My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
Ubuntu 22.04.1 LTS
My hosting provider, if applicable, is:
Oracle Cloud Infrastructure (OCI)
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):
After a lot of reading, trial and error, I have managed to have my site served with caddy, a Let'sEncrypt certificate and at the same time be proxied by Cloudlfare
I would like to ask what the optimal Cloudlfare SSL settings for a Let'sEncrypt certificate are.
- Should I disable Cloudflare's Universal SSL?
From what I understand, if you make your website work with Cloudflare's SSL Strict setting, everything is being handled by your server (what Cloudflare calls Origin Server)
Currently, all my HSTS, no-sniff etc settings are being handled by my webserver correctly.
- Do I still need to have them enabled on Cloudflare's Edge Certificates?
Since the Let'sEncrypt certificate handles all my traffic,
- do I still have to enable Cloudflare's Authenticated Origin Pulls?
I am including screenshots of the relevant settings and a couple of SSL links FYI.
Since only 1 image is allowed to be attached, the rest of my screenshots for the related Cloudflare settings can be found here: