Overview
This article explains how to use a DreamHost SSL certificate with a Cloudflare-enabled domain.
Configuring an SSL certificate with Cloudflare
The following steps configure an SSL certificate with your Cloudflare account. See this article for further information on these encryption modes below.
Add an SSL certificate to your domain
You must first add an SSL certificate to your domain in your DreamHost panel. This can be a free Let's Encrypt or a professionally-signed certificate.
Select a Cloudflare plan
See this article to learn more about how to set up a Cloudflare plan for your domain.
It is currently not possible to add Cloudflare to a dreamhosters.com subdomain.
Configure an SSL option in the Cloudflare panel
Log in to your Cloudflare account and change the SSL encryption mode. See this page for details on the difference between these modes.
The only option you should use is 'Full SSL (Strict)'. Any other option is not fully secure.
Flexible SSL — (only if you do not have an SSL certificate)
-
This is the default setting for your domain when you add a FREE Cloudflare plan to your domain without an SSL certificate. The connection between the user and Cloudflare is secure, but the connection between DreamHost and Cloudflare is not encrypted. For this reason, this option is NOT recommended if you have any sensitive information on your website.
View Cloudflare's blog post about this Universal SSL option.
DO NOT use this option if you have added an SSL certificate to your domain. This should only be considered as a 'last-resort' option.
When enabling this option, your site may display an infinite redirect loop error. Check your .htaccess file to make sure it does not contain any .htaccess redirects. Your site must only resolve to the HTTP version for this option to work.
Full SSL — (only for self-signed certificates)
-
This option should ONLY be enabled if your site is using a self-signed certificate. Be aware of the following:
- The connection between the user and Cloudflare is secure
- The connection between Cloudflare and DreamHost is secure
- The connection between Cloudflare and DreamHost is not authenticated.
Your visitors will see HTTPS and a secure padlock in their browser, but Cloudflare does not verify the authenticity of the certificate you installed.
Full SSL (Strict) — (for valid SSL certificates)
-
This is the only option you should use with a free Let's Encrypt or paid professionally-signed certificate.
This option secures the connection between the user and Cloudflare and from Cloudflare to DreamHost.