I already have SSL certificate

I already have SSL certificate running on my site and don’t want to use the Cloudflare SSL…In that case what is the ideal settings for SSL

Business plan will let you use your own SSL certificate. Otherwise, Cloudflare will provide SSL for your proxy server.
https://support.cloudflare.com/hc/en-us/articles/200170416-End-to-end-HTTPS-with-Cloudflare-Part-3-SSL-options

Dear sdayman

Now I am confused. Does that mean to use the free plan I have to use Cloudflare SSL? When I have installed the Cloudflare…my site was loading fine with won server SSL

Cloudflare is a Reverse Proxy service. Your server has your SSL certificate on it. Visitors have to go through a Cloudflare server to get to your site. The Cloudflare server has an SSL certificate for your site on it.

So, yes, Free and Pro plans have to use a Cloudflare certificate on the Cloudflare server in order to communicate securely with your site.

1 Like

If you have :orange: your hostnames, then users will terminate on the Cloudflare Universal SSL certificate, not the cert you bought. If you want to (and you should) have Cloudflare connect to your origin server over SSL, then go to the Crypo tab on the Dashboard, and set SSL mode to “Full” or “Full (Strict)”.

For Strict to work correctly all your :orange: hostnames need to have a valid SSL certificate. If the cert is not valid, then SSL mode set to “Full” is what you need.

If you are getting into a redirect loop it is likely that SSL mode is “Flexible”, and your origin server is seeing only HTTP requests. Setting to Full or Full (Strict) should resolve those issues.

On Business and Enterprise plans you can upload your own cert, but generally the Cloudflare certs are easier for you to manage.

Reply with a hostname if you are still having issues, and somebody on the Community will have a look.

  1. I want to keep my Adsense account with my site, however, I found some article saying LazyLoad option effects Adsense earnings. In that case please suggest me the proper settings.
  2. I am using the Bluehost SSL certificate running on my site. So, I don’t want to use SSL from Cloudflare, I only want to take the benefit of CDN from Cloudflare. what are the proper settings for SSL? Like
    SSL —- Full or other option?

Always Use HTTPS —-on or off?
Authenticated Origin Pulls—on or off?
Minimum TLS Version
Onion Routing —ON or OFF?
TLS 1.3
Automatic HTTPS Rewrites–ON or OFF?

  1. If I use other CDN as you suggested the MaxCDN, Then do I need the Cloudflare?

This is not possible unless you are on the Business Plan here and upload a custom certificate.

Because Cloudflare proxies the connection to your site, the visitor comes to Cloudflare, not directly to your server. Hence, for your site to be secure, you need 2 certificates. One on Cloudflare and one on your server. You set the SSL mode to Full strict and the connection if encrypted at both stages, visitor → Cloudflare and Cloudflare → Origin

The site visitor sees the Cloudflare certificate though.

On the business an, you can upload a custom certificate so your visitors don’t see the Cloudflare one.

What is the issue with the Cloudflare certificate?

2 Likes

I have no problem of using SSL certificate from Cloudflare. In that case do I need to uninstall SSL which is already running on my server?

No, you need the certificate on your server as we and to set the SSL mode to Full (strict).

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.