Cloudflare Wildcard SSL certificates are required to establish an encrypted HTTPS connection for a single domain and all of its subdomains. Bobcares, as part of our Server Management Service offers solutions to every query that comes our way.

Cloudflare Wildcard SSL | Setup Guide

SSL, or Secure Sockets Layer, is an Internet security technology that uses encryption. SSL is only available to websites that have an SSL certificate. One such certificate is a wildcard SSL certificate.

Wildcard SSL certificates are valid for a single domain and all of its subdomains. A domain contains a number of subdomains. The SSL certificate will include any subdomains. Users can view a list of subdomains protected by a certain certificate by clicking on the padlock in their browser’s URL bar, then on “Certificate” (in Chrome) to read the certificate’s details.

How To Setup The Cloudflare Wildcard SSL?

Pre-requisites

• A Cloudflare account that already has a website and a domain pointed to the Cloudflare nameservers.
• An Ubuntu Linux server with NGINX installed and configured.

To Setup The Cloudflare Wildcard SSL, our Support team suggest to carry out the following steps:

1. Firstly, launch the web browser and log in to the Cloudflare dashboard.
2. Now locate the site from the account domain list.
3. Then click on SSL/TLS tab.
4. Navigate to the Origin Server and click the Create Certificate button. The default options are already set to generate a wildcard certificate for the domain with 15 years of validity. Keep the default options.
5. Click on the Create button at the lower-right corner of the page to generate the certificate.
6. Save the private and public keys first with the GNU nano text editor before adding the newly created certificate to the Linux system. We must save the key files one at a time because there are two keys to save.

   Open a terminal, then run the first command below to create and open the public key file (nginx-test.adamlistek.me.crt) in nano. Return to Cloudflare and copy the Origin Certificate Public key by selecting the Copy option. Then, using Ctrl+U, paste the public key copied into the public key file opened in nano. Save the changes (Ctrl+O) and leave nano (Ctrl+X).

   Also, repeat the procedure to create private key file (nginx-test.adamlistek.me.key).

   # The public key, under the Origin Certificiate section
    nano /etc/ssl/certs/nginx-test.adamlistek.me.crt
   # The private key, under the section of the same name
    nano /etc/ssl/private/nginx-test.adamlistek.me.key
7. Now point NGINX to the location of the certificates by modifying the test.adamlistek.me.conf configuration file with the below lines, modified to support the domain.

    ssl_certificate /etc/ssl/certs/nginx-test.adamlistek.me.crt;
    ssl_certificate_key /etc/ssl/private/nginx-test.adamlistek.me.key;
8. Restart NGINX with the following command to apply the new certificates.

   service nginx restart
9. Finally, update the SSL/TLS encryption mode by clicking on Full (strict) by going back to the SSL/TLS tab in Cloudflare.

[Looking for a solution to another query? We are just a click away.]

Conclusion

Our Support team went over the setup details of Cloudflare Wildcard SSL, including public key and private key generation process.