cPanel & WHM

How To Install A Cloudflare Origin SSL Certificate In cPanel

Free SSL Certificates from places like cPanel or Let’s Encrypt are great. When Let’s Encrypt first introduced free SSL Certificates it was revolutionary. Everyone who owned a website saved at least $10 a year by using these free SSL Certificates. Unfortunately, they expire every three months which is annoying. If you use Cloudflare, you can use a free Cloudflare Origin SSL in cPanel which is valid for 15 years. You don’t need to worry about renewals or making sure all of your DNS entries are correct for the renewal on your NVMe VPS Server. Plus, you can take advantage of Cloudflares security to protect your server and website.

Create cPanel Cloudflare Origin SSL Certificate

First, create an origin certificate in Cloudflare. This is a self-signed certificate. In Cloudflare for your domain name click SSL/TLS then, Origin Server. Click Create to create a certificate.

There are some things to note before installing the Cloudflare Origin Certificate on this screen. For cPanel, make sure your key is generated in RSA format. Like your hostnames in the next section. You have double-barrel hostnames like in the example (, these are not covered by the wildcard. You MUST list them like we have. Set the expiry date for 15 years and click Create.

Copy Certificate & Private Key

So, on the next page, you will now see your certificate and private key. Copy each certificate to its own text document on your local device. Download the signed CA from Cloudflare. Now you have three files. The certificate & private key and the signed CA.

Install Cloudflare Origin SSL In cPanel

To install the new certificates we use WHM. Login as root and click “Install an SSL Certificate on a Domain“. On the next page, you will see three boxes. So here we need to paste the files we got from Cloudflare. The certificate goes in the top box, the private key in the middle box and the CA you got in the previous step in the bottom box. Click to install the SSL.

That’s it. Now ensure in Cloudflare on the SSL/TLS screen that your settings are set to either Full or Full Strict. You are now benefiting from all of the security advantages of cPanel and no one can bypass these like when using the Flexible setting.

But remember to check the certificate is installed correctly using an SSL Checker like

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button