Skip to main content

Cloudflare

Source: https://cloudflare.com (managed service)
Alternatives: Let's Encrypt + self-hosted DNS, Bunny DNS, Route 53

DNS and domain management for external access.

DNS

Set up services you want exposed to the internet:

Cloudflare proxy (your home external IP is not exposed)
Cloudflare Origin Certificate (see below)
By specific subdomain, or wildcard

SSL Certificate

Set SSL/TLS encryption

Go to SSL/TLS for your domain
Set encryption to Full (strict)

Generate an Origin Certificate

Go to the dashboard → ellipses for your domain → Configure SSL/TLS
Under SSL/TLS → Origin server → Create Certificate
Use defaults & 15 years
Save the cert to ./cloudflare.pem and key to ./cloudflare-key.pem

DNS
SSL Certificate
- Set SSL/TLS encryption
- Generate an Origin Certificate