I will assume that you have:

  • Working Nginx server
  • Working Virtualhost on your web server
  • Registered your website on CloudFlare
  • Enabled [Full Strict] SSL from the [Crypto] section in your CloudFlare account

Okay, Lets start!

  1. Open your CloudFlare account
  2. Navigate to the Crypto section
  3. Scroll down to Origin Certificates
  4. Click on Create Certificate
  5. Choose PEM as your format
  6. Make a file named yourdomain-com.key with the Private Key as content
  7. Make a file named yourdomain-com.pem with the Origin Certificate as content
  8. Make a dir called certificates in your /var/ directory
  9. Copy the Files you created into it
  10. Open your virtual host file
  11. And do this:
#After the Server { line add the following content:

    listen 80;
    listen [::]:80;

    listen 443 ssl;
    listen [::]:443;

    ssl        on;
    ssl_certificate         /var/www/ssl/yourdomain-com.pem;
    ssl_certificate_key     /var/www/ssl/yourdomain-com.key;

#reload Nginx web server with the following command:
service nginx reload

Thats it! Now your web servers works with Full Strict SSL encryption! Enjoy it.