Advanced certificates
Use advanced certificates when you want something more customizable than Universal SSL but still want the convenience of SSL certificate issuance and renewal.
To order advanced certificates you must purchase the Advanced Certificate Manager add-on, which also includes other features.
Advanced Certificate Manager allows you to:
- Order advanced certificates that can:
- Include the zone apex and up to 50 hosts as covered hostnames.
- Cover more than one level of subdomain.
- Be issued by the certificate authority (CA) you choose.
- Use your preferred validation method.
- Have the validity period you choose.
- Use delegated DCV to delegate the DCV process of your partial zones to Cloudflare.
- Enable Total TLS to automatically protect proxied hostnames.
- Select a custom trust store for origin authentication.
- Control cipher suites and per-hostname minimum TLS version.
| Free | Pro | Business | Enterprise | |
|---|---|---|---|---|
Availability | Paid add-on | Paid add-on | Paid add-on | Paid add-on |
Advanced certificates are not used with Cloudflare Pages nor R2 due to certificate prioritization. Both Pages and R2 custom domains use Cloudflare for SaaS certificates.
Advanced certificates are Domain Validated (DV). If your organization needs Organization Validated (OV) or Extended Validation (EV) certificates, refer to Custom certificates.
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Products
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark
-
