Cloudflare offers a couple of settings related to SSL and TLS for your domain. This article covers the frequently asked questions about this.
Almost. At the bare minimum, you’ll need a self-signed certificate on the origin, which we provide for free. Go to the SSL settings for your site in the Servebolt Control Panel to generate a free self-signed certificate.
Once the certificates are activated, you must head over to Cloudflare’s Dashboard and click the “SSL/TLS” tab on your left side. You select the “Full” setting to activate a fully secure and encrypted connection to your site. 
Yes, you can. A subdomain like sub.sub.example.com will work with Cloudflare just fine, but you can’t use a self-signed certificate. Cloudflare does not support that. You’ll need to purchase a certificate for your site to make this work.
Yes! Cloudflare offers an option that will rewrite your internal content, images, for example, that are served over HTTP while your site is served over HTTPS. Mixing the two will deliver insecure content inside a secure container and thus render it insecure again.
Luckily, Cloudflare offers a super simple solution for this. Head on over to your SSL/TLS settings tab and turn this option on:
Yes, it can. There are two fixes for this. The first option is a half-measure, but it might just be the fix for you. The second option is the best solution.
1. Navigate to your SSL/TLS tab of your site in your Cloudflare dashboard and change the following setting to the minimum value of TLS 1.2
Be sure also to turn on this option:
2. Upgrade your Cloudflare Free plan to a Cloudflare Pro plan.
If you haven’t yet, be sure to check out our article on how to add Cloudflare to your (WordPress) site.
