godaddy & cloudflare free ssl

if you happen to try out godaddy for your hosting like i did, you will notice that unlike (most) other providers it doesn’t come with an easy solution for let’s encrypt.
as to make your website secure there’s an free option coming from cloudflare that let’s you set up your free ssl in just a few easy steps.

step 1
create an account if you haven’t already

step 2
after validating your account simply click on the button “add a site”, type in your domain and click “add site”

step 3
next you chose the “free” plan and click “confirm plan”

step 4
once chosen the plan cloudflare will scan your dns records and list them for you, just continue to the next page where you will find your cloudflare nameservers that you’ll copy for the next step.

step 5
open a new tab, log in to your godaddy account and navigate to the dns section ( here you can chose “own nameserver **” and paste said cloudflare nameservers. after you’ve saved them head back to cloudflare and click “done, check nameservers”

step 6
for now we’ll keep the ssl/tls encryption mode to “flexible”, turn on “always use https” and click “done”.

step 7
after being redirected to the dashboard you can click “re-check now” and reload the page. dns changes usually take some time so don’t worry if it doesn’t work right away.

step 8
now you go to the “ssl/tls” section of the cloudflare dashboard and change the ssl/tls mode to “full (strict)” since godaddy doesn’t seem to support standard “full”.

step 9
after that click the “origin server” tab and “create certificate”. you can leave the settings to default and click “next”, same goes for key format.
you’ll now be presented your origin certifcate

step 10
open your cpanel in a new tab and navigate to “security > ssl/tls” where you chose “manage ssl sites”.
scroll down to “install ssl sites” and select your domain.

step 11
for “certificate: (crt)” you copy “origin certificate” from cloudflare including “— begin certificate —” and “— end certificate —“
same goes for “private key” where you’ll paste “private key” from cloudflare including “— begin private key —” and “— end private key —“.

step 11.1 (optional)
you can also provide an optional “certificate authority bundle (cabundle)”. in this case copy the content of “cloudflare origin ca – rsa root” and paste in the cabundle field.

step 12
finally just click “install certificate” and it should show you that it installed successfully. that’s it.

step 13
head back to your website and open with https to check if it has worked, changes also might take a bit.

that’s it, you’re all ready to go. If you happen to have a cms running (e.g. wordpress) remember to replace your address in the general settings.

** be aware, that from now on all of your dns records will be managed from your cloudflare account