This topic explains how to set up an SSL-enabled custom domain using CloudFlare, a content distribution network. We recommend using CloudFlare if you want to use SSL with a custom domain.
What is CloudFlare?
CloudFlare is a caching and security-as-a-service provider that protects and accelerates online websites. Web traffic is routed through CloudFlare’s global network. This accelerates delivery of static and dynamic content, while blocking threats and limiting abusive bots and crawlers from wasting your bandwidth and server resources.
CloudFlare’s SSL termination proxy decrypts incoming SSL traffic and can pass on unencrypted or fully encrypted requests to the app server. Adding your website requires changes to your domain’s DNS settings. SSL termination is available with any of the CloudFlare plans, including the Free plan.
Before setting up your custom domains to be SSL-Enabled using CloudFlare, you must do the following:
Your domain must be registered with a DNS registrar. To complete this procedure, you must have access to the DNS registrar for the domain.
Note: You do not need to change DNS registrars. The only change you make with your registrar is to point the authoritative nameservers to CloudFlare’s nameservers.
You must have a CloudFlare account. If you do not have one, you can sign up for one at https://www.cloudflare.com/plans.
Please follow the steps below:
Add Domain to CloudFlare
On the Add your site page, enter the name of your custom domain and click Add Site. CloudFlare queries authoritative DNS servers for the DNS record registered for the domain.
- After you add your site, the following page is shown:
- Select a plan for your domain:
- Choose Free or Pro to have CloudFlare generate an SSL certificate for communications between browsers and the CloudFlare proxy.
Configure DNS Records
The DNS query results page lists the records obtained from the authoritative DNS servers for your domain.
Verify that in the row containing your domain name the cloud icon in the Status column is orange:
Use the Add Record button to define additional records such as
CNAME and A records.
- Enter 'www' as Host and "YOUR CUSTOM DOMAIN" as Value. If your website is hosted on the custom domain and you want to use a subdomain, enter the subdomain name as Host instead of www.
- Create an 'A' record using "YOUR CUSTOM DOMAIN" as Host and "22.214.171.124" as value. Save and delete other records CNAME and A records.
The Change your Nameservers page lists your current nameservers and the CloudFlare nameservers to replace them with.
Use the provided URLs to update the nameserver settings for your domain with the authoritative server for your domain, such as your ISP.
Verify Crypto Settings
Select the Crypto tab from the top navigation bar:
- Verify that Full SSL is selected as your SSL setting:
- Scroll down and verify that Always Use HTTPS is set to On:
Change Registrar DNS settings
1. Replace the Nameservers in your registrar dashboard with Cloudflare's Name servers as instructed when done with the above.