Igor Kromin |   Consultant. Coder. Blogger. Tinkerer. Gamer.

I've been using CloudFlare on my various web sites for a number of years now and the reason for using this service has just become even more compelling. Recently Google introduced HTTPS as a rank for website indexing which means if you don't have a HTTPS web site, you will be down-ranked in search results. For HTTPS you of course need an SSL certificate.

So why am I talking about CloudFlare? CloudFlare is a distributed caching network that can speed up your web site with very little setup required, just change your DNS servers and you're done. They also offer SSL to all their customers, including the ones on the free plan.

Getting this set up is easy. After singing up and setting up your web site to work via CloudFlare, go to the 'Crypto' tab and enable SSL. The easiest option is to use 'Flexible' which means you don't actually need an SSL certificate on your web server but your site will still be secured using CloudFlare's certificate.

Here's what my travelblog.ws certificate looks like after doing this set up.
cfcert3.png


I wouldn't recommend using the 'Flexible' option but going for the 'Full (strict)' option. This requires you to install a certificate on your web server. That means traffic between your server and CloudFlare is encrypted. Luckily CloudFlare can generate a certificate for you for free!



In the 'Crypto' tab scroll down to 'Origin Certificates' and click 'Create Certificate' then follow all the prompts and finally save your certificate and private key. You need to use Firefox for this step as other browsers weren't compatible. I created an RSA certificate and let CloudFlare fill in my domains for me I also left the expiration at the default value of 15 years.
cfcert1.png

cfcert2.png


When you're done, save your certificate and private key and install them on your server. I won't go into details on how to install this into your particular server as that can vary, besides it is covered in detail here. In my case I also had to download the CloudFlare CA Certificate to be able to install the origin certificate in my server (sometimes this is referred to as the CABUNDLE). There's more detail on these here.

When my server had the generated origin certificate installed, I went back to CloudFlare and enabled 'Full (strict)' mode.
cfcert4.png


That's all there is to it! You get a free secured site while having its loading times boosted. You can't ask for more, especially if it's free!

-i

A quick disclaimer...

Although I put in a great effort into researching all the topics I cover, mistakes can happen. Use of any information from my blog posts should be at own risk and I do not hold any liability towards any information misuse or damages caused by following any of my posts.

All content and opinions expressed on this Blog are my own and do not represent the opinions of my employer (Oracle). Use of any information contained in this blog post/article is subject to this disclaimer.
Hi! You can search my blog here ⤵
NOTE: (2022) This Blog is no longer maintained and I will not be answering any emails or comments.

I am now focusing on Atari Gamer.