Question
How to use Cloudflare's Full (Strict) encryption with Plesk?
Answer
There are two possible solutions:
Solution 1. Install a valid, trusted certificate in Plesk, e.g. from Let's Encrypt.
Solution 2. Use Cloudflare's SSL certificate chain by following these steps:
1. Create an Origin CA certificate following Cloudflare instructions.
2. Copy the content of your Private Key and Origin Certificate. Copy the content of Origin CA root certificate as well. It is provided in the Cloudflare instructions on the previous step.
3. In Plesk, go to Domains > example.com > SSL/TLS Certificates > Advanced Settings and click Add SSL/TLS Certificate.
4. Give the certificate a name, then scroll down to the section Upload the certificate as text and paste each content on their respective field:
-
- Private Key > Private key (*.key)
- Origin Certificate > Certificate (*.crt)
- Origin CA Root Certificate > CA certificate (*-ca.crt)
5. Click Upload Certificate.
6. Still in Plesk, go to Domains > example.com > Hosting Settings, scroll down to the section Security, select the newly created certificate in the field Certificate and click OK or Apply to save the changes.
7. Go back to Cloudflare and at SSL/TLS > Overview switch your SSL/TLS encryption mode to Full (strict).