ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups

    Setup a Cloudflare Origin Certificate for use on a backend server

    IT Discussion
    cloudflare origin certificate ssl
    4
    18
    468
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JaredBusch
      JaredBusch last edited by

      looks pretty easy actually.
      3adc1918-1dbb-4f0b-8dd6-f8d78f761fdb-image.png

      stacksofplates 1 Reply Last reply Reply Quote 1
      • stacksofplates
        stacksofplates @JaredBusch last edited by stacksofplates

        @JaredBusch said in Setup a Cloudflare Origin Certificate for use on a backend server:

        looks pretty easy actually.
        3adc1918-1dbb-4f0b-8dd6-f8d78f761fdb-image.png

        oh nice, that does look simple. I had to paste the different sections of the cert into the config page for GitLab Pages.

        cloudcert.png

        1 Reply Last reply Reply Quote 0
        • stacksofplates
          stacksofplates last edited by

          So likely when I need to renew my cert it will be less work to just flip that toggle than to generate the cert from cloudflare and paste it into GitLab. I won't need to do that for another year or two though.

          JaredBusch 1 Reply Last reply Reply Quote 0
          • JaredBusch
            JaredBusch @stacksofplates last edited by

            @stacksofplates Since I setup my origin cert as a 15 year cert, I went ahead used it on GitLab pages. Totally get the point that it is simple either way though.

            1 Reply Last reply Reply Quote 1
            • JaredBusch
              JaredBusch last edited by JaredBusch

              As an addendum to the original post.

              • If you are using GitLab pages to host your site, as I am with my Hugo version of jaredbusch.com
              • And you want to use the Cloudflare origin certificate, then you need to get Cloudflare's root CA cert also.

              Cloudflare has an article about it that you can read here.

              If you followed my guide above, you need to get the "ECC" version of the cert.
              f4f9169a-12d0-407e-aad1-dcd17cc74f8f-image.png

              1 Reply Last reply Reply Quote 1
              • FATeknollogee
                FATeknollogee last edited by

                noob question here:
                If you're hosting on Cloudflare, this should be used instead of LE?

                JaredBusch scottalanmiller 2 Replies Last reply Reply Quote 1
                • JaredBusch
                  JaredBusch @FATeknollogee last edited by

                  @FATeknollogee said in Setup a Cloudflare Origin Certificate for use on a backend server:

                  noob question here:
                  If you're hosting on Cloudflare, this should be used instead of LE?

                  The website is hosted on GitLab Pages.
                  My DNS is on Cloudflare.

                  Technically, these are unrelated things. Aside from the DNS needing to point to a server someplace.

                  If you turn off the proxy (orange cloud) on Cloudflare, then you can use the LE certificate on GitLab. GitLab should not be able to use an LE certificate if you have the proxy on, because Cloudflare is the MitM and the auth request should not pass through.

                  1 Reply Last reply Reply Quote 1
                  • scottalanmiller
                    scottalanmiller @FATeknollogee last edited by

                    @FATeknollogee said in Setup a Cloudflare Origin Certificate for use on a backend server:

                    noob question here:
                    If you're hosting on Cloudflare, this should be used instead of LE?

                    Not about "should", it's about which makes more sense for you in a given situation.

                    FATeknollogee 1 Reply Last reply Reply Quote 0
                    • FATeknollogee
                      FATeknollogee @scottalanmiller last edited by

                      @scottalanmiller said in Setup a Cloudflare Origin Certificate for use on a backend server:

                      @FATeknollogee said in Setup a Cloudflare Origin Certificate for use on a backend server:

                      noob question here:
                      If you're hosting on Cloudflare, this should be used instead of LE?

                      Not about "should", it's about which makes more sense for you in a given situation.

                      "could" would probably have been a better word choice.

                      scottalanmiller 1 Reply Last reply Reply Quote 0
                      • scottalanmiller
                        scottalanmiller @FATeknollogee last edited by

                        @FATeknollogee said in Setup a Cloudflare Origin Certificate for use on a backend server:

                        @scottalanmiller said in Setup a Cloudflare Origin Certificate for use on a backend server:

                        @FATeknollogee said in Setup a Cloudflare Origin Certificate for use on a backend server:

                        noob question here:
                        If you're hosting on Cloudflare, this should be used instead of LE?

                        Not about "should", it's about which makes more sense for you in a given situation.

                        "could" would probably have been a better word choice.

                        Yup, you definitely can 🙂

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post