Cloudflare offers four options that can be enabled for domains running through Cloudflare. The choices are:
Free Universal SSL
The free Universal SSL option Cloudflare offers can take up to 24 hours to activate. In addition, the free SSL option does have limitations as to which browsers and operating systems will work with it that site owners should consider before choosing this option for their domains.
Note: Free Universal SSL can not be activated for domains that have signed up through a hosting partner at this time. If you activated through a Cloudflare hosting partner, then please sign up for the regular SSL option at this time.
Cloudflare’s standard SSL option available on paid plans generally activates in approximately 10-15 minutes. The limitations present in Universal SSL do not apply relative to browsers and operating systems supported with Standard SSL.
Cloudflare now offers the a la carte option of Dedicated Certificates to any plan level. This generally activates in approximately 10-15 minutes. A zone will this certificate will be the only zone specified on the common name, unlike Universal SSL which uses shared certificates. This also helps pass PCI compliance.
Dedicated certificates with Custom Hostnames eliminates the fourth level subdomain restriction.
Custom SSL is chosen by customers that want to upload their own certificates to Cloudflare so that their information shows when a visitor checks the certificate. The Custom SSL option is often chosen by customers that had paid for an EV or OV Certificate, and would like to continue to display this information to visitors that visit the site.
Keyless SSL is for Enterprise customers only. Keyless SSL is designed for organizations that can not hand over control of their keys to another organization, and entities interested in Keyless SSL will need to contact our Enterprise Sales Team for more information and pricing.