Setting up Full SSL (Origin CA) against just one sub domain


This is our current setup within our Cloudflare account. We have a main domain called and then a load of sub domains of it. The main domain has a “Pro website” plan.

Currently the main domain does not use SSL and is accessed over http. The sub domains all use flexible SSL. These sub domains point to various websites.

We have built a new website and we would like this to be accessed using a sub domain like Ideally, we would like to use Full SSL (Origin CA) for (just) this new sub domain.

From doing a lot of reading on the Cloudflare website I can see I could use page rules on this sub domain to set it up to use Full SSL (Origin CA).

Before I jump ahead and test this out, I thought it best to quickly ask the question to make sure it would work in case I start breaking the existing websites.


  • When logged into our account, on the Crypto page I can create a new Origin Certificate. Can this certificate be created and have NO affect on the main domain (still accessed by http) and existing sub domains? I don’t want to break anything.
  • Then using page rules on my new sub domain have SSL configured using the new Origin Certificate?
  • Can Origin CA prevent man in the middle attacks?



Basically yes to all three :slight_smile:.

This topic was automatically closed after 30 days. New replies are no longer allowed.