Welcome to the Let's Encrypt Community, Girish 
When you use Cloudflare, your visitors connect to Cloudflare's network (not your server), which serves Cloudflare's certificate to your visitors. Cloudflare then connects to your server, which serves a certificate to Cloudflare. If you use Cloudflare's Full SSL option, your server can serve Cloudflare a self-signed certificate (not recommended). If you use Cloudflare's Full (strict) SSL option, your server must serve Cloudflare either a Cloudflare Origin CA certificate or a certificate issued by a trusted CA (like Let's Encrypt). I highly recommend using a Cloudflare Origin CA certificate because it lasts much longer than a Let's Encrypt certificate and is very easy to manage through Cloudflare.
https://support.cloudflare.com/hc/en-us/articles/115000479507
For Cloudflare:
Use the following link and set to TLSv1.2 or TLSv1.3:
https://dash.cloudflare.com/redirect?zone=ssl-tls/edge-certificates
For your server:
Open /etc/letsencrypt/options-ssl-apache.conf with a text editor using root (for example: sudo nano /etc/letsencrypt/options-ssl-apache.conf). Modify according to the following then reload apache. You may have some of the directives cited below in multiple configuration files, so be sure to check.
SSLEngine on
# Comment out the existing line:
# SSLProtocol all -SSLv2 -SSLv3
# Add a new line:
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
#Comment out the existing line:
# SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305 .....
# Add a new line:
SSLCipherSuite HIGH:!aNULL:!MD5:!3DES
SSLHonorCipherOrder on
SSLCompression off