Before starting with Cloudflare, I had several two-level subdomains (https://sub11.sub1.foo.com, https://sub12.sub1.foo.com, etc.) working with Let’s Encrypt SSL certificates in the origin server. Everything worked ok.
I decided to use Cloudflare (Pro plan), but I left the Let’s Encrypt certificates working in the origin server. After some problems, Clodflare support team advised me to acquire the monthly custom dedicated certificate, and the website is now working ok with:
- The Let’s Encrypt certificates working on the origin server
- the “Full” encryption mode
- In the “Edge Certificates” tab, I have
- Active “Dedicated certificates” (green dot), for *.sub1.foo.com, *.sub2.foo.com, *.foo.com
- Active “Universal certificates” (green dot), for *.foo.com, foo.com
If I check the SSL certificates, they are working ok:
Common name : foo.com Alternative names (SANs) : foo.com, *.sub1.foo.com, *.foo.com, *.sub2.foo.com Organization: CloudFlare, Inc. Valid From Sep 21,2019 to Sep 21,2020 Signature Algorithm : ecdsa-with-SHA256 Issuer : CloudFlare Inc ECC CA-2
I have some questions:
- is it necessary to have the Let’s Encrypt SSL certificates running in the origin server? Wouldn’t it enough with SSL certificates just in Cloudflare? Can this issue (two certificates in Cloudflare and in the origin server) harm the speed of my website?
- is it necessary to activate both “Dedicated certificates” and “Universal certificates”?
Thank you very much in advance.