Cloudflare Docs
Learning Paths
Edit this page
Report an issue with this page
Log into the Cloudflare dashboard
Set theme to dark (⇧+D)

Check domain SSL/TLS

  2 min read

Once you add and activate your domain at Cloudflare, you also should check your domain’s SSL/TLS certificate is working correctly.

What are SSL/TLS certificates?

SSL/TLS certificates let websites use https at the start of the URL (instead of http), which is a more secure connection protocol. HTTPS is good for website security, user privacy, SEO, and much more.

For more details on SSL/TLS, refer to the Learning Center.

By default, Cloudflare issues — and renews — free, unshared, publicly trusted Universal SSL certificates to all domains added to and activated on Cloudflare.

For domains on a full setup1, your domain should automatically receive its Universal SSL certificate within 15 minutes to 24 hours of domain activation2.

This certificate will cover your zone apex ( and all first-level subdomains (, as long as your domain or subdomains have proxied DNS records within Cloudflare DNS.

  1. The most common Cloudflare setup that involves changing your authoritative nameservers. ↩︎

  2. Provisioning time depends on certain security checks and other requirements mandated by Certificate Authorities (CA). ↩︎

​​ Can you visit your website?

To make sure your website’s SSL/TLS is working correctly, try visiting your website over an HTTPS connection (where you specify the https:// at the beginning of the URL, like

If you have any deeper subdomains (, also try visiting those over HTTPS (

​​ Potential issues

Sometimes, domains added to Cloudflare can experience issues in SSL/TLS certificates.

For more details on these errors and how to fix them, refer to the following resources: