CloudFlare with SSL

Selecting a CloudFlare Plan
The first step to setting up SSL on your domain using CloudFlare will be to add a paid CloudFlare plan to the domain. CloudFlare will not set up SSL on your domain unless you have a paid plan.


 * 1) Go to the Manage Domains section of the panel.
 * 2) Click the Add New Domain / Sub Domain button near the top of the page, or click the Edit button in the Web Hosting column next to your domain.
 * 3) Confirm that the Enable CloudFlare checkbox is checked.  Two drop-down lists, CloudFlare Account and CloudFlare Subscription, will appear beneath the checkbox once this option has been selected.
 * 4) Select a paid plan from the CloudFlare Subscription drop-down.
 * 1) If you are adding a new domain, scroll down and click the Fully host this domain button,  otherwise, scroll down and click the Change Settings button.

Flexible SSL
Flexible SSL means that visitors to your site will be able to connect using https, but the connection between DreamHost and CloudFlare will not be encrypted.

Flexible SSL will be the default setting for your domain when you add a paid CloudFlare plan to your domain, and no additional setup steps are required.

Full SSL
Full SSL means that the connection between DreamHost and CloudFlare will be encrypted. Follow these steps to set up Full SSL:

Three Steps are Required to Set Up Full SSL:

 * Complete the steps described in Selecting a CloudFlare Plan above
 * Confirm that Secure Hosting has been set up on your domain
 * Use the CloudFlare dashboard to enable Full SSL on your domain

Confirm that Secure Hosting has been set up on your domain:

 * 1) Go to the Manage Domains section of the panel.
 * 2) Look to see if there is an Add button in the Secure Hosting column beside your domain. If there is no Add button, then you already have Secure Hosting on this domain and you can stop here. 
 * 3) Click the Add button in the Secure Hosting column next to your domain.
 * 4) Fill in all the fields, and click the Add now! button.

Use the CloudFlare dashboard to enable Full SSL on your domain:

 * 1) Log in to your CloudFlare account at https://www.cloudflare.com/login. You are navigated to the My Websites page and your domains appear in a list.


 * 1) Click the Gear icon to the right of your domain name, and select CloudFlare settings. You are navigated to the CloudFlare Settings page.
 * 2) Scroll down to find the SSL section.
 * 3) Choose Full SSL from the drop-down to the right of SSL.

Limitations of using CloudFlare with SSL
If any of the following limitations are not acceptable to you, then we apologize, but you will need to disable CloudFlare on the domain to get around these limitations.

Visitors to your site will only ever see the certificate that CloudFlare creates.
The certificate you set up in the DreamHost panel (self-signed, professional, or custom) will NOT be visible to your site visitors if the site is using CloudFlare. CloudFlare always uses a "professional" certificate, but you will not have any control over this certificate.

Visitors will see a certificate that looks like this if they check the info on your site's certificate (regardless of what kind of certificate you have set up in the DreamHost panel):



It may take up to 24 hours for the certificate to be fully set up
Until CloudFlare finishes setting up the SSL certificate for your site, you will see SSL warnings when visiting your site using HTTPS. Once the certificate is set up (which should be within 24 hours), the SSL warnings should go away.

Second level subdomains may have SSL warnings.
This means that if you try to set up SSL and CloudFlare for, you may see warnings like this when visiting the page:



Note: This warning will not appear on first level subdomains like  or  .

You will get SSL warnings if CloudFlare is not enabled on the main domain
If you want SSL to work on any of your subdomains with CloudFlare, you will need to also have your main domain (without any subdomains) also enabled on CloudFlare. This is a limitation imposed by the SSL Certificate provider; without the main domain being on CloudFlare, the certificate will not be valid for the subdomains.

For example, if you want to have SSL enabled on  and use CloudFlare, then you MUST also enable CloudFlare on.