In many of the guides I write for use with CloudPanel I use Cloudflare Origin SSL Certificates. They are easy to create on Cloudflare.com and easy to install on CloudPanel. While you can use Let’s Encrypt SSL certificates with CloudPanel I choose to use Cloudflare Origin Certificate in my guides because they are less prone to mostly user made errors.
Go to Cloudflare.com and log-in to your account. Now in your account overview click on the domain you want to create a Cloudflare Origin Certificate for.
When you are on the domain you want to use click on SSL/TLS in the left menu.
![](https://kronosnxs.dev/wp-content/uploads/2022/10/1-ssl_overview.webp)
Now a new page opens with your SSL/TSL overview, here you will want to put your SSL mode on Full (strict).
![](https://kronosnxs.dev/wp-content/uploads/2022/10/2-ssl_full_strict-1024x436.webp)
Next click on Origin Server in the menu on the left.
![](https://kronosnxs.dev/wp-content/uploads/2022/10/3-cloudflare_origin-1024x478.webp)
Now click on Create Certificate.
![](https://kronosnxs.dev/wp-content/uploads/2022/10/4-cloudflare_create-1024x649.webp)
You can keep all the default settings on the page and click on Create
Cloudflare will now create an SSL Certificate for your main domain and a wildcard for all your subdomains, that will be valid for 15 years.
After you clicked on Create a new page will open up with your certificates. Here you have a drop down box with Key Format, keep the default value.
![](https://kronosnxs.dev/wp-content/uploads/2022/10/5-ssl_save-1024x267.webp)
Next you will have a text area with your Origin Certificate and private key, copy both of them in a notepad file and save them for later use. (When you follow one of the CloudPanel guides on this website you will import these certificates in CloudPanel.)
-----BEGIN CERTIFICATE-----
Lots of characters
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
Lots of characters
-----END PRIVATE KEY-----
Now press Ok. In case you lose your private key you will need to revoke your old certificates and create a new one by following above guide. So again keep your certificate and especially your private key safely stored in a notepad file.