Cloudflare offers four options that can be enabled for domains running through Cloudflare. The choices are:
The Universal SSL option Cloudflare offers on the Free plan can take up to 24 hours to activate. In addition, the free SSL option does have limitations as to which browsers and operating systems will work with it that site owners should consider before choosing this option for their domains.
Cloudflare’s Universal SSL option available on paid plans generally activates in approximately 10-15 minutes. The limitations present in Universal SSL on the Free plan do not apply for Universal SSL issued for the paid plan.
Cloudflare now offers the a la carte option of Dedicated Certificates to any plan level. This generally activates in approximately 10-15 minutes. A zone will this certificate will be the only zone specified on the common name, unlike Universal SSL which uses shared certificates. This also helps pass PCI compliance.
Dedicated certificates with Custom Hostnames eliminates the fourth level subdomain restriction.
Custom SSL is chosen by customers that want to upload their own certificates to Cloudflare so that their information shows when a visitor checks the certificate. The Custom SSL option is often chosen by customers that had paid for an EV or OV Certificate, and would like to continue to display this information to visitors that visit the site.
Keyless SSL is for Enterprise customers only. Keyless SSL is designed for organizations that can not hand over control of their keys to another organization, and entities interested in Keyless SSL will need to contact our Enterprise Sales Team for more information and pricing.