Free Trial
Contact Us

Knowledge Base

Knowledge BaseSSL

How to upload & bind your certificate on Cloudflare? 

Updated on January 17, 2026

How to upload & bind your certificate on Cloudflare? 

Overview: 
This guide provides the step-by-step process for uploading a custom SSL certificate to Cloudflare and ensuring it is properly bound to your domain. This enables Cloudflare to serve your certificate at the edge and ensures secure HTTPS connections. 

Audience: 
Users responsible for SSL/TLS configuration, website security, or platform administration. 

Prerequisites 

Before you begin, ensure you have the following: 

  • Your SSL certificate file (e.g., cert.pem)  
  • The corresponding private key (e.g., privkey.key) 
  • The CA chain (root + intermediate certificates from your CA)  
  • Administrator access to your Cloudflare dashboard 

 

Steps to upload and bind SSL certificate on Cloudflare 

Step 1: Prepare Your Certificate Files 

You need three pieces: 

  1. Certificate (e.g. cert.pem) 
  1. Private Key (e.g. privkey.key) 
  1. CA Chain (Root + intermediates from the CA) 

Cloudflare supports: 

  • PEM bundles 
  • PKCS#7 (.p7b) 
  • Full chains for BYOPKI deployments 

 

Step 2:  Upload Your Certificate via Cloudflare Dashboard 

  1. In the Cloudflare dashboard, go to the Edge Certificates page. 
  1. In Edge Certificates, select Upload Custom SSL Certificate.  

 

  1. Copy and paste relevant values into SSL Certificate and Private key text areas (or select Paste from file). 

Note: If doing this manually, include the ---BEGIN CERTIFICATE--- and ---END CERTIFICATE--- like the placeholder text. 

 

  1. Choose the appropriate Bundle Method. 
  1. Select a value for Private Key Restriction. 
  1. Select a value for Legacy Client Support, which specifies Server Name Indication (SNI) support: 
  • Modern (recommended): SNI only 
  • Legacy: Supports non-SNI 

Warning: Custom certificates of the type of legacy_custom are not compatible with BYOIP. 
 
 For further information, Resource: Manage custom certificates · Cloudflare SSL/TLS docs 

 7. Select Upload Custom Certificate. If you see an error for The key you provided does not match the certificate, contact your Certificate Authority to ensure the private key matches the certificate. 

3. Switch SSL Mode (if needed) 

To ensure Cloudflare uses your certificate: 

  1. Go to SSL/TLS Overview 
  1. Set mode to Full or Full (Strict) if your origin also has certificates 
    (Full Strict requires valid origin certs.) 

 


Related Articles: Manage custom certificates · Cloudflare SSL/TLS docs 
Tags:

Need help?

Need help making a purchase? Contact us today to get your certificate issued right away.

Live chat

Click the button below or click "Chat with an Expert" to start chatting with us now!

Start Chat

Call us today

United States
+1 888 266 6361
France
+33 3 66 72 95 95
Italy
+39 02 4792 1708
Spain
+34 900 838 451
Germany
+49 800 1002328
International
+1 914 732 844

Resources