How do I get an SSL certificate installed?
Last Updated -
The use of SSL certificates are allowed on business plans or higher.
You'll need to open a support ticket requesting us to generate a CSR (Certificate Signing Request).
We need the following to generate a CSR for you:
1. Exact Domain (www. or non www.):
2. Organization Name:
3. Organization Department (Optional):
4. City, State/Province and Country:
Once we have the information needed, we'll provide the CSR to have your preferred third-party certificate provider create the SSL certificate. Just send us the SSL certificate files (usually in ZIP format) and we'll get it installed.
When prompted for web server type from your certificate provider, please choose Apache + ModSSL
If additional host names are desired within your SSL certificate, consult your SSL provider about Multi-Domain, or SAN certificates. They will need to be applied by your provider.
NOTE: If you already have a existing certificate active somewhere else, we'll just need the certificate files and associated private key. If you do not have access to the private key, then we'll need to generate a new CSR for you so you can have the active certificate re-keyed/re-issued with the updated CSR.
You'll probably want to use a HTTPS CDN URL too.
You also may want to check out this article on the use of SNI on your site: Dedicated IP addresses and SNI
Let's Encrypt Certificates
We can support the use of Let's Encrypt certificates right now but that needs to be manually generated on your end. If you want to go that route, we'll just need the key and associated certificate(s) files and you'll need to provide the updated files once the current certificate expires in 90 days.
We have fully automated support for Let's Encrypt certificates on our road map but do not have a firm ETA as to when that will be available. In the meantime, we ask that you keep the LE certificates to a minimum until we have the proper setup to support it correctly.
CloudFlare Origin Certificates
The use of CloudFlare Origin Certificates on the server is not a setup we recommend since the use of such certificates are entirely dependent on CloudFlare's services. Per their documentation:
Cloudflare Origin CA Certificate is only trusted by Cloudflare and therefore should only be used by origin servers that are actively connected to Cloudflare. If at any point you pause or disable Cloudflare, your Origin CA certificate will throw an untrusted certificate error.
We recommend using a commercial SSL certificate. We can install CloudFlare Origin certificates with the understanding you (or your team) would have to manage the CloudFlare services accordingly.