I originally purchased a domain from cloudflare and connected it to my fourthwall POD store. After getting all of the Dns setup and the R2 storage I decided to look at the ssl security. I’m fairly new at this stuff so I think I made a big mistake. I created a origin certificate but don’t know where to install it. I don’t have access to fourthwall’s servers so not sure what to do. I thought about revoking it but it gave me a warning about blocking traffic from the origin server until I replace the certificate, which would give me the same issue. Is there a way to remove it or maybe bypass it in settings? Any help would be greatly appreciated.
But for the standard Fourthwall website/store, you don’t need Cloudflare’s Origin Certificate at all. In fact, Fourtwall requires that you disable Cloudflare’s proxy (ie set Proxy Status to DNS Only ) and with this, you cannot use Cloudflare’s Origin Certificate anyway.
As a hosted platform, Fourthwall has its own caching, security and DDoS protection, and will provision an SSL certificate for your site automatically (once your domain is properly connected).
First of all, thank you for your reply. Second, originally I was wanting to add some custom HTML code to my site to personalize it beyond what the template would allow me to do. In order to do that I needed to embed some images from an external source since fourthwall doesn’t give you access to a image library for custom website images. I thought it would be more secure and faster to go through cloudflare’s R2 storage than using a 3rd party to host the images. However, I now realize that when I added the R2 bucket and connected it to my domain it created a dns record set to proxy and you can’t change it to dns only sigh. So I guess that’s why it allowed me to add the origin certificate smh. I’ve deleted the R2 bucket, hence removing the R2 dns record, but that still leaves the origin certificate showing in the origin certificate tab. So I don’t know if that’ll hinder my site or if there’s anything I can do to remove it or bypass it. Any suggestions would be helpful and appreciated. Thanks.
You can safely delete any Origin CA certificate that you did not use. The warning you cited is written with the assumption that you are actively using the certificate.
) and with this, you cannot use Cloudflare’s Origin Certificate anyway.