Expose origin certificate to browser when proxy through cloudflare


Is this flow workable with Cloudflare;

  • Proxy through Cloudflare (so that i can use Cloudflare WAF)
  • Disable Cloudflare SSL but expose my origin SSL to the client

Actually i am having problem connecting a device (a cloud Printer) to my server, i am hard time figuring out the problem that my printer cannot reach the server when Cloudflare proxy is turned ON but can reach to my server when Cloudflare proxy is turned OFF (DNS only mode)

Cloudflare’s proxied features work by the fact they can decrypt the request (otherwise, WAF can’t really do anything), and that they can interject and respond without requiring the origin at all (Waf block pages, etc).
If you wanted Cloudflare to use your origin’s SSL, you would need to either upload the certificate/private key to them (Business or higher), or if you’re talking about making them unable mitm the connection/encrypted end to end, Cloudflare wouldn’t be able decrypt it to send it through the WAF, or respond with their own responses (and this isn’t a feature they offer).

Why do you think the certificate is the issue? Any more information would be helpful.

There was an issue recently with Cloudflare issuing certificates not trusted by old devices:

If you think you were affected, You could disable Universal SSL for a few minutes (you’d lose HTTPS for that duration), re-enable, and then get issued a fixed certificate.

It could be the WAF itself blocking it as well, you might want to check Security → Events for that hostname and see if it is blocking it.

It could also be ports, if you’re not using the normal 80 http/443 https ports, Cloudflare only supports a limited set of alternatives:


I still couldn’t figure out the problem, and for now i have used DNS only feature and exposed SSL from my origin server.

When i get some free time i will debug more and will share more info if i get any.

Thanks for the help

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.