I am managing some DNS records on CloudFlare and I have some deployments on DigitalOcean.
The first issue I have is the SSL certificates for my deployments. I generated a CA Certificate with CloudFlare dashboard, I imported it on DigitalOcean (Bring my certificate) and then I reference its ID in my deployments. The browser gets the https but with a warning and when curling I get the following message:
curl -X GET “https://api.mydomain.com”
curl: (60) SSL certificate problem: unable to get local issuer certificate
So how can I import a proper SSL certificate to DigitalOcean?
The second issue I’m getting is with a firewall here on CloudFlare. I setup some rules and they work perfectly when hitting the hostname “kibana.mydomain.com”, but not the IP behind the hostname. Though I couldn’t see in the Firewall rules how to add such IP, nor in the Firewall documentation. Am I missing something? How do I ensure that such resource (hostname or its IP) are allowed/block by some rules?