Cloudflare Docs
Learning Paths
Edit this page on GitHub
Set theme to dark (⇧+D)

Check domain SSL/TLS

  2 min read

Once you add and activate your domain at Cloudflare, you also should check your domain’s SSL/TLS certificate is working correctly.

What are SSL/TLS certificates?

SSL/TLS certificates let websites use https at the start of the URL (instead of http), which is a more secure connection protocol. HTTPS is good for website security, user privacy, SEO, and much more.

For more details on SSL/TLS, refer to the Learning Center.

By default, Cloudflare issues — and renews — free, unshared, publicly trusted Universal SSL certificates to all domains added to and activated on Cloudflare.

For domains on a full setup1, your domain should automatically receive its Universal SSL certificate within 15 minutes to 24 hours of domain activation2.

This certificate will cover your zone apex (example.com) and all first-level subdomains (subdomain.example.com), as long as your domain or subdomains have proxied DNS records within Cloudflare DNS.


  1. The most common Cloudflare setup that involves changing your authoritative nameservers. ↩︎

  2. Provisioning time depends on certain security checks and other requirements mandated by Certificate Authorities (CA). ↩︎

​​ Can you visit your website?

To make sure your website’s SSL/TLS is working correctly, try visiting your website over an HTTPS connection (where you specify the https:// at the beginning of the URL, like https://example.com).

If you have any deeper subdomains (test.www.example.com), also try visiting those over HTTPS (https://test.www.example.com).

​​ Potential issues

Sometimes, domains added to Cloudflare can experience issues in SSL/TLS certificates.


For more details on these errors and how to fix them, refer to the following resources: