin server’ tab under SSL settings in Cloudflare for that domain.
However, as soon as I reload the Apache2 configuration changes, all I see is a 403 error page when trying to access that domain. Are there any additional steps that need to be taken or does it take a few hours for Authenticated Origin Pulls to become active?