Using my own SSL Certificate

ssl

#1

Hello, I already have my own SSL certificate installed on my site’s server, and I just want to use Cloudflare as a CDN and not my SSL provider, but when I set SSL to off, redirect loop, full or full(strict), it uses it’s own SSL it assigned to me. How do I just use the SSL cert I want, and not the one Cloudflare assigned to me?


#2

There are a few things to consider here. If you want Cloudflare to proxy your traffic and cache any of your content you will need to have Cloudflare set to :orange: , which means you’ll also have to be using our SSL. However, you would be able to upload and use your own :cert: with our SSL if you were on the BIZ plan.

You can always use your existing SSL :cert: to secure traffic between your origin servers and Cloudflare, and let Cloudflare manage the SSL between the edge and your site visitors.

Are there particular concerns you have about using Cloudflare for your SSL?


#3

Well, on some of my devices Cloudflare’s SSL is distrusted sometimes, so I
got a Let’s Encrypt certificate.


#4

If you think that the Cloudflare :cert: is getting flagged incorrectly I would recommend reporting it to support. There are also options to purchase a personal, dedicated :cert: via Cloudflare if you are interested.


#5

No, I do not want to pay for anything.


#6

Understood, but if you want to use Cloudflare as a CDN you will need to use Cloudflare’s SSL. I think your best bet is to use your existing cert to secure your origin and let supportATcloudlfareDOTcom know if you see any warnings that there are trust problems.


#7

Hi Ryan,
I’m in a similar situation meaning that I have a verified SSL installed on my MediaTemple server (the certificate is working). I’ve set SSL to Full Strict on Cloudflare but the SSL certificate is not working. I’ve been reading that if my account was added before Dec 6, 2016 I need to remove the account and re-added in order to have Cloudflare adding the free SSL certificate … or I will need to move to a Biz account.

Is that the case or am I missing to activate some settings in the crypto page? Aside from the explanation of the different versions of SSL (flexible, full … etc) I can’t find any article that indicate what else should be activated.

Thanks for your help.

Best,


#8

What’s not working with your certificate? On Cloudflare’s Crypto tab, what’s your Status for the SSL setting?


#9

The error I’m getting trying to browse https://www.mysite.com is that the browser can’t establish a secure connection.
I can see that the SSL certificate is working fine on the origin site but not on Cloudflare.

The status for SSL is set for FULL Strict


#10

In the Crypto tab with the SSL setting, there should be a Status reading that says “Active.” Is it Active, or is it Pending (or some other status)?


#11

There’s no status whatsoever


#12

Is this where you are looking?


#13

Indeed. Keep in mind the site was added before Dec 2016


#14


#15

I think that the hosting partner you signed up with didn’t setup auto SSL until after you added your domains. Which means that you will probably have to remove and re-add them to your account to kick off the SSL process.


#16

Understand. I thought so. Will the process create disruption for my site since you will probably modify the DNS.


#17

It shouldn’t, because you don’t have SSL yet. However if you want to be extra careful you could change your DNS at your registrar to temporarily point away from Cloudflare.


#18

Ok, thank you.


#19

hi ty for great cloud flare it is realy great but im from iran and i already bought dv ssl from comodo from third party company ، after i actived cloudflare dns on my domain ،my comodo ssl deactived and i cant use it anymore،i cant use paid plan of cloud flare because all international payment are blocked in iran US sanctions prohibit trade with Iran. For that reason, international payment and credit cards cannot be used from iran and there is no third party company for help to buy cloud flare biz plans plz if there is way to active my own ssl again without paid plan plz tell me know Otherwise, im realy sorry i have no choice i have to disble cloud flare :(( plz just add ability of use own ssl for who paid for ssl:(


#20

If you are bringing your own :cert: you will have to be on a BIZ plan. Is there a reason you don’t want to use the free SSL :cert: that comes on the FREE plan?