Web Hosting Knowledge Base Web Hosting Knowledge Base
  • Home
Get Started
Web Hosting Knowledge Base Web Hosting Knowledge Base
Get Started
Web Hosting Knowledge Base Web Hosting Knowledge Base
  • Home
loading
  1. Home
  2. Add on Services
  3. Setting up Let's Encrypt and Cloudflare Universal SSL for end-to-end encryption
Updated on June 21, 2024

Add on Services

  • Folder icon closed Folder open iconHow to back up your data using Dropmysite
  • Folder icon closed Folder open iconHow to monitor blacklisted sites using Dropmysite
  • Folder icon closed Folder open iconHow to maximize Dropmysite backup storage space
  • Folder icon closed Folder open iconHow to restore your data using Dropmysite
  • Folder icon closed Folder open iconWhat is the Cloudflare CDN?
  • Folder icon closed Folder open iconHow to activate Cloudflare
  • Folder icon closed Folder open iconUsing SSL with Cloudflare
  • Folder icon closed Folder open iconTroubleshooting Cloudflare connections
  • Folder icon closed Folder open iconHow to use Cloudflare to defend against DDoS attacks
  • Folder icon closed Folder open iconSetting up Let's Encrypt and Cloudflare Universal SSL for end-to-end encryption
  • Folder icon closed Folder open iconHow to turn off Cloudflare temporarily for maintenance or development
  • Folder icon closed Folder open iconSetting up cPanel SSL and Cloudflare Universal SSL for end-to-end encryption
  • Folder icon closed Folder open iconHow to troubleshoot SSL certificate renewals for Cloudflare-enabled domains
  • Folder icon closed Folder open iconHow to clear the Cloudflare cache
  • Folder icon closed Folder open iconDiscontinuation of Cloudflare CDN cPanel and Plesk plugins
  • Folder icon closed Folder open iconHow to configure DNS records for email in Cloudflare
  • Folder icon closed Folder open iconRefer-a-friend program
  • Folder icon closed Folder open iconAffiliate program information
  • Folder icon closed Folder open iconHow to use the QUIC.cloud CDN with WordPress
  • Folder icon closed Folder open iconUsing Cloudflare
  • Folder icon closed Folder open iconSecure Sockets Layer (SSL) certificates information
  • Folder icon closed Folder open iconWHMCS hosting information
  • Folder icon closed Folder open iconHow to become a domain and SSL reseller with eNom
  • Folder icon closed Folder open iconHow to activate an SSL certificate as an eNom reseller
  • Folder icon closed Folder open iconHostvento Hosting promotions
  • Folder icon closed Folder open iconHow to order a cPanel license
  • Folder icon closed Folder open iconHow to configure OpenSRS access for WHMCS
  • Folder icon closed Folder open iconHow to sign up for a MailChimp account
  • Folder icon closed Folder open iconDropmysite cPanel plugin
  • Folder icon closed Folder open iconHow to order a WHMCS license
  • Folder icon closed Folder open iconHow to order a Blesta license
  • Folder icon closed Folder open iconHow to reset the administrator password in WHMCS
  • Folder icon closed Folder open iconHow to remove a banned IP address in WHMCS
  • Folder icon closed Folder open iconQUIC.cloud

Setting up Let's Encrypt and Cloudflare Universal SSL for end-to-end encryption

Estimated reading: 5 minutes 148 views

Cloudflare offers SSL for all sites, but Cloudflare SSL only encrypts the connection from the visitor to Cloudflare. This article shows how to provide full, end-to-end encryption for the entire connection from the visitor to the server.

For information about how to activate Cloudflare for your account, please see this article. For detailed information about how to configure Cloudflare settings, please see the Cloudflare documentation.Table of Contents

  • Step 1: Set up the domain
  • Step 2: Verify the Let’s Encrypt certificate has been issued
  • Step 3: Configure Cloudflare
  • Step 4: Update nameservers and verify
  • More Information

Step 1: Set up the domain

In order to complete the setup process correctly, Let’s Encrypt requires the domain to resolve to the server IP address. If the domain does not resolve to the server IP address, update the domain name servers to the designated Hostvento Hosting nameservers for your account. For more information about setting name servers, please see this article.

