We are very confused on exactly how to setup our EV SSL certificate on 2 node app server with CF load balancer. We are also forwarding the DNS to cloudflare.
We have a pro plan recently purchase & also load balancer plan.
How exactly we need to proceed ?
Shall we install the certificate on both the APP server and the load balancer will directly use it ?
Shall we have to configure something from the CF side ? If yes than what ?
To use an external certificate on Cloudflare would require a Business Plan or above to be able to load the certificate onto Cloudflare’s edge. For a load balancer which bypasses Cloudflare yu would install the cert directly ont he origin. If the record is proxied () then it will by default use the free SSL cert Cloudflare issued. TO bring your own cert would require a plan upgrade and then you can import it on the SSL/TLS tab.
Worth noting work is being done towards a solution for having to upload a certificate, and will likely be open to all plans if more browsers implement it and more CAs allow the extension:
This being universally supported by browsers is likely a few years away, though.
So if i buy the EDGE certificate (DEDICATED with custom hostname) will that provide CUSTOM SSL to me ? (I know EV SSL is not possible but atleast general SSL with PRO plan?)
To simply have TLS/SSL you don’t need to pay anything. This provided you don’t want EV (why would you, unless required by regulations, which is unfortunately still a thing?) or a subdomain which isn’t the root or covered by the root wildcard (*.example.com).