How to Get an SSL Certificate from Cloudflare

Online privacy is now a top priority, and having a secure website is no longer optional – it’s a necessity. An SSL certificate encrypts data transferred between your website and its visitors, protecting sensitive information like passwords and payment details. Not only does this safeguard your users, but it also boosts your site’s credibility and improves search engine rankings.

Cloudflare makes securing your website easier and more affordable by offering free and paid SSL certificates. No matter if you’re a beginner or an advanced user, Cloudflare’s streamlined process allows you to obtain and install SSL quickly. This guide will walk you through everything from generating an SSL certificate on Cloudflare to installing it on your web server – ensuring your site is protected and fully encrypted.

What Is an SSL Certificate and Why You Need It

An SSL certificate (Secure Sockets Layer) is a security tool that protects the information shared between a website and its visitors. It keeps things like passwords, credit card details, and personal data safe from hackers by encrypting the connection.

When a website has an SSL certificate, it uses HTTPS (HyperText Transfer Protocol Secure) instead of HTTP, which means all communications between the user’s browser and the website are encrypted. This encryption scrambles the data so that only the intended recipient can read it, making it nearly impossible for cybercriminals to access or manipulate the information.

SSL certificates are issued by Certificate Authorities (CAs), trusted organizations that verify a website’s identity before providing the certificate. This helps establish trust between users and websites, as visitors can see a padlock icon in their browser’s address bar, signaling that the site is safe and secure.

Read more: Guide to Securing Your WordPress Site

Why Do You Need an SSL Certificate?

  • Keeps Data Safe – SSL locks your information so hackers can’t steal it.
  • Boosts Google Ranking – Google favors secure (HTTPS) websites, helping them rank higher in search results.
  • Builds Trust – The padlock symbol in the address bar shows visitors your site is safe.
  • Meets Security Rules – Many online regulations require SSL to protect user data.
  • Avoids “Not Secure” Warnings – Without SSL, browsers warn users that your site isn’t safe, which can scare them away.
  • Aligns with Compliance: Meets industry standards like PCI-DSS for online transactions.

Simply put, an SSL certificate keeps your website secure, improves trust, and helps with SEO, making it a must-have for any website today.

How to Get an SSL Certificate from Cloudflare

To get an SSL certificate from Cloudflare, follow these simple steps:

Step 1: Sign Up or Log In to Cloudflare

Go to Cloudflare.com and log in or create a free account. You can use your Google or Apple account or any other email address while signing up. Upon successful login, you’ll see the Cloudflare dashboard with all available configuration menus in the left side panel.

Step 2: Add Your Website

You’ll be automatically taken to the Account Home page. Enter your domain name in the designated field or register a new domain with Cloudflare. Click Continue, and Cloudflare will scan your DNS records – review and confirm they are correct.

Add your domain to cloudflare

Step 3: Select the Right Plan for Your Needs

Once your domain is added correctly, Cloudflare prompts you to choose a plan for your domain. We’ve chosen the Free plan here. You can go for the Pro plan if you need advanced SSL features.

Select a Cloudflare free plan

Step 4: Update Nameservers Carefully

This is the most important part of this tutorial. Updating the nameservers correctly is crucial to establishing a connection between your website and Cloudflare. Cloudflare will provide two nameservers (e.g., adam.ns.cloudflare.com and emma.ns.cloudflare.com).

You can get the nameservers either under the Overview tab or by navigating to DNS > Records and scrolling down to find the nameservers provided by Cloudflare.

Replace the dns with cloudflare's nameservers

Now, go to your domain registrar (e.g., Hostinger, GoDaddy, Namecheap) and update your current nameservers with the ones Cloudflare provides.

It may take up to 24 hours for propagation, but usually, it’s faster.

Step 5: Enable SSL/TLS Encryption

While people still use the term “SSL,” most modern encryption actually uses TLS for security. Cloudflare and other providers issue TLS certificates, even if they are commonly referred to as SSL. So don’t get confused seeing TLS here.

Go to SSL/TLS > Overview in the dashboard. And choose from:

  • Automatic SSL/TLS (default): Cloudflare analyzes your traffic to determine if enhanced encryption is needed and automatically adjusts your settings accordingly.
  • Custom SSL/TLS: Choose the encryption mode that Cloudflare will use to establish a connection with your origin server.

You can choose the custom encryption mode, and we recommend selecting the Full (Strict) option. This ensures full encryption with a valid SSL certificate on your origin server.

Select ssl tls type

Step 6: Configure the Edge Certificates

Enable Always Use HTTPS and Automatic HTTPS Rewrites under SSL/TLS > Edge Certificates to force secure connections.

  • Always Use HTTPS: Redirects all HTTP requests to HTTPS, preventing insecure connections.
  • Automatic HTTPS Rewrites: This fixes mixed content issues by rewriting HTTP links to HTTPS when possible, ensuring a fully secure browsing experience.
Always Use HTTPS - Edge certificates

These settings help protect user data, improve SEO rankings, and maintain trust by enforcing secure connections across your site.

