Install an Origin CA certificate...Apache httpd

While trying to Install an Origin CA certificate at my origin web server which is Apache on Google Cloud Platform.

But the instruction for Apache httpd, which linked to https://www.digicert.com/kb/csr-ssl-installation/apache-openssl.htm#ssl_certificate_install

require

  1. Log in to your DigiCert account and download the intermediate (DigiCertCA.crt) and your primary certificate ( your_domain_name.crt ) files.

But the file got from Cloudflare is mydomain.com.pem , can anyone help me to clarify the confusion…

Thanks

You are talking about different certificates here.

Do you want to configure an Origin certificate or Digicert’s?

If you need the Origin certificate’s root certificate, you will find it at https://support.cloudflare.com/hc/en-us/articles/115000479507-Managing-Cloudflare-Origin-CA-certificates#h_30cc332c-8f6e-42d8-9c59-6c1f06650639

Hi @sandro
Thanks for the quick response.

I had followed the instruction page as you shown,
Step 1. Created an Origin CA certificate, got 2 files…mydomain.com.pem and mydomain.com.key
Step 2. Install an Origin CA certificate at your origin web server, but here is the confusion…

my origin web server which is Apache on Google Cloud Platform (provided via Bitnami), but if i followed the list of links for Apache httpd, seems is not for me.

Nor should be the Origin certificate’s root certificate, since my previous experience with Let’s Encrypt is storing the server.crt / server.key / server-ca.crt in opt/bitnami/apache2/conf

So, is there any instruction can help me in my use case?

Thanks

So an Origin certificate it is. In this case you essentially need to follow the instructions at https://support.cloudflare.com/hc/en-us/articles/115000479507-Managing-Cloudflare-Origin-CA-certificates

The configuration for Google does not seem to be covered at that page, however it will be similar to all other server (you need the certificate and the key and possibly the root certificate). For exact steps on how to configure it you best contact Google or consult their documentation.

Hi @sandro

Will it be any difference if I purchase the Dedicated SSL Certificate ?

Thanks

Dedicated certificates are not for your server but for the proxies.

Hi @sandro

One more question, A green check mark with “Your SSL/TLS encryption mode is Full”, but my site https://johocen.com/ is still showing “not secure”.

Where should I look into…
Thanks