Setting up your cPanel website with Cloudflare SSL

and published
install cloudflare ssl in cpanel

In this tutorial, we will cover the necessary steps to establishing a secure connection between Cloudflare and your cPanel hosting account. This guide does not cover how to enforce SSL with Cloudflare, updating your WordPress Site Address URL or fixing mixed content issues.

How to create a Cloudflare SSL Certificate for cPanel

  1. Login to Cloudflare
  2. Select your site using the dropdown menu found in the upper left corner
  3. Click the Crypto icon at the top of the screen
  4. Scroll down a little until you get to the Origin Certificates
  5. Click Create Certificate
  6. The options here you want are:
    1. Let Cloudflare generate a private key and a CSR
    2. Private key type: RSA
    3. Hostnames should be:
      • *
    4. Certificate Validity: 15 years or shorter if you like
    5. Click next
  7. Cloudflare should have now generated your private key and server-side SSL certificate (Origin Certificate) Ensure the key format is set to PEM (Default)
    1. Copy the Origin Certificate to notepad, you will need this in a moment
    2. Copy the private key to notepad, you will need this in just a moment
    3. Web Server for installation should be set Apache httpd
  8. Now proceed to the next panel to install what you just created by Cloudflare in cPanel

How to install your Cloudflare SSL Certificate in cPanel

Please note that these cPanel directions are made using the ‘basic’ theme style and not the ‘retro’, switching the style will allow you to follow these steps easier.

  1. Login to cPanel
  2. Scroll down to the security section and click SSL/TLS
  3. Private Keys (KEY)
    1. Click the hyperlink: Generate, view, upload, or delete your private keys
    2. Scroll down and past Generate a New Private Key until you reach Upload a New Private Key
    3. Refer to your notepad document that you made earlier, copy the private key and paste it underneath “Paste the key into the following text box”
    4. Adding a description below can help you identify this SSL install later on
    5. Click Save
    6. Scroll to the bottom of the page and click Return to the SSL manager
  4. Certificates (CRT)
    1. Click the hyperlink: Generate, view, upload, or delete SSL certificates
    2. Scroll down to Upload a New Certificate and once again refer to your notepad document and this time copy and paste the Origin Certificate into the box below “Paste the certificate into the following text box”
    3. Add a description if you like to help identify this install, esepically if you know that you have previous used other SSL certs in the past
    4. Click Save Certificate
    5. Scroll to the bottom of the page and click Return to the SSL manager
  5. Install and Manage SSL for your site (HTTPS)
    1. Click the hyperlink Manage SSL sites
    2. Scroll down until you find “Install an SSL Website”
    3. Click Browse Certificates and radio check the one that you uploaded a few moments ago and then click use Certificate
    4. You may get a warning “The certificate does not match your selected domain.” But don’t worry, the next step will resolve this issue
    5. In the dropdown select list, choose your domain which will look something like (, the error warning message in the previous step should now disappear
    6. You should now notice that the box underneath Certificate Authority Bundle: (CABUNDLE) is blank, for this you need to add the Cloudflare Origin CA – RSA Root Certificate. You can find the CA Bundle below.
      -----BEGIN CERTIFICATE-----
      -----END CERTIFICATE-----

    7. Make sure the checkbox Enable SNI for Mail Services is checked, this option is important for sites that use contact forms or other web design assets that use the sendmail feature.
    8. Finally click install and congratulations, you have now installed you Cloudflare SSL TLS cert to cPanel and the connection between your hosting package and Cloudare is now encrypted.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

14 Responses to “Setting up your cPanel website with Cloudflare SSL”

  1. Abdulwahab Suleiman

    Hi, thanks very much for this article.

    I came across your post last week and implemented the above steps on my blog but after two days of applying my flexible SSL certificate was still pending. I contacted their support and they explained the delay wasn’t from their own end. I later came across another article on Let’s Encrypt free SSL. I implemented the steps and it was like magic. Check my blog Hi, thanks very much for this article.

    The let’s encrypt SSL is active though will have to renew it every 3months.

    Thanks again for the great piece.

    • I’d rather use Cloudflares personally, because it doesn’t expire for many years! and is just as secure. If you had problems then its like a temporary issue with Cloudflare or your server, because millions of sites use Cloudflare SSL without issues as you have described.

  2. Thanks for sharing, now I can also secure my websites.

  3. Hi there.

    Today, I decided to try Cloudflare SSL for one of my websites. I was a bit confused as I haven’t done this before. Then I found your tutorial and I did it within 10 min and everything works like a charm. Great step-by-step explanation! Very useful and just wanted to say thanks. Thumbs Up!



  4. Thanks for explaining the whole process in easiest way possible. But, it didn’t worked for me. after implementing the whole process, when I tried to install WordPress from cPanel and selected the “https” option. It gives me an error: A trusted SSL Certificate was not found, I tried to use this on my installed WordPress. It’s giving me error in chrome. 🙁

    • Sounds like you already have a certification installed (a self cert), in cPanel and within manage SSL can you see two installs? if so, click primary on the Cloudflare one. If you don’t see two… then its possibly because you haven’t waited long enough for the changes to place. When adding SSL, it can take between 10-30mins for the settings to take place. Also ensure that you have ‘FULL STRICT’ in the Crypto TAB on Cloudflare.

      • Thanks Simon,
        I just checked, Cloudflare also mentioned that “SSL certificate issuance may take up to 24 hours.”
        do you think this is the main reason? I checked right after installing the certificate? I’ve done selecting the certificate from Manage.

  5. I found this blog and followed the above steps but after everything what happens is my site redirects to /cgi/default what could be causing this issue when the ssl is showing up?

    • Hi Peter, redirects are generally associated with the content management system, htaccess, virtual host or DNS, so its likely one of those that is affecting the install and not the SSL cert.

      I have taken a look at the domain question and I can see that the SSL is installed correctly (see image below) and not redirecting, so I assume that you corrected the issue.

      SSL Cloudflare test results

      However I did notice that your SSL is being blocked by mixed content, which appears to be various logos and payment icons. You should ensure that every resource is loaded over HTTPS otherwise some browsers will warn your visitors or customers that the page is unsecure, or worse unsafe.

  6. I’m getting a 502 error after following these instructions. My website works well with http, but gets the bad gateway error when I use https. That said, I have the full (strict) mode on in CloudFlare.

    • Hi Pratik,

      502 is generally caused by your website host configuration. The first thing I would check is your htaccess file, make sure you have no redirects in there which could be causing the issue, then move on to checking your error.log, if you still can’t find the issue then its either you haven’t waited long enough for Strict SSL to work correctly or you have a different problem and then you would need to contact your web host.

  7. Hi BYBE,
    As per this tutorial I did the same thing but unfortunately can’t access my WordPress back-end. Now I forced to switch from strict SSL to off mode. Please help me how to access my back-end. I did also delete the page rule which had created for the same. Website is working but loading speed is too high.

    If I’m successful to access the back-end then I can install the plug-in really simple SSL to fix the rest of the issue. Please help me how to fix this issue.

    • Note to you, and other webmasters, you need to update the site address within WordPress or directly to the SQL using phpMyAdmin or via command-line.