Cloudflare with free SSL setup - 2025 update

[Kent Briggs]

These are updated instructions for creating a Cloudflare account and installing their free SSL cert. Cloudflare is a reverse proxy service with both free and paid plans. The main benefits of a reverse proxy is for IP address anonymity and DDOS protection. The free SSL cert is a bonus.

1. Create an account at https://www.cloudflare.com/plans/. Their free plan is all you need to get started. If you don't have a domain name you can buy one directly from Cloudflare at wholesale prices. If another registrar like GoDaddy hosts your domain name then Cloudflare will display the name servers you will need to enter in your registrar's account. Once that propagates around the world, your domain name will point to CloudFlare and they will pass all traffic to your IP and route all responses back to the user such that they will not know your true IP.

2. Cloudflare only supports a limited set to ports. Specifically 80, 8080, 8880, 2052, 2082, 2086, and 2095 for the non-SSL ports and 443, 2053, 2083, 2087, 2096, 8443 for the SSL ports. The default ports in Poker Mavens 7 are in these groups. The default ports in older versions are not and must be changed.

3. In the SSL/TLS Overview section, make sure the current encryption mode is set to "Full (strict)". If not, click the Configure button, then select Full (Strict) mode in the Custom section. Then click the Save button.

4. In the SSL/TLS Edge Certificates section, make sure the "Always Use HTTS" is toggled on.

5. In the SSL/TLS Origin Server section, click the "Create Certificate" button. Leave all the default settings and click the Create button. Copy the "Origin Certificate" text to the clipboard and save it to a local text file (call it PMCert.crt or whatever you want). Copy the "Private Key" text to the clipboard and save it to a local text file (call it PMCert.key or whatever you want). Click the Ok button.

6. Go to this page to get the root cert file:

https://developers.cloudflare.com/ssl/o ... ertificate

Scroll down to the "Additional details" section and click the link labeled: "Cloudflare Origin RSA PEM". That will put a file named origin_ca_rsa_root.pem in your Downloads folder.

7. Put all three files from above on your poker server. A good place for them is the SSL subfolder inside your PM data folder.

8. In the PM 7 Service Manager, make these settings:

SSL encryption = Yes
SSL key file = full path to .key file
SSL password = (leave blank)
SSL cert file = full path to .crt file
SSL root certificate file = full path to origin_ca_rsa_root.pem
SSL redirect = Yes

9. Register and Start service. Load the Admin Console and make sure there are no errors in the Error Log. Then check these settings on the System tab:

Server Settings -> Proxy IP header = CF-Connecting-IP
Server Settings -> Proxy WSS = No

10. Click Start to put server online. Test your https connection.

[Kent Briggs]

If you want an SSL cert without a Cloudflare account, you can buy them for less than $12 per year by using my CSR utility and following the instructions shown here: https://www.briggsoft.com/docs/pmavens/ ... es.htm#ssl