SSL Encryption for website using cloudflare

cloudflare SSL

In a earlier write, explained how to host a Raspberry Pi web server on the internet. this write will see how to secure your web site with SSL encryption.


After researching over the internet, found that cloudflare providing free https certificate. Find the following steps create SSL certificate and managing site using cloudflare

  1. Register site in cloudflare
  2. Change the name server for the DNS name
  3. Generate certificate and private key
  4. Add the configuration in web-server
  5. Restart the server and access your site with https

Register site in cloudflare

Like shown below image add dns name

Register your site

Name Server Change

Get the name server details from cloudflare and change name server in DNS provider. I have used the freenom site and added screenshot below

cloudflare nameservers
Freenom dns provider

Generate certificate and Private key

Generate the certificate and private key from cloudflare and that target webserver. Research on google for different cloudflare SSL encryption level. I choose full (Strict)


Next, click on the origin server and create PEM and private key file and store those in server.

Configuration in WebServer

Like mentioned in the above article need configure the VirtualHost for port 443 and turn on SSLEngine. Find the configuration {dnsName}.conf in your webserver path /etc/apache2/sites-enabled and update that by below configs

<VirtualHost {dnsName}:443>
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /path/to/your_domain_name.crt
SSLCertificateKeyFile /path/to/your_private.key
SSLCertificateChainFile /path/to/CloudFlareCA.crt

After the config change, just restart the apache2 and you can access the your website using https

sudo a2enmod ssl

sudo service apache2 restart

Cloudflare origin CA certificate in below reference link


Software Enginner

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store