Please note that Hostvento Hosting, in order to provide consistent and reliable user experience, is switching from Let’s Encrypt to cPanel SSL for all newly provisioned accounts. Existing accounts will also make the change to cPanel SSL certificates in the near future. The certificates are equivalent in terms of trust level, validity, and how they are used. You should see no impact on your site, and the only difference is that the padlock in your browser will say “cPanel Inc” instead of “Let’s Encrypt.”

Step 2: Verify the Let’s Encrypt certificate has been issued

To verify the Let’s Encrypt certificate has been issued for the domain, follow these steps:

  1. Log in to cPanel.If you do not know how to log in to your cPanel account, please see this article.
  2. Open the SSL/TLS Status tool:
    • If you are using the Jupiter theme, on the Tools page, in the Security section, click SSL/TLS Status:cPanel - Security - SSL/TLS Status icon
    • If you are using the Paper Lantern theme, in the SECURITY section of the cPanel home page, click SSL/TLS Status:
      cPanel - Security - SSL/TLS Status icon
  3. On the SSL/TLS Status page, locate the domain in the Domain column.
  4. To the right of the domain is a green lock symbol with the label AutoSSL Domain Validated. If the lock symbol is not green or does not appear, the certificate is not installed.
    Symbol for AutoSSL Domain ValidatedAlternatively, you can use an external validation tool like https://www.sslshopper.com/ssl-checker.html to check the SSL certificate.

Step 3: Configure Cloudflare

To sign up and configure Cloudflare for your domain, follow these steps:

  1. Go to https://www.cloudflare.com, and then click Sign Up. A new page appears:Cloudflare create account dialog
    • In the Email text box, type an e-mail address.In the Password text box, type a password.Click Create Account to continue.
    If you already have a Cloudflare account, you do not need to follow this step. Log in to Cloudflare with your existing account instead.
  2. The Welcome to Cloudflare page appears. At the top of the page, click Add site.
  3. On the next page, in the Enter your site text box, type your domain name, and then click Add site:
  4. On the next page, select a plan, and then click Continue. Cloudflare scans the domain’s DNS records.
    If you are unsure which plan to use, start with the Free plan.
  5. DNS analysis results appear on the next page. Review the information and correct any errors. When you are done, click Continue.
  6. The next page displays the nameservers to use for your domain. Make a note of the nameservers, and then click Done, check nameservers.
  7. The Overview page appears. Click the SSL/TLS icon, and then click the Full or Full (strict) radio button on the SSL/TLS page:
    • Full (strict) mode requires that the domain have a valid certificate issued by a recognized certificate authority (CA), such as Sectigo.
    • If you use Full (strict) mode, you may need to temporarily disable it (for example, by enabling Full mode) when renewing a Sectigo SSL certificate. Doing this ensures that the domain verification procedure runs correctly.

Step 4: Update nameservers and verify

To update the nameservers and verify the configuration, follow these steps:

  1. Use the control panel at the domain’s registrar to change the nameservers to those provided by Cloudflare.
  2. After 24 hours, verify the changes. The domain should resolve to Cloudflare IP addresses and the SSL certificate should be the Cloudflare Universal SSL certificate (sni.cloudflaressl.com).

More Information

Using Let’s Encrypt with Cloudflare SSL is a great way to add security to a site quickly and at no cost. However, it may be more convenient to use a traditional CA-issued certificate. For a more complete discussion of the differences between Let’s Encrypt and other SSL certificates, please see this article.

Still stuck? How can we help?

How can we help?

Was this page helpful? Yes No

Share this Doc

Setting up Let's Encrypt and Cloudflare Universal SSL for end-to-end encryption

Or copy link

Clipboard Icon
CONTENTS
  • Step 1: Set up the domain
  • Step 2: Verify the Let’s Encrypt certificate has been issued
  • Step 3: Configure Cloudflare
  • Step 4: Update nameservers and verify
  • More Information
Leaf Illustration

© 2023 All Rights Reserved by Hostvento