Check domain SSL/TLS
2 min read
Once you add and activate your domain at Cloudflare, you also should check your domain’s SSL/TLS certificate is working correctly. SSL/TLS certificates let websites use For more details on SSL/TLS, refer to the Learning Center.What are SSL/TLS certificates?
https at the start of the URL (instead of http), which is a more secure connection protocol. HTTPS is good for website security, user privacy, SEO, and much more.
By default, Cloudflare issues — and renews — free, unshared, publicly trusted Universal SSL certificates to all domains added to and activated on Cloudflare.
For domains on a full setup1, your domain should automatically receive its Universal SSL certificate within 15 minutes to 24 hours of domain activation2.
This certificate will cover your zone apex (example.com) and all first-level subdomains (subdomain.example.com), as long as your domain or subdomains have proxied DNS records within Cloudflare DNS.
Can you visit your website?
To make sure your website’s SSL/TLS is working correctly, try visiting your website over an HTTPS connection (where you specify the https:// at the beginning of the URL, like https://example.com).
If you have any deeper subdomains (test.www.example.com), also try visiting those over HTTPS (https://test.www.example.com).
Potential issues
Sometimes, domains added to Cloudflare can experience issues in SSL/TLS certificates.
For more details on these errors and how to fix them, refer to the following resources:
ERR_SSL_VERSION_OR_CIPHER_MISMATCHERR_TOO_MANY_REDIRECTS- Cloudflare 5xx errors
- Common SSL/TLS errors
- Universal SSL/TLS certificates
- Cloudflare encryption modes