Let's encrypt under cloudflare SSL


#1

Hi, on my web site https://capitaltrade.net I have installed Let’s encrypt SSL certificate, but when I assigned cloudflare, now I have cloudflare SSL. Is it safe to remove Let’s encrypt SSL certificate? Or better to leave as is?


#2

The “Cloudflare SSL” is the certificate on Cloudflare’s servers. You still need one on your server. So yes, you need to leave it the way it is right now and make sure your SSL mode is “Full strict”.


#3

What if I will turn off cloudflare for my website. Would it be a problem if i have HSTS turned on?


#4

HSTS is not related to Cloudflare but to HTTPS. Enabling HSTS and then attempting to switch to regular HTTP could be a problem because everyone having visited your site will have their browsers set to HTTPS-only (because of HSTS) which will naturally fail if you disable HTTPS.


#5

I have Let’s Go SSL certificate on my server, so if I’ll turn off cloudflare I’ll still have Let’s Go SSL certificate. Would it be still a problem?


#6

Regarding HSTS? No, as you’d still be reachable via HTTPS.


#7

What should I be aware of when turning off cloudflare?


#8

In which way would you turn it off?


#9
  1. Going to the Overview tab in the Cloudflare dashboard.
  2. At the bottom right of this page there is a link under Advanced Actions .
  3. Click Pause Cloudflare on Site

#10

So you’d basically turn off proxying. Not much in this case, just make sure your server is still reachable under HTTPS (but you already did so) and you should be fine.


#11

Thank you!!!


closed #12

This topic was automatically closed after 31 days. New replies are no longer allowed.