No announcement yet.

Cloudflare SSL

  • Filter
  • Time
  • Show
Clear All
new posts

  • Cloudflare SSL


    If you are having issues with cloudflare SSL, which now allow free SSL, even on all existing Cloudflare accounts, you are best advised as follows:

    If existent cloudflare user

    disable cloudflare
    enable cloudflare

    This will auto create a cloudflare free SSL, but can take upto 24 Hours (see cloudflare warning/message) It does appear to take less then 30 minutes on all accounts I have tried though so far

    New cloudflare accounts, SSL auto created

    If you have any CAA records created, you first need to delete the CAA record, then complete as above

    You could though, add in Cloudflare CAA records, which are as follows:

    so you would need to create 4 CAA records with allow wildcards on domain (the forth been Lets Encrypt)

    The last thing which may stop the www. site been viewed, is the cloudflare SSL set as flexible (default on Cloudflare), so you need to login to cloudflare and change the SSL from flexible to Full or Full strict. once done, you refresh your website in browser, and it should start to show normally

    I hope that helps a little

    Many thanks

    You can configure CAA records by visiting the DNS tab of your Cloudflare settings - please follow the steps below: Step 1 - Log in to the...

  • #2
    Great info but one question, Cloudflare says we need SSL certificate on origin server for Full/Full Strict to work well, so should we really use it instead flexible?
    gta apk


    • #3
      Hi Brad

      Welcome to IW forums

      Yes, you need to create the SSL for domain in IW-CP, and if using CLoudflare, set to full/full strict as you prefer/require.

      The reason for using Cloudflare SSL is so it does not break the domain SSL when browsing, as partial content of website would be served from CLoudflare CDN

      Many thanks