Enable Universal SSL certificatesBy default, Cloudflare issues — and renews — free, unshared, publicly trusted SSL certificates to all Cloudflare domains.
The process for activating a Universal SSL certificate depends on your domain’s DNS setup.
Full DNS setup
For an authoritative or full domain — domains that changed their – your domain should automatically receive its Universal SSL certificate between 15 minutes to 24 hours of domain activation. Provisioning time depends on certain security checks and other requirements mandated by Certificate Authorities (CA).
This certificate covers your root domain (
example.com) and all first-level subdomains (
For sites that require an SSL/TLS certificate prior to migrating traffic to Cloudflare, you could do the following:
- Purchase an .
- Upload a prior to migrating (and then delete the certificate after your ).
- Keep DNS records until your .
Partial DNS setup