Ssl dedicated certificate for my server

Hi , just ordered dedicated certificate on cloudflare … I need to install it on my server to get encrypted email . Where do I download the certificate or will it be sent to me ? Or am I doing this wrong ? I see active certificate is still Universal .

The dedicated certificate never leaves Cloudflare’s infrastructure. If you want a certificate to install on your server you simply have an Origin certificate issued. Thats a few click in the Crypto section.

Ok thanks … In that case how do I cancel the certificate I just ordered ? Will there be some sort of conflict between the two ?

There should be a button in the UI to cancel that certificate for future renewals.

I installed the Origin certificate on my server using plesk .
I get the following error in browser , should I contact my hoster or did I do something wrong ? It is a windows server :

This site can’t provide a secure connection

mysite.com uses an unsupported protocol.

ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Unsupported protocol

The client and server don’t support a common SSL protocol version or cipher suite.

Whats the domain?

cdc.com

You didnt disable the universal certificate, did you?

Sure I did .

Well, you will need to re-enable it.

Ok now I am not getting it .

Why does Universal need to be enabled ?

Because you need a certificate on Cloudflare and I assume you cancelled/disabled the dedicated certificate, right?

So the origin certificate will be only used for my email and the universal for everything else is that correct ? Sorry but I am technically challenged on this stuff .

No, mail is not handled at all by Cloudflare. The Origin certificate will be used to encrypt the connection between Cloudflare and your server. When you proxy through Cloudflare you have two connections for each request. #1 from the user to Cloudflare, which uses the dedicated or universal certificate. And #2 from Cloudflare to your server, which uses whatever certificate you configured on your server (an Origin certificate in your case).

Can you post a full page screenshot of your Crypto screen?

1 Like

Ok I don’t know how to get the full page screenshot yet .
But just a sec . My site was working just fine with Universal certificate . Why do I need an origin certificate then ? My only problem is I don’t have encrypted email … so i guess I have to get a certificate elsewhere ?

You need an Origin certificate for the second connection.

Email is a completely different topic and not handled by Cloudflare at all.

Ok i am getting it now .
But can I use the origin certificate to encrypt my email or do I need to get another certificate for that ?

No, the origin certificate is intended to be used with connections from Cloudflare.

Again, email is a different subject and completely unrelated to Cloudflare.

Ok got it now . I have the origin cert installed on my server and my site is up so I guess everything is good on that front . Thanks for your patience and clearing all that up for me .

1 Like