Flexible SSL

sebastiankolind · 2018-04-24 09:31:40 UTC

Hello there

I’ve just started using Cloudflare for a clients website: Nunoo.dk, and was looking for a way to use Cloudflare’s SSL feature. I can’t install SSL certificate on the server, and therefore picked the flexible option.

Maybe I don’t understand the feature, but I was hoping that as soon as the website was accepted and running with Cloudflare DNS it was secure and running https:// but that might not be the case?

The solution running on the domain is a nodejs + Nuxt solution, and I’ve created everything non-SSL, and tried to add SSL but everything crashes then. One of the authors of Nuxt.js wrote on a similair issue that I should try and use Cloudflare, since this could “auto” the process. Sounds a bit to much like magic to me, but maybe this is how it’s working?

Please let me now, if I’m doing something wrong, or if I should do something else?

matteo · 2018-04-24 09:48:02 UTC

Hello Sebastian,

I believe you are missing only the HTTPS redirect (there is a switch in the Crypto tab). Remember that the Flexible SSL is not actually totally secure, you should add SSL on the server as well (CF provides free Origin certificates).

Pure Node or Node+Express?

sebastiankolind · 2018-04-24 09:52:17 UTC

Hey matteo

Thank you for your fast reply.

OK - actually I was afraid to turn that on, if it would make redirect loops or something like that. But I can do that?

It’s Node+Express, and that seems to deal a lot of issues to me. Also I’m using Cockpit as a headless cms and that is on a non-ssl server, which also made a lot of cross-origin issues. Can CF handle this too?

matteo · 2018-04-24 10:02:19 UTC

Well it should redirect all HTTP requests to HTTPS, but since you are running Flexible SSL it wouldn’t create problems to your origin since those requests are still HTTP.

Never used Cockpit, but if that is on a subdomain (proxied, so orange cloud) it would cover it as well.

Tried following a guide, for example this?

sebastiankolind · 2018-04-24 19:00:38 UTC

It’s working now, thank you so much!

I needed a seperate SSL certificate on the Cockpit URL since that’s on another origin.

I’ll take a look at the link you sent with SSL certificate on Node.js with Express.

system · 2018-05-08 09:31:41 UTC

This topic was automatically closed after 14 days. New replies are no longer allowed.