Enable Universal SSL
Authoritative (Full) domains
For an authoritative or full domain — domains that changed their domain nameservers – Universal SSL requires two steps:
- Once you change your domain nameservers, your domain should receive its Universal SSL certificate within 24 hours. For more technical details, see Validating.
- Your SSL/TLS mode defaults to Flexible, which encrypts traffic between a site visitor and Cloudflare (but not Cloudflare and your origin server). To encrypt traffic between Cloudflare and your origin server, see SSL modes and Origin CA certificates.
Non-authoritative (Partial) domains
For non-authoritative or partial domains (domains on a CNAME setup), see our support article.
For additional info about changing your Domain Control Validation method, see Change DCV method.