Setting up your cPanel website with Cloudflare SSL

and published
install cloudflare ssl in cpanel

In this tutorial, we will cover the necessary steps to establishing a secure connection between Cloudflare and your cPanel hosting account. This guide does not cover how to enforce SSL with Cloudflare, updating your WordPress Site Address URL or fixing mixed content issues.

How to create a Cloudflare SSL Certificate for cPanel

  1. Login to Cloudflare
  2. Select your site using the dropdown menu found in the upper left corner
  3. Click the Crypto icon at the top of the screen
  4. Scroll down a little until you get to the Origin Certificates
  5. Click Create Certificate
  6. The options here you want are:
    1. Let Cloudflare generate a private key and a CSR
    2. Private key type: RSA
    3. Hostnames should be:
      • *.example.com
      • example.com
    4. Certificate Validity: 15 years or shorter if you like
    5. Click next
  7. Cloudflare should have now generated your private key and server-side SSL certificate (Origin Certificate) Ensure the key format is set to PEM (Default)
    1. Copy the Origin Certificate to notepad, you will need this in a moment
    2. Copy the private key to notepad, you will need this in just a moment
    3. Web Server for installation should be set Apache httpd
  8. Now proceed to the next panel to install what you just created by Cloudflare in cPanel

How to install your Cloudflare SSL Certificate in cPanel

Please note that these cPanel directions are made using the ‘basic’ theme style and not the ‘retro’, switching the style will allow you to follow these steps easier.

  1. Login to cPanel
  2. Scroll down to the security section and click SSL/TLS
  3. Private Keys (KEY)
    1. Click the hyperlink: Generate, view, upload, or delete your private keys
    2. Scroll down and past Generate a New Private Key until you reach Upload a New Private Key
    3. Refer to your notepad document that you made earlier, copy the private key and paste it underneath “Paste the key into the following text box”
    4. Adding a description below can help you identify this SSL install later on
    5. Click Save
    6. Scroll to the bottom of the page and click Return to the SSL manager
  4. Certificates (CRT)
    1. Click the hyperlink: Generate, view, upload, or delete SSL certificates
    2. Scroll down to Upload a New Certificate and once again refer to your notepad document and this time copy and paste the Origin Certificate into the box below “Paste the certificate into the following text box”
    3. Add a description if you like to help identify this install, esepically if you know that you have previous used other SSL certs in the past
    4. Click Save Certificate
    5. Scroll to the bottom of the page and click Return to the SSL manager
  5. Install and Manage SSL for your site (HTTPS)
    1. Click the hyperlink Manage SSL sites
    2. Scroll down until you find “Install an SSL Website”
    3. Click Browse Certificates and radio check the one that you uploaded a few moments ago and then click use Certificate
    4. You may get a warning “The certificate does not match your selected domain.” But don’t worry, the next step will resolve this issue
    5. In the dropdown select list, choose your domain which will look something like example.com (www.example.com), the error warning message in the previous step should now disappear
    6. You should now notice that the box underneath Certificate Authority Bundle: (CABUNDLE) is blank, for this you need to add the Cloudflare Origin CA — RSA Root Certificate. You can find the CA Bundle below.
      -----BEGIN CERTIFICATE-----
      MIID/DCCAuagAwIBAgIID+rOSdTGfGcwCwYJKoZIhvcNAQELMIGLMQswCQYDVQQG
      EwJVUzEZMBcGA1UEChMQQ2xvdWRGbGFyZSwgSW5jLjE0MDIGA1UECxMrQ2xvdWRG
      bGFyZSBPcmlnaW4gU1NMIENlcnRpZmljYXRlIEF1dGhvcml0eTEWMBQGA1UEBxMN
      U2FuIEZyYW5jaXNjbzETMBEGA1UECBMKQ2FsaWZvcm5pYTAeFw0xNDExMTMyMDM4
      NTBaFw0xOTExMTQwMTQzNTBaMIGLMQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xv
      dWRGbGFyZSwgSW5jLjE0MDIGA1UECxMrQ2xvdWRGbGFyZSBPcmlnaW4gU1NMIENl
      cnRpZmljYXRlIEF1dGhvcml0eTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzETMBEG
      A1UECBMKQ2FsaWZvcm5pYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
      AMBIlWf1KEKR5hbB75OYrAcUXobpD/AxvSYRXr91mbRu+lqE7YbyyRUShQh15lem
      ef+umeEtPZoLFLhcLyczJxOhI+siLGDQm/a/UDkWvAXYa5DZ+pHU5ct5nZ8pGzqJ
      p8G1Hy5RMVYDXZT9F6EaHjMG0OOffH6Ih25TtgfyyrjXycwDH0u6GXt+G/rywcqz
      /9W4Aki3XNQMUHNQAtBLEEIYHMkyTYJxuL2tXO6ID5cCsoWw8meHufTeZW2DyUpl
      yP3AHt4149RQSyWZMJ6AyntL9d8Xhfpxd9rJkh9Kge2iV9rQTFuE1rRT5s7OSJcK
      xUsklgHcGHYMcNfNMilNHb8CAwEAAaNmMGQwDgYDVR0PAQH/BAQDAgAGMBIGA1Ud
      EwEB/wQIMAYBAf8CAQIwHQYDVR0OBBYEFCToU1ddfDRAh6nrlNu64RZ4/CmkMB8G
      A1UdIwQYMBaAFCToU1ddfDRAh6nrlNu64RZ4/CmkMAsGCSqGSIb3DQEBCwOCAQEA
      cQDBVAoRrhhsGegsSFsv1w8v27zzHKaJNv6ffLGIRvXK8VKKK0gKXh2zQtN9SnaD
      gYNe7Pr4C3I8ooYKRJJWLsmEHdGdnYYmj0OJfGrfQf6MLIc/11bQhLepZTxdhFYh
      QGgDl6gRmb8aDwk7Q92BPvek5nMzaWlP82ixavvYI+okoSY8pwdcVKobx6rWzMWz
      ZEC9M6H3F0dDYE23XcCFIdgNSAmmGyXPBstOe0aAJXwJTxOEPn36VWr0PKIQJy5Y
      4o1wpMpqCOIwWc8J9REV/REzN6Z1LXImdUgXIXOwrz56gKUJzPejtBQyIGj0mveX
      Fu6q54beR89jDc+oABmOgg==
      -----END CERTIFICATE-----

    7. Make sure the checkbox Enable SNI for Mail Services is checked, this option is important for sites that use contact forms or other web design assets that use the sendmail feature.
    8. Finally click install and congratulations, you have now installed you Cloudflare SSL TLS cert to cPanel and the connection between your hosting package and Cloudare is now encrypted.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>