here is my setup
Nginx proxy Apache
now in order to avoid some conflict and error between cloudflare and runcloud I needed to setup Origin Certificates with cloud run. so I can get SSL and HTTPS showing otherwise i get an error 52.
so now I am thinking to use the full strict SSL option on cloudflare.yes extra security but I heard it might has it’s own issues. what are those issues ? should i bring it back to only full SSL?
here is my setup
Strict ensures that your server has a valid certificate. Without strict, Cloudflare will think “eh, it’s expired, or the wrong domain, but it’s encrypted. Good enough!” The Cloudflare “Origin CA” certificate is generated for your domain with a far-future expiration date, and Cloudflare considers this to be a valid certificate. But if you bypass Cloudflare, browsers won’t recognize the certificate as valid.
I use RunCloud, but use the dns-01 API method to validate, using my Cloudflare API Key. Not that “put a file on the server” method. I do this instead of the above “Origin CA” certificate for the reason stated above.
Either method (Origin CA, or RunCloud’s dns-01 verification) lets you use Full (Strict) at Cloudflare.
thank you sdayman.
as I understand the DNS-01 method would be better
now I see. how do I do DNS-01 method?
I am in the first free 5 days with runcloud and after I wont be able to use the SSL section so CA certificate will be cancel unless i sign up for paid membership.
would mind explaining how to do it ?
Sorry, that’s a paid plan feature at RunCloud. Here are their instructions:
This topic was automatically closed after 30 days. New replies are no longer allowed.