I am trying to update/setup about 30 domains so want to make sure I do it correctly, so I don’t have to go and do it again 30 times.
- All domains are hosted and the sites when NS were with the host created Let’s Encrypt certificates.
- Once I move the NS to Cloudflare those certificates will expire as the NS don’t directly point to the host
On my host’s help pages it says the only way to correctly secure the site is to issue a Cloudflare Origin certificate on the hosting site (well without paying for a SSL etc).
- Is this the best/only way to do it, and if I do that would I select Strict-Full on CF.
- Is there another way (my limited knowledge of SSL says not without buying a cert for each domain, as CF will send the visitor to the site and the site won’t have a SSL so will throw an error)
- If I do this for all 30 sites, will the Origin Cert expire and if so can it automatically update or will I need to update them manually each time.
I’m just after the easiest way to make sure the site is secure, and am trying to do it correctly the first time.