I don’t know how to create CA Bundle/Intermediate certificate

Hi,
Please contact us to set up the certificate chain.

I hope the Root-Intermediate-Leaf certificate will form a certificate chain.

  1. I downloaded the’Step 4-Add Cloudflare Origin CA root certificates’ certificate below to install the root certificate and installed the certificate on the server.
    Managing Cloudflare Origin CA certificates – Cloudflare Help Center

image
image

  1. Intermediate certificate issuance and installation
    image

I created a PEM file and a key file and added a certificate to the IIS server.

    1. Generate a client certificate

I created a CSR in IIS to generate a client certificate.
And I installed the certificate using the PEM that I uploaded to CloudFlare and received it.
image

However, the certificate does not have a chain and an error is occurring.

I don’t know what setting to do.

Please help.
Due to this, there was a 2-3 week delay in work.
I am lacking in information.
If anyone knows, please answer me.

1 Like

I want to solve this problem.
I need help. please

I see you are using Cloudflare Origin CA Certificate.

That’s exactly the available one.

There is alternative way to use ACM to generate a free issued SSL certificate for your domain and it should work with SSL Full (Strict) mode, just in case.

It should be used only between Cloudflare and your origin host/server, and not for public access. Anyone trying to access your server directly will get an warning.

  • the DNS records should be :orange: cloud at the Cloudflare dashboard

Use Origin CA certificates to encrypt traffic between Cloudflare and your origin web server.

Origin CA certificates only encrypt traffic between Cloudflare and your origin web server and are not trusted by client browsers when directly accessing your origin website outside of Cloudflare. For subdomains that utilize Origin CA certificates, pausing or disabling Cloudflare causes untrusted certificate errors for site visitors.

Furthermore, regarding CA Bundle, I think it is not possible.

Maybe you are missing Cloudflare CA Root certificate?

If so, on the link below (at the bottom of the page) you can find Cloudflare Origin CA root certificate if this is the one needed?:

Or, Cloudflare CA root certificate?
A helpful way how to install it:

Hi,

Thanks for the reply.
The first certificate I showed you was cloudflare_origin.
I think of this as a root certificate.

In my opinion, the domain chain should go like this:

CloudFlare Orgin SSL Certificate Authority (Root)
→ CloudFlare Origin Certificate (Intermediate)
→ My Domain (Leaf)

However, the certificate chain between Intermediate-Leaf is not correct.

(Root - Intermediate)


(Intermediate-Leaf)


The content of the error is
This certificate could not be verified due to insufficient information.
The issuer of this certificate could not be found.

Hi there,

did you manage to get the cert working?

1 Like