SSL connections


#1

Hi

I have 2 sites of 2 different domains hosted on Namecheap both of them are protected by Cloudflare.

I understand that Cloudflare has provided both sites with SSL certificates.

When I access my sites using HTTPs I am routed to HTTP…

I need that my sites will to be secured because of Google demands. (Site security rating).

How do I do this ?

Do I need to install SSL certificates on my hosted sites?

What SSL do I need to Install on my sites the ones I bought from namecheap or Cloudflare’s ?
or I need to setup page rules ?

Thanks

Itamar


#2

So, first check whether SSL is already generated by Cloudflare. You can check it on the Crypto tab at Cloudflare Dashboard:

ssltab

If it shows “Active Certificate” like the picture above, SSL is already activated. If not, you’ll need to wait for Cloudflare to generate a certificate.

Before continuing, if you’re using WordPress, install the Cloudflare plugin.

After the certificate is on, set it on Flexible Mode for now. It would be best if you change it to Full (Strict) in the future, but’ll you’ll need to install a SSL in your origin server.

Now, check whether your domain is accessible through HTTPS, if it does, go slightly down at the Crypto tab and turn on Always Use HTTPS and Automatic HTTPS Rewrites.

After you confirm that SSL is on and visitor is automatically redirected to HTTPS, you can generate a valid certificate and then install it on your origin server. You need to consult how to install the SSL certificate at your origin server with NameCheap. If a valid SSL certificate is on at your origin server, you can then change your SSL mode to Full (Strict).


#3

Thanks for the quick reply.

I have checked my cloudflare page redirection rules and found out that all traffic was redirected to HTTP.

Do i need to disable this rule?

Itamar


#4

Yes, you’ll need to remove the rule.