Serve cached static files over HTTPS using my own Lets Encrypt SSL cert

I have a web server in a VPS and I want to proxy the traffic to it using Cloudflare (Free Plan), mainly to cache static files. At the moment I use free Lets Encrypt SSL certs managed by Caddy web server. I have read about Cloudflares SSL certs and I want to know if my following assumptions are right:

-If I dont use a Cloudflare SSL cert, the dynamically generated HTML will be served over HTTPS, but the CDN cached static files will be served over HTTP and NOT over HTTPS (that is not a good idea). That is known as mixed content.
-I can NOT reuse my Lets Encrypt cert to serve the static files from Cloudflare using the Free Plan.
-So, the only option if I want to server ALL my resources over HTTPS and cache the static files in Cloudflare CDN, is to get a Cloudflare SSL cert (shared or dedicated). I dont want to use a shared cert, I want a dedicated one as I am doing with my Caddy server, since it improves SEO, but it is a paid service.

There is a way to server all my content over HTTPS, cache static files and have my own SSL cert for free?

Cloudflare’s certs aren’t shared and have no negative impact on SEO.

2 Likes

That is what this link says:

Custom Certificates

Cloudflare automatically provisions SSL certificates that are shared by multiple customer domains. Business and Enterprise customers have the option to upload a custom, dedicated SSL certificate that will be presented to end users.

That’s outdated. I haven’t had a chance to nag @kody in a while. Maybe they can ask around if that document needs to be updated. Poke around all the Cloudflare sites you know. You’ll be hard pressed to find any that still have that shared certificate.

1 Like

This link is the most uptodate documentation about SSL certs but it says nothing about prices or shared/dedicated certs. Do you have any link where I could read more about what you say. Thanks
https://developers.cloudflare.com/ssl/edge-certificates/universal-ssl

Howdy @victorlanalander, I can confirm that our free, Universal SSL certs are not shared across customers. That used to be the case, but that was a few years ago at least.

If you wanted more customization options, there are also advanced certificates, but I believe there’s a monthly charge for those. Your best bet for updated pricing is directly w/in the dashboard.

As far as your feedback about the docs:

  • I’ve updated all of our KB articles to make sure they’re up to date on that specific point.
  • I’ll be updating that universal cert page in our dev docs as well.
  • I also put in a ticket to another team to update https://www.cloudflare.com/ssl/.

And I’d be insulted if you didn’t bug me every so often, @sdayman.

3 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.