I’m currently trying to set up my first Ghost blog through the 1-Click app at DigitalOcean and I have a question regarding SSL encryption.
During the Ghost installation process (Ghost-CLI), HTTPS gets automatically set up though Let’s Encrypt. However, I would like to use a Cloudflare account for DNS settings and SSL encryption.
Once the Ghost setup was done, I redirected my IP to my Cloudflare and domain. At that point, blog was not accessible through my domain as I would get a redirect error (it worked when accessing through the IP address though). I went into the encryption settings inside my Cloudflare account and changed the settings from ‘Flexible’ to ‘Full’. That seemed to work and make my site accessible.
Here’s my question: Will the SSL certificate ‘overwrites’ itself with Cloudflare’s even after installing Let’s Encrypt? Or is there a better way to do this? I hope my question makes sense, I’m very new at this.
I am not sure if I understand everything. Are you saying that we should keep both Let’s Encrypt and CloudFlare SSL? Also, what is the difference between Full and Full (strict)? Which one would you recommend?
I have another question if you don’t mind During the installation of Ghost (through DigitalOcean’s 1-Click app, I noticed that this message comes up during the setup:
Once complete, you are encouraged to run mysql_secure_installation to ready your server for production.
Do I need to do something? Or does the 1-Click app do everything for me?
