Validating a Let’s Encrypt Certificate on a Site Already Active on Cloudflare

Validating a Let’s Encrypt Certificate on a Site Already Active on Cloudflare

Was this article helpful?

No! Because not a single word on the procedure or settings that are needed - or not needed - on Cloudflare.

I see room for improvement for that page.

You already have or have had an SSL certificate generated from Let’s Encrypt for your domain and sub-domain(s) before you added your Website/domain to Cloudflare?

If so, try turning :orange: to :grey: for your A www and A yourdomain (or CNAME).
Then run the process of renewing the LE’s SSL certificate at your host/origin server (either via some interface - GUI, or command line tool - CLI).
Upon success, turn back to :orange:.

Or use Cloudflare CA origin certificate for HTTP/HTTPS traffic, while LE’s certificate for mail sub-domain (which has to be :grey: to make e-mail work).

Or why not purchasing one from resellers like NameCheap, Comodo, etc. or a Cloudflare Advanced Certificate Manager (Dedicated SSL)?

I have LE SSL running. My question was about the CF settings. Currently I use:

Full(Strict)
Always Use HTTPS
Edge Certificates > Unversal
Client Certificates > none
Origin Certificates > none
Authenticated Origin Pulls > ON

I wonder if those settings are correct.

1 Like

All good!

Actually, not needed if not configured at your host/origin.