1. Head over to “Crypto” tab SSL from the drop-down.
I recommend Full(strict) Option because this will make sure everything is delivered through HTTPS instead of mixed protocols.
2. Create origin Certificates through Cloudflare
Make sure you have an entry in the hosts that covers subdomains and the main domain
3. Save Keys
This will generate two keys. When is your private key and the other is your public certificate. Go ahead and save both of these on your server. You are going to use these in your vhost settings.
4. Now open your vhost configuration file for the domain and add two server blocks. One server block will handle port 80 (HTTP) and will redirect all the traffic to port 443 (HTTPS)
5. Some people usually skip the points 4 and 5 and just enable redirection in the cloudflare interface. I personally had some issues with this especially the website had multiple servers running on different ports and they needed to communicate with each other. But if your website is simple, then you’ll be fine with this step.