Step 7: Verify SSL Is Working

After installing an SSL certificate, follow these steps to confirm that it’s properly set up and securing your website:

  • Open your browser and visit the website using https://yourdomain.com.
  • Look for a padlock icon in the address bar.
  • Click the padlock to view SSL certificate details.

You can also use an SSL Checker Tool. Test your SSL installation with online tools like:

These tools check for expiration, security issues, and proper configuration. If you know how to use commands, run the following command to check SSL on your server:

curl -I https://yourdomain.com

If SSL is working, the response should include HTTP/2 200 OK or HTTP/1.1 301 Moved Permanently (redirecting to HTTPS).

Step 8: (Optional) Generate an Origin SSL Certificate

This step is necessary if your hosting doesn’t support SSL. Install the generated certificate on your web server. Go to SSL/TLS > Origin Server > Create Certificate.

  • Select “Generate private key and CSR with Cloudflare”.
  • Choose your private key type.
  • Add hostnames (e.g., *.example.com and example.com).
  • Choose the certificate validity period (15 years by default).
  • Click “Create” and copy the certificate (cert.pem) and private key (privkey.pem) for your server.

Your Cloudflare Origin SSL Certificate is now ready!

Create an ssl from the origin server

Step 9: Install SSL Certificate on Your Web Server

To install the Cloudflare Origin SSL Certificate on your web server, follow these steps based on your server type:

For Apache

Access your server via SSH: ssh [email protected]. Create directories for SSL: sudo mkdir /etc/ssl/cloudflare. Upload the certificate and key: Copy cert.pem and privkey.pem to /etc/ssl/cloudflare/.

Update Apache Configuration: Open the SSL configuration file, usually:

/etc/apache2/sites-available/yourdomain.com.conf: sudo nano /etc/apache2/sites-available/yourdomain.com.conf

Ensure these lines are present and updated:

SSLEngine on

SSLCertificateFile /etc/ssl/cloudflare/cert.pem

SSLCertificateKeyFile /etc/ssl/cloudflare/privkey.pem

Enable SSL and Restart Apache: sudo a2ensite yourdomain and sudo systemctl restart apache2

For Nginx

Access your server via SSH: ssh [email protected]. Create directories for SSL: sudo mkdir /etc/nginx/ssl. Upload the certificate and key: Copy cert.pem and privkey.pem to /etc/nginx/ssl/.

Update Nginx Configuration: Open your Nginx site configuration, usually:

/etc/nginx/sites-available/yourdomain.com.conf:sudo nano /etc/nginx/sites-available/default

Add or modify these lines inside the server:

server {
listen 443 ssl;
server_name yourdomain.com;

ssl_certificate /etc/nginx/ssl/cert.pem; 

ssl_certificate_key /etc/nginx/ssl/privkey.pem;

location / { 
    proxy_pass http://localhost:80;
    }
}

Test and Restart Nginx: sudo nginx -t and sudo systemctl restart nginx

For cPanel or Other Control Panels

cPanel is a widely used control panel for website management. While we’ve demonstrated the process using cPanel here, the steps are somewhat similar for other popular control panels as well.

  • Log in to cPanel.
  • Go to Security > SSL/TLS.
  • Click Manage SSL Sites under Install and Manage SSL.
  • Paste the contents of:
    • Certificate (CRT): From cert.pem.
    • Private Key (KEY): From privkey.pem.
  • Click Install Certificate.

Now verify your website’s SSL certificate as we’ve shown in #Step 7.

Simplify the SSL Certification Process with FlyWP

Now that you’ve learned how to obtain an SSL certificate from Cloudflare and install it on your web server, you may find the process a bit complex, especially if you have limited technical experience. However, using FlyWP makes this much easier. With its intuitive GUI, even those with minimal technical knowledge can easily add an SSL certificate.

Complete the following simple steps to install and verify an SSL certificate on FlyWP. Log in to your FlyWP dashboard. Select your Server and website from the Sites section. Click on SSL from the left-side menu.

Simplify the SSL Certification Process with FlyWP

Under the New Certificate section, choose either:

  • Let’s Encrypt (for a free SSL certificate).
  • Install Existing (if you have an SSL certificate to upload).

Follow the on-screen instructions to complete the installation. Your SSL certificate is now successfully installed and verified on FlyWP! It’s that simple with FlyWP. Learn more about FlyWP’s SSL Management.

Final Thoughts

Securing your website with an SSL certificate is essential for protecting user data and improving trust. While obtaining an SSL certificate from Cloudflare and installing it on your web server can be a bit technical, the benefits of enhanced security, improved SEO, and a better user experience make it well worth the effort.

For those who find manual installation overwhelming, cloud server management platforms like FlyWP can make the process much easier. With its intuitive interface for managing SSL certificates, FlyWP streamlines not only SSL management but also the overall cloud server management. You can easily ensure your website stays secure with minimal effort.

Looking for a simpler way to manage your SSL and cloud server? Try FlyWP to take the hassle out of both and keep your website running securely.

Add your first comment to this post