Let’s Encrypt is a free and open-source certificate authority organization offering SSL certificates to various websites. When there’s a mismatch between Let’s Encrypt and Cloudfare, you’re likely going to run into connection issues. In this article, learn how to best use Let’s Encrypt with Cloudflare.
To begin using Let’s Encrypt SSL certs, you must have it installed on the server.
SSL Mode in Cloudflare Account
If you haven’t already, sign up for a Cloudflare account. It is a Content Delivery Network that delivers your website or app content to internet users located anywhere in the globe. Then, generate a Let’s Encrypt x3 cert on the server.
If you select the incorrect SSL mode in Cloudflare, you’re likely to see an invalid SSL cert. And it will not load either.
Thus, you need to ensure the correct SSL mode is set in Cloudflare. There are multiple modes to choose from including:
After you’ve selected the appropriate SSL mode, you’d have to enable HSTS, which is HTTP Strict Transport Security. So enable HSTS before proceeding further. Check the “I understand” section and click on “Next”.
You’ll be presented with popup box where you’d have to set values as per the following:
That’s the right way to use Let’s Encrypt with Cloudflare. The setting changes will prevent any downtime as much as possible. After implementation, the data will be transferred using HTTPS via Let’s Encrypt.
For further information, contact your hosting provider.
To begin using Let’s Encrypt SSL certs, you must have it installed on the server.
SSL Mode in Cloudflare Account
If you haven’t already, sign up for a Cloudflare account. It is a Content Delivery Network that delivers your website or app content to internet users located anywhere in the globe. Then, generate a Let’s Encrypt x3 cert on the server.
If you select the incorrect SSL mode in Cloudflare, you’re likely to see an invalid SSL cert. And it will not load either.
Thus, you need to ensure the correct SSL mode is set in Cloudflare. There are multiple modes to choose from including:
- Off
- Flexible SSL
- Full SSL
- Full SSL (Strict)
- First, select the domain you want to use the SSL certificate for.
- Then navigate into the Crypto section from the top menu in Cloudflare.
- Find SSL, and select the mode you want.
- Scroll all the way down till you see Always use HTTPS. Set it ON.
After you’ve selected the appropriate SSL mode, you’d have to enable HSTS, which is HTTP Strict Transport Security. So enable HSTS before proceeding further. Check the “I understand” section and click on “Next”.
You’ll be presented with popup box where you’d have to set values as per the following:
- Max-age: 3 months
- Apply HSTS policy to subdomains: Off
- Preload: Off
- Set Minimum TLS Version to TLS 1.2
- Set Opportunistic Encryption to ON
- Set TLS 1.3 to Enabled
- Set Automatic HTTPS Rewrites to ON
That’s the right way to use Let’s Encrypt with Cloudflare. The setting changes will prevent any downtime as much as possible. After implementation, the data will be transferred using HTTPS via Let’s Encrypt.
For further information, contact your hosting provider.
