It took about 48 hours for CloudFlare to provision the SSL for my URL and at the end of this, I get a trusted SSL certificate.
The technicality of how CloudFlare did this can be found here. In short, they make use of SNI where you can have multiple SSL certificates on a single IP, whereas traditionally, we need 1 IP per SSL certificate.
While CloudFlare has done most of the heavy weight lifting on their end, there are a couple of things I need to do to make my site completely loaded over SSL.
I run a WordPress blog here. So, there are a few things to be updated.
Firstly, I created a self-signed certificate for my Nginx web server. CloudFlare has this option of Flexible SSL, where they proxy request to your web server via HTTP instead of HTTPS. I went one notch up for Full SSL, where you will need a self-signed SSL certificate on your server, and all request between CloudFlare will be encrypted. Since we are already employing SSL at the front-end, we might as well make it end-to-end.
The next thing to do is to update all the links in your WordPress posts to point to ‘https’ instead of ‘http’. WordPress uses absolute links instead of relative links, so if this is not updated, the browser will complain that some resources on your site are not loaded over SSL.
To do this very quickly, I install this plugin called ‘Velvet Blue Update URL‘
The whole process is very simple. Took me last then 20 seconds to update all the URLs.
The last thing to change, is updating the Site URL and Home URL parameters in WordPress itself.
And that’s it. You will see this green SSL icon in your address bar indicating that the site is loaded completely over SSL.