For domain names registered with Cloudflare, do I still need to use the Free SSL certificate I normally use that is provided by my webhost?
I’m just asking for clarification because I am considering moving a minor sandbox site to a budget host, and the package I’m looking at does not seem to include a free Let’s Encrypt SSL.
Then I remembered seeing comments that CF provide free SSL certificates, but I’m here just to clarify and make sure I don’t misunderstand.
Additionally, I’ve been using Cloudflare DNS for years, and I remember that a while ago CF helped solve an issue I had on a site with some content not being delivered over SSL.
So when I solved that issue, was that me unknowingly already using the Free Cloudflare SSL certificate?
So if I understand correctly, if my webhost does not provide me with a SSL Certificate (Let’s Encrypt for example), then it’s impossible to use Cloudflare instead to secure the site over SSL for free.
Many thanks for clarifying that for me @sandro , enjoy the rest of your weekend!
That is correct. Cloudflare cannot and does not secure a site which is not secure per se. Your server needs to have a valid certificate first, hence why it needs to load fine on HTTPS without Cloudflare. That can be any certificate accepted by browsers or also mentioned Origin certificates.