SSL Certificate for origin server signed by Cloudflare is not valid for end user

I have generated a free SSL Certificate for my origin mail server from Cloudflare, and I have to SSL mode to full strict.
If I access the mail and send a mail using SSL SMTP port, will I still be warned because the SSL only valid for Cloudflare and origin server ?

Since mail traffic cannot be proxied through Cloudflare by default, you will expose your origin web server’s IP addres …

Cloudflare’s default configuration only allows proxying of HTTP traffic and will break mail traffic.

Unfortunately, Cloudflare Origin CA certificate doesn’t work for e-mail, neither Cloudflare does proxy e-mail traffic.

You would need to either buy an valid one for your mail hostname, or generate one using for example Let’s Encrypt.

Furthermore, to make your e-mail service work propperly, kindly click on the :orange: button in a row at DNS tab where is A mail to make it :grey: (DNS only). Your A mail hostname (DNS record) should be unproxied :grey: cloud.

https://support.cloudflare.com/hc/en-us/articles/200168876-Email-undeliverable-when-using-Cloudflare

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.