mirror of https://gitlab.com/curben/blog
post: add cf origin cert screenshot
This commit is contained in:
parent
2cb3265db9
commit
1e1aa0f471
|
@ -146,7 +146,7 @@ I'm using "Full (strict)" mode which requires either origin cert or a valid cert
|
||||||
|
|
||||||
Generate and download the cert from Cloudflare Dash -> SSL/TLS -> Origin Server -> Create Certificate. You can choose the validity from 1 week to 15 years. I choose 1 year so I need to repeat this process every year. Make sure you have both certificate (.pem) and private key (.key).
|
Generate and download the cert from Cloudflare Dash -> SSL/TLS -> Origin Server -> Create Certificate. You can choose the validity from 1 week to 15 years. I choose 1 year so I need to repeat this process every year. Make sure you have both certificate (.pem) and private key (.key).
|
||||||
|
|
||||||
![Cloudflare Origin Certificate](/cloudflare-origin-cert.png)
|
![Cloudflare Origin Certificate](20200314/cloudflare-origin-cert.png)
|
||||||
|
|
||||||
I also use Authenticated Origin Pull which utilize TLS client authentication. A client must present a client certificate that is signed by a private key; in this case, it is signed by Cloudflare itself. The client certificate can be verified using Cloudflare's public key available [here](https://origin-pull.cloudflare.com/).
|
I also use Authenticated Origin Pull which utilize TLS client authentication. A client must present a client certificate that is signed by a private key; in this case, it is signed by Cloudflare itself. The client certificate can be verified using Cloudflare's public key available [here](https://origin-pull.cloudflare.com/).
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue