Certificate packs allow Cloudflare to fallback to a different SSL certificate for visitors who do not support the latest standards.
Cloudflare allows uploading Custom SSL certificates with different signature algorithms into certificate packs such as for SHA-2 ECDSA, SHA-2 RSA, or SHA-1 RSA. The Cloudflare SSL/TLS app automatically groups Custom SSL certificates that share the same hostnames and wildcards in the common name (CN) or subject alternative name (SAN) and serves the proper certificate to visitors based on their browser's crypto capabilities. Multiple certificates for the same hostnames only count as 1 SSL certificate against your Custom SSL quota.
Visitors using recent versions Google Chrome, Mozilla Firefox, Microsoft Edge, Apple Safari, etc. see a SHA-2 ECDSA certificate. Alternatively, old browsers such as Internet Explorer 6 see a SHA-1 certificate.