I own a paid SSL so what to do with cloudflare free SSL

Hello

I have a paid SSL certificate already running on my site ( purchased ) , So should i turn off the SSL option inside Cloudflare crypto page ?

If you use Cloudflare for more than DNS, you will only be able to use the free SSL or Dedicated SSL purchased through Cloudflare. If you want to use a custom certificate, you will need either the Business or Enterprise plans in order to upload your own certificate to Cloudflare.

https://support.cloudflare.com/hc/en-us/articles/200170466-How-do-I-upload-a-custom-SSL-certificate-Business-or-Enterprise-only-

While Cloudflare’s Universal SSL certificate secures connections between Cloudflare and your users, you still need a certificate on your origin server to secure connections between it and Cloudflare. For that purpose, you can use a certificate from a publicly trusted CA, like your existing paid certificate, or the free Cloudflare Origin CA.

You might as well keep using the paid certificate for that purpose (at least until it expires) even though users won’t see it.

https://support.cloudflare.com/hc/en-us/articles/200170416-What-do-the-SSL-options-mean-

1 Like

Thank you for the reply

But am bit confused , my site is www.stoneboutique.com.br and i already purchased a SSL certificate from comodo , but after i connected cloud flare i think my site went offline , should i put the SSL on cloud flare on flexibale or should i turn it off ? on gtmatrix now am getting this error :

Analysis Error

An error occurred fetching the page: HTTPS error: SSL connect attempt failed error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

There may be a connectivity issue between your server and the GTmetrix test server. Please login to try testing from another test location or try again later.

I have the identical problem, except i have a Lets Encrypt cert

If your site is working correctly in HTTPS without Cloudflare, then set SSL to “Full(Strict)”.

it made no differenc setting it to full strict mode. unless I need to wait. to be clear, my site works fine in Cloudflare. the error only appears when trying to do a speed test with gtmetrix or similar.

What’s the domain?

i had a 100% working lets encrypt cert on my site knarfel.com and then configured for Cloudflare and it works fine visited from any browser or device. the above error only occurs when testing in gtmetrix, ipingdom, etc

since changing to full strict, the error message has changed to An error occurred fetching the page: write failed: Bad file descriptor

the only Cloudflare config implemented was the Cloudflare dns server setup. Have I missed any steps?

That domain isn’t working for me in Firefox or Chrome. Does TLS look like it’s set up in the Crypto page? There’s usually a Universal SSL Active type message in the SSL settings box.

TLS is set to 1.0

it now says authorizing certificate, but i think it said active before following your instructions to set it to full strict from full.

do you have any idea what’s happening?

Can i use Cloudflare with an already lets encrypted web site???

its weird that my domain is not working for you, i see it fine?!

Flexible/Full/Strict don’t change SSL Status. All three use the same Universal SSL certificate.

For now, use the DNS page to change your website entries to :grey: while the certificate activates.

You probably have something at your end that’s either cached DNS, or otherwise going straight to the origin server and seeing the Let’s Encrypt certificate. See if you can inspect the certificate in your browser to see if it’s using Let’s Encrypt, or one of the Cloudflare/Comodo ones.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.