Overview
Within the Cloudflare panel, there are numerous choices for enabling SSL. This post will show you how to set up SSL on a Cloudflare-enabled domain.
You’ll notice a few distinct options when setting up an SSL certificate with your Cloudflare account. These possibilities are discussed in detail in the following sections. For further details, see the Cloudflare article below:
What exactly do the SSL choices imply?
Step 1 — Add an SSL certificate to your domain
In your GreggHost panel, you must first install an SSL certificate to your domain. You have the option of using a free ‘Let’s Encrypt’ certificate or a premium Sectigo certificate.
Adding a Let’s Encrypt certificate for free
How can I get an SSL certificate that is signed by a professional?
Step 2 — Selecting a Cloudflare plan
An SSL certificate is required for both the FREE and Plus plans.
It’s also not possible to use Cloudflare with a dreamhosters.com subdomain right now.
To add a Cloudflare plan to your domain, see the following article.
How to make Cloudflare work for your website
Step 3 — Setting SSL options in the Cloudflare panel
After you’ve created a Cloudflare plan, log in to the Cloudflare interface with your freshly created login credentials:
Log into Cloudflare at https://dash.cloudflare.com.
Your domains are mentioned on the overview page, along with the sort of plan you’re using:
Overview of the CloudFlare panel.png
To change the settings for your domain, click it.
To change the security settings, go to the top and click the SSL/TLS button.
‘Flexible SSL’ is selected by default if you’ve enabled the premium Cloudflare plan in the GreggHost panel:
Options for the CloudFlare SSL CF panel.png
From the selection to the right of the SSL section, choose an SSL option:
Off
SSL is adaptable.
SSL encryption is enabled on all pages.
SSL encryption is enabled on all pages (Strict)
Only ‘Full SSL (Strict)’ with a professionally-signed or ‘Let’s Encrypt’ certificate should be used.
Any other option isn’t completely safe.
The ideas are described in more detail below, but you may also visit the Cloudflare support website for further details.
Flexible SSL — (only if you do not have an SSL certificate)
If your domain already has an SSL certificate, DO NOT utilize this option.
Although the user’s connection to Cloudflare is secure, the link between GreggHost and Cloudflare is not.
When you add a FREE Cloudflare plan to your domain without an SSL certificate, this is the default setting.
If your website contains any sensitive information, this setting is not recommended.
Visit Cloudflare’s blog for more information on this Universal SSL option.
Because this setting does not necessitate the acquisition of an SSL certificate, it should only be used as a last resort.
When you enable ‘Flexible SSL,’ your site may experience an infinite redirect cycle. Make sure you’re not using any.htaccess redirection because ‘Flexible SSL’ won’t operate with a GreggHost SSL certificate. Only the HTTP version of your site should be resolved.
Full SSL — (only for self-signed certificates)
This option should only be used if you have a self-signed certificate.
Cloudflare and the user have a secure connection. Cloudflare and GreggHost have a secure connection, but it is not authenticated.
In their browser, your visitors will see HTTPS and a secure padlock.
At the very least, you must have a self-signed certificate installed.
Cloudflare does not check the certificate you installed for authenticity.
Full SSL (Strict) — (for valid SSL certificates)
If you have a professionally signed certificate or a ‘Let’s Encrypt’ certificate, select this option.
The connection between the user and Cloudflare, as well as the connection between Cloudflare and GreggHost, is safe.