In this tutorial, we will demonstrate how to install a Cloudflare SSL certificate on a GoDaddy Linux Hosting plan with cPanel.
Why install an SSL Certificate from Cloudflare?
Cloudflare is one of the world’s largest networks and is an internet security company that is on a mission to build a better, secure and faster internet.
Installing an SSL certificate on your website can improve page load times, enhance security, and can even increase your website’s ranking in Search Engines.
Step 1: Add your Website to Cloudflare
Head over to Cloudflare.com sign-up, and create an account for your domain.
Next, add your website site domain, as shown below, and select an appropriate Cloudflare plan.
After you have added your website domain on Cloudflare, you will be prompted to automatically import your existing DNS records from your current domain registrar/web hosting company, as illustrated below.
Do a quick check of your DNS records and press continue to proceed.
Replace existing nameservers with Cloudflare nameservers
To avail the benefits of the Cloudflare SSL certificate, you will also have to update the nameservers at your domain registrar to resolve your domain’s DNS with Cloudflare’s nameservers.
In simpler terms, you will have to login to your GoDaddy account and replace GoDaddy nameservers with Cloudflare nameservers, which are displayed during the Cloudflare onboarding process, as shown here.
Once in your GoDaddy account, navigate over to the domain that you wish to modify and click “Manage DNS”:
Then Scroll down to the Nameservers settings and click change.
Click on “Enter my own nameservers (advanced)”:
Now enter the nameservers that you have copied from your Cloudflare account:
Save the changes and press “Continue” to give consent to update the Nameservers for the domain you have selected.
Step 2: Enable Flexible SSL
At this stage, we recommend enabling Cloudflare’s Flexible SSL, which will start to encrypt traffic between users’ internet browsers and Cloudflare.
To do so, simply head over to the SSL/TLS settings in Cloudflare and make sure that your SSL/TLS encryption mode is “Flexible”:
Additionally, we recommend enabling “Always Use HTTPS” feature in the Edge Certificates tab, so that all HTTP requests to your website will be redirected to the more secure HTTPS protocol.
Step 3: Get Cloudflare Origin Certificate
Next, you will have to create a free TLS certificate signed by Cloudflare to install on your GoDaddy web hosting server.
To do this, go to the “Origin Server” tab under SSL/TLS settings and click on “Create Certificate”
To generate a certificate for your origin server, you will first have to create a private key and a Certificate Signing Request (CSR).
Select “Let Cloudflare generate a private key and a CSR” and set the “Private key type” to “RSA”, as illustrated here:
You should then list all the hostnames, including any wildcards if applicable, that you want the SSL certificate to protect.
We recommend adding “example.com” and “*.example.com” at least if you want to secure all the subdomains in addition to the primary domain.
Adding “*.example.com” will also secure “www.example.com” and all other subdomains.
Just remember to replace “example.com” with your own domain!
Choose how long you want the certificate to be valid for and proceed to the next step.
On the next window, your private key and the certificate will be displayed. Make sure that the “Key format” is set to “PEM (Default)” as shown in the screenshot below:
Note: the Certificate file starts with “—–BEGIN CERTIFICATE—–” while the SSL Certificate Key File starts with “—–BEGIN PRIVATE KEY—–”
We recommend that you save the Certificate and the Key into two separate text documents and keep them somewhere safe.
Do not close the Cloudflare window yet as we will be using the Certificate and the Key soon.
Step 4: Install SSL Certificate on the Website
Next, login into your GoDaddy account and click on “Manage” next to your web hosting plan.
Click on “cPanel Admin” from the top right, as shown below.
Once in cPanel admin area, type in “ssl” into the search bar and click on “SSL/TLS” settings, as demonstrated here:
Now click on “Manage SSL sites”.
Scroll down to the “Install an SSL website section” and select the domain which you want to install the SSL on from the dropdown menu, as demonstrated below:
Now copy the Origin Certificate from Cloudflare and paste it in the “Certificate: (CRT)” field, as shown in the image above.
Similarly, copy the Private Key from Cloudflare and paste it in the “Private Key (KEY)” field.
Scroll down and select “Install Certificate”. This should successfully install the SSL certificate on your website
However, if the SSL installation fails, you may need to add the Certificate Authority Bundle (CABUNDLE). You can get this from: Cloudflare Origin CA – RSA Root.
For your convenience, we are posting it here as well:
Just copy the certificate from above and paste it into the Certificate Authority Bundle (CABUNDLE) field as shown and press “Install Certificate”:
Upon successful installation of the SSL certificate, you will see a message confirming that the Cloudflare SSL certificate has been successfully installed on your GoDaddy website.
Step 5: Enable Full (Strict) SSL in Cloudflare
Now that the Origin Certificate has been installed on the server, we recommend that you enable Full (strict) SSL encryption to ensure end-to-end encryption on your website.
To do this, go to SSL/TLS settings in Cloudflare and select “Full (strict)” encryption mode in the “Overview” tab.
If you have correctly followed the steps above, data sent over your website server is now fully secured with the HTTPS protocol.
If you are having any troubles installing your SSL certificate, we would be more than happy to help. Simply use the contact us button below to reach us.