I created Origin Certificate and Private key in SSL → Origin Server. My server uses Apache + Nginx, and I need CA Bundle in addition to the Origin Certificate and Private key I got. Where can I get Cloudflare Root Certificate to create CA bundle?
I downloaded the root certificate and the origin certificate. I believe that domain.crtca consists of root certificate and intermidiate certificate(s). I created domain.crtca like this: Cloudflare origin certificate above and Cloudflare root certificate below. Still Cloudflare states that this SSL cerificate is not valid (526). Where can I check the cerificate itself? Am I dowing wrong?
The Origin Cert is only trusted by Cloudflare. If you are only accessing the origin through Cloudflare, or directly by IP address on local network, this may solve your problem. However, if you’re using an internal DNS resolver, an Origin Cert will throw an insecure certificate warning.
In this case, you may want to consider using something like Certbot to get a Let’s Encrypt certificate. It will still work with Cloudflare, and it will provide secure connections for LAN access.
Please let me know if you have any questions or require further assistance!
root + intermediate + ssl = ca bundle for my Nginx server.
I created 15 years origin ssl certificate (and private key) in the Origin Server section of my free CF account.
Also I got the root (Origin RSA PEM) CF certificate here.
I read that I need the CF intermediate certificate to create the CA Bundle for my server to connect with the Cloudflare server. Somebody told me that there is an intermediate CF certificate here - I found the 48K lines int-bundle.crt file there. I have doubts that this is the proper intermediate CF certificate.
Please, advise. Is there a chance that you will make this process easier in the future, guys?!
You do not need to write it again and again that Cloudflare’s certificate works only for Cloudflare ↔ my server connection.
Just tested - the Cloudflare ssl + key works fine. No need for root or intemediate. Seams that I was misled by the lack of information.
Regarding Let’sEncrypt - it is only for 3 months and I receive it manually - tired from that. (Yes, I know about some scripts).
How do I check the validity period ot this Cloudflare Origin Server certificate in browser of via ssh client? I set 15 years when I was getting it on Cloudflare. Just want to check if the happiness is finally here.