Cloudflare offers several options to enable SSL within the panel. This article is an overview of how to enable SSL for a Cloudflare-enabled domain.
When setting up Secure Hosting with your Cloudflare account, you’ll notice a few different available options. The following sections detail these options.
Selecting a Cloudflare plan
- The first step to setting up SSL on your domain using Cloudflare is to add a Cloudflare plan to the domain. Both FREE and Plus plans work with an SSL certificate.
- It’s also currently not possible to add Cloudflare to a dreamhosters.com subdomain.
- Go to the (Panel > ‘Domains’ > ‘Manage Domains’) page.
- Do one of the following:
- If you have not added your domain on the panel yet, click the Add Hosting to a Domain / Sub-Domain button near the top of the page.
- If you've already added your domain on the panel, click the Edit button under the 'Web Hosting' column to the right of your domain.
- Confirm that the 'Enable Cloudflare on this domain' checkbox is checked.
- Two drop-down lists, 'Cloudflare Account' and 'Cloudflare Subscription' appear beneath the checkbox once this option is selected.
- Select either the FREE or Cloudflare Plus option from the "Cloudflare Subscription" drop-down.
- If you are adding a new domain, scroll down and click the Fully host this domain button.
- If you're editing an existing domain, scroll down and click the Change Settings button.
SSL options in the Cloudflare panel
Once you create a Cloudflare plan, use your newly-created login credentials to log in to the Cloudflare panel:
- Go to https://www.cloudflare.com/login and log in.
- On the overview page, your domains are listed along with what type of plan you're using:
- Click your domain to alter its settings.
- If you've enabled the paid Cloudflare plan in the DreamHost panel, 'Flexible SSL' is selected by default:
- Click the Crypto button at the top to adjust the security settings.
- Select an SSL option from the dropdown to the right of the SSL section:
- Flexible SSL
- Full SSL
- Full SSL (Strict)
An explanation of the plans is mentioned below, but you can also view further information by visiting the Cloudflare support page.
- means that visitors to your site will be able to connect using https, but the connection between DreamHost and Cloudflare is not encrypted.
- is the default setting for your domain when you add a FREE Cloudflare plan to your domain without an SSL certificate.
- is NOT recommended if you have any sensitive information on your website.
- View Cloudflare's blog post about this Universal SSL option.
Full SSL and Full SSL (Strict)
Full SSL means that the connection between DreamHost and Cloudflare is encrypted.
- Your visitors will see HTTPS and a secure padlock in their browser.
- You must have a self-signed or a professionally-signed certificate installed to use the Full SSL service.
- View Secure Hosting for information on how to create an SSL certificate with DreamHost.
To set up Full SSL:
- Complete the steps described in Selecting a Cloudflare Plan described above.
- Confirm that Secure Hosting is added to your domain.
- Use the Cloudflare dashboard to enable Full SSL (or Full SSL Strict) on your domain.
Only a professionally-signed certificate will work for Cloudflare’s Full SSL (Strict) setup.