Good answer but you can also generate a free SSL certificate by cloudflare but the issue confusing because you need to choose the LET CLOUDFLARE GENERATE PRIVATE KEY AND CSR but also gives you the option to use your own CSR but generate errors like PRIVATE KEY CSR NOT VALID ERROR 1008. I performed a decoder function on the CSR and it comes out good but I knew it was a self signed certificate and I want it to play with the second option in the list that state “I HAVE MY OWN CSR AND PRIVATE KEY” in my conclusion it could be that the certificate is self signed so I think the cloudflare team should update the documentation to say “I HAVE MY OWN CA SIGNED CSR AND PRIVATE KEY” or research why a self signed certificate will generate the csr 1008 error message. I’m was out doing some crypto investing and just came back to play with the server and found this so I said let me share it for the other newbies out there. GO AHEAD AND CHOOSE LET CLOUDFLARE GENERATE PRIVATE KEY AND CSR and you should be fine I hope. Still @sdayman comment on using SSL full implementation should be hopefully applicable to this cloudflare certificate…!!
The following articles can be use as reference for advance CSR issues: