how to use cloudflare zero trust certificates in self-hosted enviroment To use Cloudflare Zero Trust Certificates in a self-hosted environment, you'll need to: Overview: Generate a private key and a certificate signing request (CSR) on your server. You can use tools like OpenSSL to do this. Submit the CSR to Cloudflare and request a Zero Trust (ZT) certificate. You'll need to prove that you own the domain by either adding a DNS record or uploading a file to your web server. Once you receive the ZT certificate from Cloudflare, install it on your server along with the private key you generated in step 1. Configure your web server to use the ZT certificate for SSL/TLS connections. Here's a more detailed step-by-step process: Generate a private key and a CSR On your server, run the following command using OpenSSL to generate a private key and a CSR: openssl req -out example.com.csr -new -newkey rsa:2048 -nodes -keyout example.com.key This will generate a private key ( example.com.key) and a CSR ( example.com.csr). Submit the CSR to Cloudflare Log in to your Cloudflare account and go to the SSL/TLS tab. Under Zero Trust, click "Request Certificate". Enter the domain name for which you want to request the certificate, and paste the contents of the CSR file you generated in step 1. Choose the email address to which you want the certificate to be sent. Next, you'll need to prove that you own the domain. You can do this by clicking on the "Add DNS record" or "Upload file" buttons, and following the instructions provided by Cloudflare. Once this process is complete, Cloudflare will issue your Zero Trust certificate. Install the certificate on your server Cloudflare will send you an email with a link to download your ZT certificate. Download the certificate and save it as example.com.crt. Upload the certificate and the private key to your server. On Apache, for example, you can create a new virtual host configuration file ( example.com.conf) and add the following lines: ServerName example.com SSLEngine on SSLCertificateFile /path/to/example.com.crt SSLCertificateKeyFile /path/to/example.com.key Verify the configuration Restart your web server and verify that SSL/TLS is working correctly by visiting your website using HTTPS. That's it! You should now be able to use Cloudflare's Zero Trust certificates in your self-hosted environment.