If your domain is pointed using Cloudflare nameservers, you will be able to use the free SSL certificate provided by them. There are different options to get the same for the main domain, including subdomain(wildcard), etc. There is no manual installation required if you are just enabling the 'Flexible' option but it will provide encrypted traffic between the browser and Cloudflare. But it is recommended to have a full(Strict) setup that encrypts end-to-end but requires a trusted CA or Cloudflare Origin CA certificate on the server. Here I am providing the steps to do it from the Cloudflare panel:
- Log in to the Cloudflare panel and go to SSL/TLS section after selecting the website you need to manage.
- The recommended way is to use the option Full (strict) which provides complete encryption.
- In order to complete this strict setup, the certificate needs to be installed on the server-side as well. To generate it, go to the 'Origin Server' option in the SSL/TLS section.
- Just select the required options and get the certificate files including intermediate CA.
- You can simply install it on your server. If cPanel is there, you can simply upload the certificate files there. Once it is installed, you are done.