Does Cloudflare support password protected private keys for Custom SSL?

Cloudflare's Custom SSL will not allow you to upload a password protected private key to the upload interface since it's a security hazard. Best practices are to strip the password from the private key and then upload it to the control panel.

To begin, install OpenSSL which is an open source free software that implements the SSL/TLS protocols as well as a robust, general purpose cryptography library.

For Linux:

  1. Install the package from your package manger:
    sudo apt-get install openssl
    sudo pacman -S openssl
    sudo yum install openssl
  2. Navigate to the directory that holds your .pem file with your password protected private key

  3. Run this command: 
    openssl rsa -in your_pem_file.pem -out key.pem
    [ Enter the password when prompted ]
  4. Copy and paste the contents in key.pem into the Cloudflare private key box
  5. Click Upload

For Windows:

  1. Download the latest version for your x86 or x86_64 machine:
    http://indy.fulgan.com/SSL/
  2. Open the .zip file and extract it to a famliar folder
  3. Run openssl.exe
  4. Run this command:
    rsa -in C:\Path\To\Your\Pem\File\file.pem -out key.pem
    [ Enter the password when prompted ]
  5. Copy and paste the contents in key.pem into the Cloudflare private key box
  6. Click Upload

 

Still not finding what you need?

The Cloudflare team is here to help. 95% of questions can be answered using the search tool, but if you can’t find what you need, submit a support request.

Powered by Zendesk