How to Setup Cloudflare DNS Proxy and GCP Load Balancer with HTTPS?
I have Cloudflare DNS Proxy connect to my GCP load balancer API endpoint via HTTPS with a signed google certificate. The load balancer has a firewall rule allowing only Cloudflare IPs to connect. Once every 3 months in order to update the google certificate I need to disable the firewall rule and turn off the DNS proxy. A manual process that lowers my security.
Is there a better approach to this?
For anyone who gets here, the best solution I found was creating your own signed certificate with a long expiry time, installing it in gcp load balancer and having cloudflare work in strict mode (not full) so it will check for encrypted traffic but not validate the certificate with an registering authority