How does Cloudflare work with Let's Encrypt SSL?
With Cloudflare proxy, there are two SSL layers: client to Cloudflare (Cloudflare's SSL) and Cloudflare to your server (Let's Encrypt). Use Full (strict) mode. For certbot renewal, use DNS-01 challenge, or temporarily disable proxy, or use Cloudflare Origin Certificate (free, 15-year validity).
Verify This Answer
Cross-check this information using these trusted sources:
More FAQs in Using Cloudflare for DNS and CDN Free Performance and Security for Node.js
DNS management, CDN (caches static assets globally), DDoS protection, free SSL certificate, firewall (block by IP/country), analytics, Page Rules (redirect, cache, secure URLs), and Brotli compression. The free plan is sufficient for most Node.js projects.
Create a Cloudflare account, add your domain, Cloudflare scans existing DNS records and gives you nameservers, update nameservers at your registrar, configure DNS records in Cloudflare (proxied for CDN features), and set SSL to Full (strict) if you have Let's Encrypt on your origin.
Proxied (orange cloud) routes traffic through Cloudflare, providing CDN caching, DDoS protection, SSL, and firewall. DNS only (gray cloud) just resolves the DNS, and traffic goes directly to your server without Cloudflare features.
Still have questions?
Browse all our FAQs or reach out to our support team
