Hi

I have my own ssl certificate installed on my nginx server with these nginx rules:

	ssl on;
    ssl_certificate /etc/letsencrypt/live/exemple.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/exemple.com/privkey.pem;
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA;
    ssl_session_cache shared:SSL:50m;
    ssl_dhparam /etc/letsencrypt/live/exemple.com/dhparam.pem;
    ssl_prefer_server_ciphers on;

I am now using cloudflare and it has its own ssl even with the free plan, so when I load my website it shows cloudflare certificate and not mine.

Now my question is can I or should I remove any of those line in my nginx config? Seems to be overkill to have 2 certificate loading.

@ASTRAPI tagging you cause you know cloudflare. But anyone is welcome to give their 2 cents.

Thank you

You must use Cloudflare certificate as the requests pass from there but that's not an issue.....

Just enable the Full option at crypto and you are done

There is no performance issue on that...

So removing those line in Nginx won’t improve anything? 

I guess that you will need that lines for your ssl at your server level that is needed !

You should have an ssl on your server and then enable the FULL option at Cloudflare.