SSL setup with Cloudflare

codrin

I thought I might share my recent experience with enabling SSL to one of our AwareIM apps given that it is so simple and it costs a fraction of what a normal setup for SSL does.

As part of our normal setup for hosted applications we use a service provided by Cloudflare which assists with reducing the latency experienced by users in different geo locations , and also controls the DNS settings of our domain.
While watching the SSL presentation from the Bali event I had a thought, and realised that the SSL service provided by CloudFlare works great with all my existing websites and other apps and perhaps it is worth investigating if it would work with AwareIM especially given that the cost per domain is only $5USD per month.
So I did and to my pleasant surprise it works really well, it passes all tests and it takes less than 5 minutes to setup. Below is a step by step tutorial on how I did this:

1. The screenshot below shows the typical dashboard for a domain in Cloudflare. Notice that the SSL option is set to Flexible.

2. Here you can see how to setup the DNS settings for your subdomain/s where your AwareIM instances reside. The other major possible advantage is the fact that if you have multiple instances of AwareIM running on multiple subdomains the same subscription for your main domain will work for all subdomains SSL.

3. In my case to provide proper functionality I needed to create page rules within CloudFlare which controls how they cache things etc. The screenshot below shows that I chose not to cache any AwareIM generated PDF docs with one rule and other settings which you can see in the next step in another rule.

4. This is the detail setup for the second rule which enables basic caching and turns off some features that can interfere with AwareIM

5.After the setup is completed I've ran a SSL check to see the results

6.Finally you can see the actual app with a valid SSL connection

customaware

Great post Codrin.

Thanx for the Tip.

tford

Excellent post, Codrin!

It's a huge help when users post detailed step-by-step tips with screen shots as well. A HUGE time saver for us all.

johntalbott

Really nice!

hpl123

Very nice, thanks for sharing Codrin. Now the golden questions, can the same solution be used as a loadbalancer i.e use Cloudflare for easy and cheap SSL + loadbalancing for Aware IM applications?

codrin

Cloudflare is a distribution network and CDN not a load balancing solution. It will assist enormously in speeding up your cloud hosted app and make it feel as if it is hosted on the users's PC from just about any location on the globe and of course other goodies like SSL and other security related topics like IP blocking per country , SSL, DDos attacks etc.
BTW , a colleague of mine pointed out to me, that even the free accounts from Cloudflare have the use of SSL, so maybe the title of this post should be Free SSL 🙂 .

weblike

Very nice post codrin. Many thx.
Question: Do you have an older subscription to cloudflare? Because now the cheapest is 20$/month.

hpl123

Yes it is CDN but a search like this brings back some interesting results:
Google "use cloudflare for loadbalancing".

If the cloudflare solution also could be used as a rudimentary loadbalancer it would be easy/cheap to setup and could be used for non-critical apps at least.

codrin

George,

I have the $20/month account which is what you pay for the first domain, subsequent domains that you add to your account are $5/ month / domain. I have all my domains with them.