My SSL cert still not active and website still down

Hi guys

I got a new free SSL certificate from Cloudflare today for my website, which is hosted with Crazy Domains (Domain and website).

I ensured that all the A record and MX records were added to Cloudflare.
How long does it usually take for my DNS to propogate? It has already been 4 hrs. The nameservers for my domain point to Cloudflare’s nameservers.

Thanks for your help,

If your server does not have SSL, you need to fix that first as Cloudflare alone won’t secure your site.

I would recommend to pause Cloudflare (Overview screen, bottom right), make sure the site loads fine on HTTPS, and only then unpause Cloudflare.

All good- didn’t need to do that. The site is loading fine now :slight_smile:

Can I get a yearly free SSL cert from Cloudflare? I don’t want to have to renew this SSL every 90 days!

You can get an Origin certificate, which you can configure up to 15 years.

Just make sure your encryption mode on Cloudflare is Full Strict.

How much does the Origin cert cost?

Origin certificates are free.

Can you tell me what I need to get a free Origin cert? Do I also need to have an origin server?
This is the info I can see within SSL/TLS>Origin Server:

Origin Certificates

Generate a free TLS certificate signed by Cloudflare to install on your origin server.

Origin Certificates are only valid for encryption between Cloudflare and your origin server.

Sure, you get the certificate issued there and then configure it on your webserver, just like other certificates.

Thx so much! So I create a origin Cert there, then get it installed on Crazy Domains (my webserver)?
Do I need to change any DNS records, nameserver again? Where are the instructions to create this SSL.
Whilst I create the Origin Cert, I dont want my website to go down. Can you guide me?

No DNS changes necessary, you simply get the certificate, configure it on your server, make sure your encryption mode on Cloudflare is Full Strict, and you are set :slight_smile:

Thanks.So next time, I should just set up an Origin cert without setting up an Edge cert?
What is the Key format to select?

Also in step 2. Install Origin CA on origin - do you have instructions for Crazy Domain?
Basically, do you have instructions on what config I should select for Crazy domains?

Also, I cannot log into my email connected to my domain. How long before I can do this?

You still need an edge certificate, as that is the proxy certificate. However, that is managed by Cloudflare anyhow.

You do need a certificate on your server as well, and that’s the Origin certificate.

I basically need to know:

  1. When can I log back into email
  2. Do you have Crazy Domains instructions I can give them so that they can install it on the web server (my website is hosted with them).
  1. Whenever your site is working again.
  2. Your host is the right contact for that question. They should actually provide the certificate in the first place.

I still recommend what I wrote in the first response.

What does pausing Cloudflare do? When I unpause, will it take another 4 hrs for my site to propogate?

  • You mean my host should provide the SSL cert? They are $80/yr!

That is true, pausing involves DNS propagation.

If your host charges too much for the certificate, maybe it is a good idea to change host. But you always the the Origin option which is free.

Thanks. I wont pause for now. I need my site running.I will wait a few hrs then for my email MX record to propogate then? How long does it usually take?
So if I give the cert files from Cloudflare to Crazy, they should know how to install them?