I'm hosting a site on an nginx server that uses LetsEncrypt certificates. I tried to put the server behind Cloudflare but the site isn't loading. https://blog.cloudflare.com/cloudflare-ca-encryption-origin/ makes it looks like you don't need LetsEncrypt in this case?
I'm not really understanding how it works. Cloudflare encrypts traffic between the browser and themselves using their own certificate. But it can't encrypt the traffic between itself and our server because it doesn't have the LetsEncrypt private key we used to generate the certificate? Is that why it isn't working?
If I install their CA origin certificate in nginx then what's happening? They are decrypting the traffic between the browser and them, then encrypting it again to go to our nginx server? Or is it encrypted throughout?
If you want to use Cloudflare then they can always see the unencrypted traffic even if you're somehow using LetsEncrypt, or is there some way to prevent that?
What are the options available? Is there a way to keep using LetsEcnrypt certificates on nginx or do we have to switch to using Cloudflare's? What are the pro/cons in choosing one or the other?
I've never been a customer of Cloudflare, so I don't know what features they offer. Still I do know some of the inner workings of the protocols and believe to have some picture on what they do.
If Cloudflare encrypts traffic between the browser and themselves (which they can certainly do), the remaining question is: How is the traffic secured between Cloudflare's server and your server?
The most logical solution to this is to employ server-side Split TLS, which is probably what they're doing (it matches precisely with their concept of "Origin certificates").
The way this works is by establishing two separate TLS connections: The browser connects to their server, with a TLS session only between them. Cloudflare then establishes a "backend" TLS connection to your server. This second TLS session is invisible to the browser and is only between you and Cloudflare. You already got this concept:
Yes, I believe this is what they do. They terminate TLS on their end and then forward any non-cached data to your server, by re-encrypting it using a new TLS session to your server.
This is also the reason why they have their own untrusted Origin CA: Their servers are configured to trust these certificates, while your browser would reject them. But as your browser never sees them, it doesn't matter. The certificate installed on your server is only used for encrypting traffic between Cloudflare and you.
I don't know which modes they offer, maybe they offer a mode where TLS is terminated on your side. But I believe they have features like a Web Application Firewall, which will definetly require them to decrypt traffic on their side, as they can't check content otherwise.
You can probably still continue using LE, as Cloudflare will trust these certificates, therefore the connection between Cloudflare and your server is secured in the same way as if using Origin CA certificates. But their origin certificates probably have many benefits (I would presume that their certs are both easy to obtain and long-lived), so using Let's Encrypt in this scenario does not have any advantages - the browser will never see this certificate.
@Nummer378's comments are correct and guesses are correct too.
Just to clarify a few things:
You do not need to use LetsEncrypt if using Cloudflare, you can just use their Origin certificates. If you think you may drop Cloudflare or unproxy Cloudflare at times (for example debugging or emergency triage when you need to avoid their network; and you toggle that on/off with a button on their DNS panel), using a LetsEncrypt certificate obtained by DNS-01 authentication can be useful. [sidenote: I am not sure if Cloudflare cares if a LetsEncrypt certificate is expired or not. ]
Cloudflare's origin certificates are very useful because they are valid for 15 years by default. You can shorten then manually to several days, but I think that must be done via their API. The Cloudflare origin certificates are not trusted by any browsers or operating systems, only the Cloudflare network. The origin certificate is used to encrypt traffic between your server and their servers, and they re-encrypt the traffic using a publicly trusted certificate between their servers and your visitors.
If you are not worried about the things I mentioned above, you can just use Cloudflare's origin certificate and then never worry about LetsEncrypt, renewals or ACME challenges - their certificate is valid for 15 years and their platform handles everything else automatically for you. It is considerably easier to manage.
Full ensures a secure connection between both the visitor and your Cloudflare domain and between Cloudflare and your web server.
The Full SSL option does not validate SSL certificate authenticity at the origin. A self-signed certificate is allowed at the origin web server.
To avoid 525 errors, before enabling Full SSL option, configure your origin web server to allow HTTPS connections on port 443 and present either a self-signed SSL certificate, a Cloudflare Origin CA certificate, or a valid certificate purchased from a Certificate Authority.
Full (strict) ensures a secure connection between both the visitor and your Cloudflare domain and between Cloudflare and your origin web server. Full (strict) support SSL hostname validation against CNAME targets.
Configure your origin web server to allow HTTPS connections on port 443 and present either a Cloudflare Origin CA certificate or a valid certificate purchased from a Certificate Authority. This certificate must be signed by a Certificate Authority that is trusted by Cloudflare, have a future expiration date, and cover the requested domain name (hostname).
The Full (strict) SSL option checks for SSL certificate validity at the origin web server. A self-signed certificate cannot be used. A Cloudflare Origin CA certificate or valid certificate purchased from a Certificate Authority is required to avoid 526 errors.
