While trying to Install an Origin CA certificate at my origin web server which is Apache on Google Cloud Platform.
But the instruction for Apache httpd, which linked to https://www.digicert.com/kb/csr-ssl-installation/apache-openssl.htm#ssl_certificate_install
- Log in to your DigiCert account and download the intermediate (DigiCertCA.crt) and your primary certificate ( your_domain_name.crt ) files.
But the file got from Cloudflare is mydomain.com.pem , can anyone help me to clarify the confusion…
You are talking about different certificates here.
Do you want to configure an Origin certificate or Digicert’s?
If you need the Origin certificate’s root certificate, you will find it at https://support.cloudflare.com/hc/en-us/articles/115000479507-Managing-Cloudflare-Origin-CA-certificates#h_30cc332c-8f6e-42d8-9c59-6c1f06650639
Thanks for the quick response.
I had followed the instruction page as you shown,
Step 1. Created an Origin CA certificate, got 2 files…mydomain.com.pem and mydomain.com.key
Step 2. Install an Origin CA certificate at your origin web server, but here is the confusion…
my origin web server which is Apache on Google Cloud Platform (provided via Bitnami), but if i followed the list of links for Apache httpd, seems is not for me.
Nor should be the Origin certificate’s root certificate, since my previous experience with Let’s Encrypt is storing the server.crt / server.key / server-ca.crt in opt/bitnami/apache2/conf
So, is there any instruction can help me in my use case?
So an Origin certificate it is. In this case you essentially need to follow the instructions at https://support.cloudflare.com/hc/en-us/articles/115000479507-Managing-Cloudflare-Origin-CA-certificates
The configuration for Google does not seem to be covered at that page, however it will be similar to all other server (you need the certificate and the key and possibly the root certificate). For exact steps on how to configure it you best contact Google or consult their documentation.
Will it be any difference if I purchase the Dedicated SSL Certificate ?
Dedicated certificates are not for your server but for the proxies.
One more question, A green check mark with “Your SSL/TLS encryption mode is Full”, but my site https://johocen.com/ is still showing “not secure”.
Where should I look into…
This topic was automatically closed after 30 days. New replies are no longer allowed.