SSL Encryption for website using cloudflare
In a earlier write, explained how to host a Raspberry Pi web server on the internet. this write will see how to secure your web site with SSL encryption.
https://saravanastar.medium.com/host-a-raspberry-pi-web-server-on-the-internet-89786287db77
Steps
After researching over the internet, found that cloudflare providing free https certificate. Find the following steps create SSL certificate and managing site using cloudflare
- Register site in cloudflare
- Change the name server for the DNS name
- Generate certificate and private key
- Add the configuration in web-server
- Restart the server and access your site with https
Register site in cloudflare
Like shown below image add dns name
Name Server Change
Get the name server details from cloudflare and change name server in DNS provider. I have used the freenom site and added screenshot below
Generate certificate and Private key
Generate the certificate and private key from cloudflare and that target webserver. Research on google for different cloudflare SSL encryption level. I choose full (Strict)
Next, click on the origin server and create PEM and private key file and store those in server.
Configuration in WebServer
Like mentioned in the above article need configure the VirtualHost for port 443 and turn on SSLEngine. Find the configuration {dnsName}.conf in your webserver path /etc/apache2/sites-enabled and update that by below configs
<VirtualHost {dnsName}:443>
DocumentRoot /var/www/html
ServerName www.yourdomain.com
SSLEngine on
SSLCertificateFile /path/to/your_domain_name.crt
SSLCertificateKeyFile /path/to/your_private.key
SSLCertificateChainFile /path/to/CloudFlareCA.crt
</VirtualHost>
After the config change, just restart the apache2 and you can access the your website using https
sudo a2enmod ssl
sudo service apache2 restart
Cloudflare origin CA certificate in below reference link
Reference: